How We Protect Your Personal Information at Flowers East Sheen

Introduction

This Privacy Policy describes how Flowers East Sheen collects, uses, stores, and protects the personal data of customers placing orders from East Sheen and the surrounding districts. We are committed to maintaining the privacy and security of your personal information in accordance with the UK General Data Protection Regulation (GDPR) and relevant data protection laws.

Scope of the Policy

This Privacy Policy applies to all individuals who place orders for Flowers East Sheen products and services from East Sheen and neighboring districts. By placing an order or using our services, you acknowledge the collection and use of your data as described in this policy. Please read this policy carefully to understand your rights and our obligations.

What Data We Collect

We collect and process the following types of personal data to provide our products and services:

  • Identity Information: Name of the customer and recipient (if applicable).
  • Contact Information: Delivery address, billing address, and phone numbers (if provided), as well as any special delivery instructions you provide.
  • Order and Payment Details: Information about the products ordered, order history, and payment transaction details (note that we do not store actual credit or debit card numbers; payments are processed by secure third-party providers).
  • Communications: Correspondence with Flowers East Sheen, including enquiries, feedback, and requests via web forms or other communication channels.
  • Technical Data: IP address and device/browser type, collected when you place an order on our website to ensure security and offer support.

Lawful Basis for Processing Your Data

We will collect and process your personal data only where we have a valid lawful basis to do so under GDPR. This includes:

  • Consent: When you voluntarily provide information for special requests or agree to receive marketing communications.
  • Performance of a Contract: To process your order, deliver flowers, communicate regarding the order, and provide after-sales support.
  • Legal Obligation: To comply with applicable UK laws and regulations, including tax law and consumer protection.
  • Legitimate Interests: For the purpose of improving services, preventing fraud, or defending our legal rights, as long as these interests do not override your fundamental rights and freedoms.

How We Use Your Data

All personal data collected is used to provide you with the best possible service. Specifically, we use your data to:

  • Process and fulfil orders for flowers and related products.
  • Contact you regarding your order or service experience.
  • Deliver products to your specified address.
  • Respond to your enquiries, feedback, or complaints.
  • Comply with legal obligations, such as maintaining financial records.
  • Improve our services and customer experience.

How Long We Retain Your Data

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy:

  • Order and transaction details are retained for a maximum of 7 years, as required by UK tax and legal obligations.
  • Records relating to enquiries or correspondence are kept up to 2 years after your last interaction.
  • Data for marketing purposes is retained only until you withdraw consent or opt out of receiving such communications.
  • When data retention is no longer required, personal data is securely deleted or anonymised.

Processors and Data Sharing

Flowers East Sheen works with trusted third-party service providers (data processors) to support the delivery of our services. We ensure these processors adhere to GDPR requirements and only process your data in accordance with our instructions. Our processors may include:

  • Payment processors: For secure transaction handling. Flowers East Sheen does not retain your card details.
  • Certain delivery partners: For fulfilling orders to recipients in East Sheen and nearby areas.
  • IT service providers: For hosting our website, customer management, and backup services.

We do not sell or rent your personal data to any third party. Data is shared only as necessary to fulfil your orders, deliver services, comply with laws, or protect our business.

How We Protect Your Data

We implement a range of physical, electronic, and organisational measures to secure your personal information against loss, theft, or unauthorised access. This includes data encryption, secure servers, limited access controls, and staff training in data protection. We routinely review our processes to strengthen security and ensure compliance with applicable laws.

Your Rights Under GDPR

You have the following rights under the GDPR regarding your personal data:

  • Right of Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can ask us to correct any inaccurate or incomplete personal data we hold.
  • Right to Erasure: You can request deletion of your personal data in certain circumstances.
  • Right to Restriction: You can ask us to restrict the processing of your personal data in certain situations.
  • Right to Data Portability: You can request transfer of your data to yourself or another service provider in a structured, commonly used format.
  • Right to Object: You can object to the processing of your personal data in specific circumstances, including for direct marketing purposes.

If you wish to exercise any of these rights, or have questions regarding your personal data, please contact us using the details provided on our website or customer service materials. We will respond to your requests in line with our legal obligations and within one month of receipt.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in legal requirements or our business operations. We encourage customers to review this policy regularly to stay informed about how we protect your data.

Contacting Flowers East Sheen

Should you have any questions or concerns about our processing of your personal data, or wish to lodge a complaint, you can contact us using the details provided on our website. You may also raise concerns with the Information Commissioner's Office (ICO) if you believe your data rights have not been upheld.