Privacy Policy for Customers of Flower Delivery Northolt

Overview and Scope

This Privacy Policy explains how Flower Delivery Northolt collects, uses, stores, and protects your personal data when you place orders for our flower delivery services in Northolt and the surrounding districts. We take your privacy seriously and are committed to complying with all relevant data protection laws, including the UK General Data Protection Regulation (GDPR).

What Personal Data We Collect

To provide our services efficiently, we collect and process certain personal information about you. The types of data we routinely collect include:

  • Contact Information: Name, delivery address, billing address, and telephone number.
  • Order Details: Details of the flowers or products ordered, messages requested on greeting cards, and any special delivery instructions.
  • Payment Information: Card details or other payment information, processed securely by our payment partners (we do not store card details ourselves).
  • Communications: Correspondence with our customer service, including feedback and queries.
  • Digital Identifiers: IP address, device information, and browsing data when you use our website, for security and performance monitoring.

Lawful Basis for Data Processing

We process your personal data only where there is a lawful basis under the GDPR. The main lawful bases relevant to our activities include:

  • Contractual Necessity: Most of the personal data we collect from you is required for fulfilling your order (such as your name, address, and order details).
  • Legitimate Interests: We may process data for legitimate purposes, such as improving our services, handling queries, or preventing fraud, where such interests are not overridden by your rights.
  • Legal Obligations: Certain records may be retained as required by law, including tax and accounting purposes.
  • Consent: For some uses, such as sending you marketing updates (if applicable), we will rely on your explicit consent, which you can withdraw at any time.

How We Use Your Personal Data

We may use your personal data for the following purposes:

  • Processing and delivering your orders efficiently and accurately.
  • Communicating with you about your order status, delivery, and any issues or requests related to your purchase.
  • Managing payments and transactions securely via trusted payment processors.
  • Responding to customer service inquiries, complaints, or feedback.
  • Improving our website, products, and services, including monitoring website usage and troubleshooting technical issues.
  • Complying with legal obligations and regulatory requirements.
  • Sending you marketing communications (where permitted and with your consent).

How Long We Retain Your Data

We keep your personal data only for as long as it is necessary for the purposes for which it was collected, or as required by law. In general:

  • Order and delivery records are kept for up to seven years, to comply with accounting and tax regulations.
  • Communication records are typically retained for up to two years after your last contact with us, unless required for longer by law or to resolve disputes.
  • Marketing preferences and consent records are kept until you withdraw your consent or ask for deletion.
  • Technical data (such as logs) are kept for a maximum of 12 months for security purposes.

Our Data Processors and Third Parties

To provide our flower delivery services, we may share necessary personal data with trusted third-party service providers (data processors). Examples include:

  • Payment processing providers for secure transactions.
  • IT and web hosting companies to maintain the functionality and security of our website.
  • Delivery partners who assist in fulfilling and delivering your order.
  • Professional advisors (such as accountants or legal representatives) when required by law.

All third parties are contractually obliged to adhere to the same strict data protection standards as Flower Delivery Northolt. Data is never sold or shared for commercial purposes unrelated to the services you have requested.

Your GDPR Rights as a Customer

As a data subject under the GDPR, you have a range of rights relating to your personal information:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request correction of any incomplete or inaccurate information.
  • Right to Erasure: You may request deletion of your personal data in certain circumstances, except where retention is necessary for legal compliance or legitimate business purposes.
  • Right to Restrict Processing: You can ask us to restrict how we use your data while we resolve a query.
  • Right to Object: You can object to the processing of your personal data for direct marketing or under certain legitimate interests.
  • Right to Data Portability: Where processing is based on consent or contract, you may request to receive your data in a commonly used format, or have it transferred to another provider.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw this at any time, without affecting prior lawful processing.

To exercise any of these rights, please contact us using the contact details provided on our website or in your order confirmation. We will respond to requests in accordance with applicable laws and within statutory timeframes.

Security of Your Data

We employ a range of physical, technical, and organizational measures to protect your data against unauthorized access, loss, or theft. These include encrypted connections for online transactions, restricted access to personal data, staff training, and regular review of our security practices.

International Transfers

As a UK-based service, we endeavour to store and process all personal data within the United Kingdom or the European Economic Area. Should there be any need to transfer data internationally, we ensure that such transfers are made in compliance with GDPR requirements, such as using appropriate data protection safeguards.

Policy Updates

This Privacy Policy may be updated from time to time to reflect changes in the law, technology, or our business operations. Any significant changes will be communicated clearly to customers where appropriate.

How to Contact Us

For questions or concerns regarding your personal data or this Privacy Policy, please reach out to us using the contact form on our website or the communication channels provided with your order. If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO).

This policy applies to all customers placing Flower Delivery Northolt orders from Northolt and the surrounding districts. We encourage you to review it regularly and contact us with any queries about your privacy.