Privacy Policy for Flower Delivery Leamouth

Introduction

This Privacy Policy explains how Flower Delivery Leamouth (‘we’, ‘us’, or ‘our’) handles the personal data of customers placing flower delivery orders from Leamouth and the surrounding districts. We are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Scope of This Policy

This Privacy Policy applies to all individuals placing orders for flower delivery with Flower Delivery Leamouth, whether through our website, by telephone, or in person, where the delivery address is in Leamouth or the neighbouring areas. By using our services, you acknowledge and agree to the practices described in this document.

Personal Data We Collect

Depending on how you interact with us, we may collect and process the following categories of personal data:

  • Contact Information: Name, delivery address, billing address, email address, and telephone number.
  • Order Details: Product selections, special instructions, card messages, recipient details, and delivery preferences.
  • Payment Information: Payment card details, transaction details, and billing information (processed securely through our payment processors).
  • Communication Data: Correspondence with our customer service, including queries, feedback, or complaints.
  • Technical and Usage Data: IP address, browser type, access times, and website usage patterns (collected via cookies and similar technologies, as described in our cookie policy).

Lawful Basis for Processing

The GDPR requires us to identify valid legal bases for processing your personal data. We primarily rely on the following grounds:

  • Contractual Necessity: To fulfil your orders and provide related services, including processing payments, arranging deliveries, and sending order confirmations.
  • Legitimate Interests: To respond to enquiries, improve our services, and prevent fraud, provided these interests are not overridden by your rights and interests.
  • Legal Obligations: To comply with applicable laws and regulations, such as recordkeeping and tax requirements.
  • Consent: For activities such as direct marketing, if you have expressly opted in. You can withdraw your consent at any time.

How We Use Your Data

We use your personal data for the following purposes:

  • Processing and delivering your orders, including the delivery of flowers and communication with recipients.
  • Processing payments and, if necessary, refunds.
  • Communicating with you regarding your orders or requested services.
  • Providing customer support and handling complaints or feedback.
  • Improving our products and services by analysing usage and feedback.
  • Complying with our legal and regulatory obligations.
  • Sending direct marketing communications where you have given consent or as otherwise permitted by law.

Data Retention

Your personal data is only retained for as long as necessary to fulfil the purposes for which it was collected, including for legal, accounting, or reporting requirements. The criteria used to determine our retention periods include:

  • The need to retain data to fulfil your order or provide services.
  • Our legal or regulatory obligations.
  • The period during which a claim could be brought against us.

Typically, we retain customer and transaction data for up to seven years to comply with applicable financial and tax regulations. After this period, data is deleted or anonymised unless a longer retention period is required by law.

Data Sharing and Processors

To provide our services, we may share your information with trusted third parties who act as data processors on our behalf. These may include:

  • Payment processing providers, who securely handle transaction and payment card information.
  • Delivery partners or couriers to facilitate the delivery of your floral orders.
  • IT and website hosting service providers involved in the operation of our site and secure storage of your data.
  • Professional advisers (such as accountants or legal advisers) where required for business operations or legal compliance.

All third party processors are required to adhere to strict confidentiality obligations, implement appropriate technical and organisational security measures, and only process your data as instructed by us.

We do not sell or rent your personal data to any third parties. We do not transfer your data outside the United Kingdom or European Economic Area unless suitable safeguards are in place as required by the GDPR.

Protecting Your Personal Data

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it from unauthorised access, accidental loss, disclosure, or destruction. These measures include secure servers, encryption of sensitive information, access restrictions, and regular staff training on data protection practices.

Your Rights Under GDPR

Under the GDPR, you have certain rights in relation to your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can ask us to correct inaccurate or incomplete data.
  • Right to Erasure: You can request deletion of your data where there is no legitimate reason for us to retain it.
  • Right to Restriction: You can request we limit the processing of your data under certain circumstances.
  • Right to Object: You can object to certain types of processing, such as direct marketing.
  • Right to Data Portability: You can request your data in a format that allows you to transfer it to another service provider.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.
  • Right to Lodge a Complaint: You have the right to make a complaint to the relevant supervisory authority if you believe your data protection rights have been infringed.

To exercise any of these rights, please use the contact details provided on our website or get in touch with our customer service team. We may request proof of your identity before actioning your request to protect your privacy.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational purposes. When we make changes, we will revise the updated date at the end of this policy. Please check back regularly to stay informed of any updates.

Contacting Us

If you have any questions, concerns, or requests related to this Privacy Policy or how we handle your personal data, please refer to our website’s contact page for ways to reach Flower Delivery Leamouth’s data protection representative. We are committed to investigating and resolving all concerns regarding your privacy and our data handling practices.

This policy was last updated on 1 June 2024.