Privacy Policy for Flower Delivery Finchley Orders

Introduction

This Privacy Policy outlines how Flower Delivery Finchley (“we”, “our”, “us”) collects, uses, and protects your personal data in accordance with the General Data Protection Regulation (GDPR) and relevant UK data protection laws. This policy applies to all customers placing orders with Flower Delivery Finchley in Finchley and the surrounding districts. We are committed to ensuring your privacy and safeguarding your personal information.

What Data We Collect

When you place an order for flower delivery or interact with our services, we may collect and process the following categories of personal data:

• Identification Information: Name, title, and contact details (such as delivery address and billing address).
• Contact Details: Phone number(s) and optional contact preferences.
• Order Details: Product selections, special instructions, card message, and delivery instructions.
• Payment Information: Transaction details (provided to and processed by secure payment processors; we do not retain full card details).
• Communication Records: Details of customer service enquiries, complaints, correspondence, and any feedback provided.
• Technical Data: IP address, device information, and browsing actions on our website to improve site performance and user experience.

Lawful Basis for Processing

We process your personal data on the following lawful bases as permitted by the GDPR:

• Contractual Necessity: To process and fulfill your flower delivery orders as per your instructions.
• Legal Obligation: To comply with legal or regulatory requirements, such as tax and accounting rules.
• Legitimate Interests: For improvement of our services, fraud prevention, and responding to your queries or feedback, provided our interests are not overridden by your rights and interests.
• Consent: Where you opt-in to receive marketing communications or newsletters, we rely on your consent, which you may withdraw at any time.

How We Use Your Data

Your personal data is used for the following purposes:

• Processing and delivering your flower order as requested
• Communicating with you regarding your order status or queries
• Providing customer support and resolving complaints
• Improving our services, understanding purchasing trends, and enhancing your customer experience
• Meeting legal, regulatory, or compliance obligations
• Sending marketing updates or offers, only with your explicit consent

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Typically, we retain order and transactional records for a minimum of 6 years as required by tax authorities. Customer service correspondence may be kept for up to 3 years to address any subsequent queries. Upon expiry of the relevant retention period, we securely delete or anonymize your personal data.

Data Processors and Third Parties

In order to provide our services efficiently, we work with selected third-party service providers ("processors") who process data on our behalf:

• Payment Providers: Secure payment gateways process your payment details for order transactions. We do not store full payment card information.
• Delivery Partners: To ensure timely delivery, only necessary information (e.g., recipient’s name, address, and phone number) is shared with our trusted couriers.
• IT and Hosting Providers: Our website and data are hosted on secure servers managed by reputable IT service companies, who may have access to personal data only as necessary to provide their services to us.

All third-party service providers are contractually required to process your personal data in compliance with applicable data protection laws and only as per our instructions. We do not sell or share your personal data with third parties for their own direct marketing purposes.

User Rights Under GDPR

Under the GDPR and UK data protection law, you have a number of important rights regarding your personal data. These include the right to:

• Access: Request access to the personal data we hold about you.
• Rectification: Have your data corrected if it is incomplete or inaccurate.
• Erasure: Request the deletion of your data where there is no valid reason for us to retain it (also known as the “right to be forgotten”).
• Restriction: Ask us to restrict the processing of your personal data in certain circumstances.
• Portability: Receive your data in a structured, commonly used format and transfer it to another provider where technically feasible.
• Objection: Object to processing where we are relying on legitimate interests, or to direct marketing at any time.
• Withdraw Consent: Withdraw any consent you have given at any time, without affecting the lawfulness of processing before withdrawal.

To exercise any of these rights, please contact us using the details provided on our website. We endeavour to respond to any requests regarding your data rights without undue delay and in accordance with legal requirements. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data has not been handled appropriately.

Data Security

We employ appropriate technical and organizational measures to safeguard your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. Access to your personal information is strictly limited to those who have a legitimate business need to know and are subject to confidentiality obligations.

International Transfers

Your data may be processed outside of the UK or European Economic Area (EEA) if our service providers are located in other countries. In such cases, we ensure that adequate safeguards are in place, such as standard contractual clauses or equivalent protections, to ensure your data receives the same level of protection as under UK and EU law.

Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or relevant laws. The latest version will always be available on our website. We encourage you to review this policy regularly to stay informed about how we protect your information.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or how we process your data, please visit our website’s Contact page. We are committed to resolving any issues and ensuring your data is managed safely and transparently.