Privacy Policy for Flowers North Woolwich Orders

Introduction

This Privacy Policy explains how Flowers North Woolwich ("we", "us", or "our") collects, uses, stores, and protects your personal information when you place orders for our services in North Woolwich and the surrounding districts. Your privacy and trust are of utmost importance to us. We follow the principles of the General Data Protection Regulation (GDPR) to ensure that your personal data is handled responsibly and transparently.

Scope of this Policy

This policy applies to all individuals who place orders, make inquiries, or interact with Flowers North Woolwich as customers from North Woolwich and the surrounding districts. By ordering from us, you acknowledge the terms described herein regarding the collection and management of your personal data.

What Data We Collect

When you place an order or interact with us as a customer, we may collect the following types of personal data:

  • Identity Data: Name, title, and contact details of the sender and recipient (such as address and delivery location).
  • Contact Data: Phone numbers, postal addresses, billing addresses, and other contact information relevant to the order.
  • Order Details: Flower selections, delivery preferences, and additional instructions provided by you.
  • Transaction Data: Order history, payment methods (excluding full card numbers or security codes), and purchase details.
  • Correspondence: Any information provided through customer inquiries, complaints, or feedback forms.
  • Technical Data: If you use our online services, we may gather anonymized data on browser types, access times, IP addresses, and usage analytics.

Lawful Basis for Processing Your Data

We process your personal data only when permitted by the GDPR. The primary legal grounds for processing include:

  • Contractual Necessity: We process your information to complete and deliver your orders, process payments, and fulfill our obligations as part of our contract with you.
  • Legitimate Interests: We may process data to enhance customer service, improve business operations, prevent fraud, and promote the security of our services, provided these interests are not overridden by your rights and interests.
  • Legal Obligations: We may process your data to comply with applicable laws, such as tax or accounting requirements.
  • Consent: In specific situations, such as when sending marketing materials or newsletters, we will only process your data if you have given us explicit permission. You may withdraw your consent at any time.

How We Use Your Data

We use your personal data for the following purposes:

  • To process, confirm, and fulfill your flower orders and deliveries
  • To manage payments and prevent fraudulent transactions
  • To communicate order updates, respond to inquiries, and provide customer support
  • To comply with legal and regulatory requirements
  • To analyze and improve our services (using anonymized data wherever possible)
  • To send marketing communications if you have opted in to receive them

Data Retention

We retain your personal data only as long as necessary for the purposes described in this policy. The retention period varies depending on the type of data and our contractual or legal obligations:

  • Order and Transaction Data: Typically retained for up to seven years to comply with tax and accounting regulations and ensure proper business records.
  • Contact and Correspondence Data: Retained for up to two years beyond the last interaction to handle follow-up inquiries and improve customer service.
  • Marketing Data: Retained until you withdraw your consent or opt out of communications.
  • Technical Data: Usually anonymized promptly after collection, with logs retained for up to one year for security purposes.

After the applicable retention period, your data will be securely deleted or anonymized.

Data Processors and Data Sharing

We may share your personal data with selected third-party data processors who provide essential services, such as payment processing, order delivery, IT and data storage, or customer support solutions. All processors are contractually required to comply with GDPR standards, ensure confidentiality, and use your data solely for the purposes instructed by us.

We do not sell, rent, or trade your personal information. We may disclose your data if required to do so by law, or in connection with defending our rights or property.

If any processors operate outside the UK or EEA, we ensure that your data receives an adequate level of protection, in accordance with GDPR.

Data Security Measures

We are committed to taking appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, or misuse. These measures include data encryption, secure storage facilities, limited access controls, and staff training on data protection principles. While we strive to safeguard your information, no digital transmission or storage is completely secure; however, we use reputable technologies and partners to maintain your privacy.

Your Rights as a Data Subject

Under GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Correct any incomplete or inaccurate personal information we hold.
  • Right to Erasure: Request deletion of your personal data under certain circumstances (“right to be forgotten”).
  • Right to Restrict Processing: Object to or limit how we process your personal data.
  • Right to Data Portability: Ask to receive your personal information in a structured, commonly used format or have it transmitted to another data controller.
  • Right to Withdraw Consent: Withdraw consent at any time when processing is based on consent.
  • Right to Object: Object to processing where we rely on legitimate interests as the lawful basis.
  • Right to Lodge a Complaint: You have the right to file a complaint with a supervisory authority if you believe your data is not being handled in line with GDPR requirements.

To exercise any of these rights, contact our customer service. Verification of your identity may be required in order to process your request.

Updates to This Policy

We may revise this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or service offerings. Any updates will be published with a new effective date. Continued use of our services after such changes signifies your acceptance of the revised policy.

Contact and Inquiries

If you have questions about this Privacy Policy, your data rights, or how we handle your personal information, please contact our customer service team. We are committed to addressing your concerns promptly and in accordance with GDPR standards.