Flower Delivery South Hackney Privacy Policy

Introduction

This Privacy Policy is designed to inform all customers placing orders with Flower Delivery South Hackney, whether located in South Hackney or surrounding districts, of our firm commitment to maintaining your privacy and protecting your personal information, in accordance with the General Data Protection Regulation (GDPR).

Scope of this Privacy Policy

This policy governs the collection, use, storage, and disclosure of personal data provided by our customers when placing orders through Flower Delivery South Hackney. It covers all individuals who interact with our services, whether via our website, telephone, or in-person, strictly relating to the ordering and delivery of flowers within South Hackney and neighbouring areas.

Data We Collect

To complete your order and deliver our products and services, we may collect the following categories of personal data:

  • Identification and Contact Data: Full name, delivery address, billing address, contact number, and email address.
  • Order Details: Product selections, gift messages, special instructions, recipient’s name and address, and preferred delivery dates.
  • Payment Data: Transaction information (handled securely by third-party payment processors; we do not store your full payment details ourselves).
  • Technical Data: IP address, device type, browser details, and information collected automatically by cookies when you use our website (for analytics and security purposes).
  • Communications Data: Records of your correspondence with us, including order confirmations, enquiries, and feedback.

Lawful Basis for Processing Your Data

We process your personal data only when permitted by law, and always have a lawful basis for doing so. Our use of your data is based on at least one of the following grounds:

  • Performance of a contract: To process and manage your flower delivery order and provide related services.
  • Legitimate interests: For our business operations, such as better understanding customer needs, improving our service, addressing queries, and preventing fraud (unless your privacy rights override our interest).
  • Legal obligation: To comply with applicable laws and regulations, including accounting, tax, and consumer protection requirements.
  • Consent: Where we rely on your explicit consent for activities such as direct marketing; you may withdraw your consent at any time.

How We Use Your Personal Data

Your data is used exclusively for the following purposes:

  • To process, confirm, and fulfill flower delivery orders;
  • To communicate with you regarding your order status, changes, or delivery queries;
  • To manage your customer account and respond to your enquiries or feedback;
  • To maintain accounting and transaction records as required by law;
  • To facilitate secure payment processing;
  • To ensure the security and functionality of our website;
  • To send marketing communications, only where you have opted in to receive them.

Personal Data Retention

We retain your personal data only as long as is necessary for the purposes outlined in this policy and to meet our legal, accounting, or reporting requirements. Typically:

  • Order and delivery details are retained for up to seven years, in line with tax and business regulations.
  • Customer communications (enquiries, feedback) may be kept for up to two years to help resolve any issues or inform service improvements.
  • Where you have consented to receive marketing communications, your contact details will be retained until you unsubscribe or request deletion.

Once the retention period ends, your data will be securely deleted or anonymised so you can no longer be identified.

Disclosure to Third Parties

Your personal information is disclosed only when necessary to trusted third parties (processors) to deliver our services. We make every effort to ensure these parties are GDPR-compliant:

  • Payment processors: For handling secure financial transactions.
  • Delivery partners or couriers: To complete your flower deliveries.
  • IT service providers: For hosting, website maintenance, and data storage.
  • Professional advisors: Such as accountants or legal counsel, for compliance and business administration.

We do not sell, rent, or trade your personal data with any third parties for marketing purposes. All third-party processors are contractually obliged to safeguard your information and only process it according to our instructions.

Your Rights as a Data Subject

Under GDPR, you have a range of rights regarding your personal data. You may exercise these rights by submitting a request in writing. Your rights include:

  • The right to access: Request details of the personal data we hold about you.
  • The right to rectification: Request corrections to incomplete or inaccurate data.
  • The right to erasure: Ask us to delete your personal data where there is no lawful reason for us to continue processing it.
  • The right to restrict processing: Request that we limit the processing of your personal data in certain circumstances.
  • The right to data portability: Receive a copy of your data in a commonly used format or request that it be transferred to another data controller.
  • The right to object: Object to certain types of processing, such as direct marketing, at any time.
  • The right to withdraw consent: Where processing is based on consent, you may withdraw this at any time.

We endeavour to respond to all legitimate requests within one month. In some situations, particularly if the request is complex, it may take longer. Where your rights are exercised, we may request further information to verify your identity.

Data Security

We use a variety of security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include secure servers, encryption of transactional data, and regular security reviews. Despite these precautions, no method of transmission over the internet is absolutely secure, but we are committed to industry best practices to safeguard your information.

Changes to This Policy

We reserve the right to update or modify this Privacy Policy as necessary, to comply with legal requirements or reflect changes in our business operations. When significant changes are made, we will notify our customers via our website or other appropriate means. We encourage you to review this policy periodically to remain informed about how your data is protected.

Contact and Complaints

If you have questions or concerns about this Privacy Policy, or wish to exercise your data rights, please contact us through the usual customer service channels provided on our website or order forms. If you are not satisfied with our response or believe we are processing your personal data unlawfully, you have the right to lodge a complaint with your local data protection authority.