Privacy Policy for Flowers South Hornchurch Customers

Introduction

This Privacy Policy explains how Flowers South Hornchurch ('we', 'us', 'our') collects, uses, stores, and protects your personal data when you place orders as a customer in South Hornchurch and the surrounding districts. We are committed to safeguarding your privacy and handling your data transparently, in accordance with the General Data Protection Regulation (GDPR) and other applicable laws.

Scope of Policy

This policy is applicable to all customers who place orders with Flowers South Hornchurch for delivery or collection within South Hornchurch and surrounding areas. By placing an order with us, you acknowledge and agree to the collection and processing of your personal data as detailed in this policy.

What Personal Data We Collect

We may collect and process the following types of personal data when you interact with our services:

  • Contact Information: Your name, delivery address, and telephone number.
  • Order Details: Information about the products or services you order, messages for recipients, and relevant delivery instructions.
  • Payment Information: Payment method details (such as card details processed securely via payment processors; we do not store your full card information).
  • Communication Data: Correspondence with us, including order confirmations, queries, and feedback.
  • Technical Data: Your IP address, browser type, and interaction data (collected via cookies or similar technologies) for website performance and analytics purposes.

Lawful Bases for Processing

Under the GDPR, we must have a valid lawful basis for processing your personal data. For Flowers South Hornchurch customers, our lawful bases include:

  • Contractual necessity: To process your order, deliver flowers, and communicate order updates. Without this data, we cannot fulfill your order.
  • Legal obligation: To comply with laws and regulations, such as maintaining financial records for tax purposes.
  • Legitimate interests: To improve our services, respond to your queries, or send service-related notifications (not for direct marketing unless you have given additional consent).
  • Consent: Where you have expressly given permission, for example, to receive marketing communications. You can withdraw your consent at any time.

How We Use Your Personal Data

Your data is used for the following purposes:

  • To accept and process your orders, arrange delivery or collection, and provide customer support.
  • To confirm your order, send delivery updates, and respond to your questions or requests.
  • To process your payment securely via our payment processors.
  • To maintain necessary records and accounts, as required by law.
  • To monitor our website's performance and improve your user experience, using technical information.

Retention of Personal Data

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected. The criteria for determining retention periods include:

  • Order and payment details: Retained for up to seven years for financial and tax compliance.
  • Communications: Retained for up to two years for customer service and quality assurance.
  • Marketing consent records: Retained until you withdraw your consent.
  • Technical data: Retained for up to one year for analytics and security.

At the end of the retention period, your data is securely deleted or anonymised.

Data Processors and Third Parties

To provide our services, we may share your data with trusted third-party processors, such as:

  • Payment processing companies to securely handle card payments.
  • IT and hosting providers for the secure storage and management of our website and systems.
  • Delivery partners to ensure your order reaches you or your recipient.
  • Professional advisers (such as accountants) for legal and regulatory purposes.

All processors are carefully selected and contractually obliged to protect your data and process it only as instructed by us. We do not sell or rent your information to third-party marketers. Your data is not transferred outside the UK or European Economic Area unless adequate safeguards are in place.

Your Rights Under GDPR

As a data subject, you have rights regarding your personal data:

  • Access: You may request a copy of the personal data we hold about you.
  • Rectification: You have the right to correct inaccurate or incomplete data.
  • Erasure: You may ask us to delete your data in certain circumstances (the "right to be forgotten").
  • Restriction: You can ask us to restrict processing of your data in certain cases.
  • Data portability: You have the right to obtain and reuse your data across different services.
  • Objection: You may object to processing based on legitimate interests or for direct marketing.
  • Withdraw consent: Where you have given consent, you may withdraw it at any time; this does not affect data processed before withdrawal.
  • Complaint: You have the right to lodge a complaint with the relevant data protection authority if you believe your rights have been violated.

How We Protect Your Data

We are committed to keeping your personal information safe and employ appropriate measures to prevent unauthorised access, use, or disclosure. These include secure servers, encrypted communications, regular staff training, and restricted access to personal data only to those who need it.

Changes to This Privacy Policy

We may occasionally update this Privacy Policy to reflect changes in legal requirements or our practices. The updated policy will be posted on our website, with the effective date clearly stated. Please review this policy regularly to stay informed about how we process your data.

Contact, Queries, and Exercising Your Rights

If you have questions about this Privacy Policy, how your data is used, or wish to exercise any of your GDPR rights, please contact us using the contact methods available on our website or by writing to our business address. We are committed to responding promptly and addressing your concerns.