Privacy Policy for Flowers North Harrow Orders

Introduction

Flowers North Harrow is committed to ensuring the privacy and security of its customers' personal data. This Privacy Policy outlines how we collect, process, store, and protect your information in compliance with the UK General Data Protection Regulation (GDPR). This policy applies to all customers placing orders with Flowers North Harrow from North Harrow and the surrounding districts.

What Data We Collect

When you place an order with Flowers North Harrow, we may collect and process the following categories of personal data:

  • Identity Data: Name, title
  • Contact Data: Address, phone number, delivery address, and other contact details provided during the order process
  • Order Data: Details of the products and services ordered, purchase history, order notes, and delivery preferences
  • Payment Data: Payment method information (note: cardholder data is processed by payment service providers and not stored by us)
  • Communications Data: Any communications with us, including feedback or queries
  • Technical Data: IP address, browser type and version, location, device information (collected via the website for technical and analytical purposes)

Lawful Basis for Processing Your Data

We only process your personal data where lawful to do so under GDPR. The lawful basis for collecting and using your data includes:

  • Performance of a Contract: Processing your order and delivering products and services
  • Legal Obligation: Complying with legal and regulatory requirements, for example for tax and accounting purposes
  • Legitimate Interests: For business administration, security, fraud prevention, and to improve our services. We ensure these interests do not override your rights
  • Consent: We may seek your consent for certain communications, such as marketing, and you have the right to withdraw consent at any time

How We Use Your Personal Data

Your personal data is used for the following purposes:

  • To process and deliver your orders, including managing payments, fees, and charges
  • To communicate with you about your order or respond to your enquiries
  • To manage our relationship with you, including feedback and customer service
  • For internal record keeping and to fulfil our legal, accounting, and regulatory obligations
  • To improve our products, services, and website experience
  • To prevent and detect fraud or abuse

Data Sharing and Processors

In certain circumstances, we may share your personal data with trusted third parties who act as data processors on our behalf. These processors include:

  • Payment Service Providers: For processing credit or debit card payments securely
  • Delivery Couriers: For delivering orders to your specified address
  • IT and System Support Providers: For website hosting, maintenance, and technical support
  • Professional Advisors: Accountants, auditors, or legal advisors if required for compliance

We require all third parties to respect the security and confidentiality of your data and to process it only for specified purposes in accordance with our instructions and the law. We do not sell or trade your personal data to any third parties for marketing or unrelated purposes.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying any legal, accounting, or regulatory requirements. The typical retention periods are as follows:

  • Order and Transaction Data: Retained for up to 7 years for accounting and tax compliance
  • Contact and Communication Data: Retained for up to 2 years after your last interaction unless required to resolve disputes or enforce agreements
  • Marketing Data: Retained until you opt-out or withdraw consent

After the retention period has elapsed, your data will be securely deleted or anonymised.

Your Data Protection Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right of Access: You have the right to request a copy of the personal data we hold about you
  • Right to Rectification: You can request correction of inaccurate or incomplete data
  • Right to Erasure: You have the right to request deletion of your data in certain circumstances
  • Right to Restrict Processing: You can ask us to restrict the processing of your data
  • Right to Data Portability: You may request that your data be provided to you or another controller in a machine-readable format
  • Right to Object: You can object to the processing of your personal data, particularly where processing is based on our legitimate interests or for direct marketing
  • Right to Withdraw Consent: Where we rely on consent, you can withdraw it at any time

You can exercise these rights by contacting us. We will respond to your request in accordance with applicable GDPR timeframes and requirements. Please note we may need to verify your identity before fulfilling your request.

Data Security

We implement appropriate technical and organisational measures to protect the security and confidentiality of your personal data. These measures include encryption, access controls, secure storage, and regular reviews of our security policies and practices. While we strive to protect your data, please note that no method of transferring or storing data online can be guaranteed as 100% secure.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in laws, regulations, or our data processing practices. Any significant changes will be communicated clearly and made available to all customers. The most current version of the policy will always be available upon request and applicable to all Flowers North Harrow orders placed from North Harrow and surrounding districts.

Contact and Complaints

If you have questions about this Privacy Policy, how we handle your data, or wish to exercise any of your rights, please get in touch with us through our usual communication channels. If you are unsatisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO).

Thank you for trusting Flowers North Harrow with your personal information. Your privacy is important to us, and we are committed to safeguarding your data in compliance with GDPR.