Flower Delivery St John's Wood Privacy Policy

Introduction

This Privacy Policy is designed to inform customers of Flower Delivery St John's Wood about how we collect, use, store, and protect your personal data in compliance with the General Data Protection Regulation (GDPR). This policy applies to all individuals placing orders with us from St John's Wood and the surrounding districts.

What Personal Data We Collect

When you use our flower delivery services, we may collect the following categories of personal data:

  • Identity Data: Full name, title, and, if relevant, information about the recipient.
  • Contact Data: Delivery address, email address, and phone number (if provided).
  • Order Information: Details of your flower order and delivery preferences.
  • Payment Information: Billing address and payment confirmation (note: we do not retain full payment card numbers; this is managed securely by our payment processors).
  • Communication Data: Any correspondence or feedback you send to us regarding your order.
  • Technical Data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform (collected via our website for analytics, if applicable).

Lawful Basis for Data Processing

Under GDPR, we must process your personal data based on legal grounds. We rely on the following bases:

  • Contractual Necessity: Most data we collect are needed to fulfill, process, and deliver your order.
  • Legitimate Interest: We may use your data to improve our services, manage our relationship with you, and address queries or complaints. These interests do not override your fundamental rights.
  • Legal Obligation: We may need to process your data to comply with legal or regulatory requirements, such as tax or accounting rules.
  • Consent: If we ever seek your consent to use your data for optional purposes (such as marketing), you can withdraw this consent at any time.

How We Use Your Personal Data

Your personal data is used for the following purposes:

  • To process and deliver your flower orders accurately and efficiently.
  • To communicate with you regarding your order status, delivery, or feedback.
  • To resolve requests, complaints, or issues related to your order.
  • To comply with legal obligations related to financial records and transactions.
  • To improve our products and customer experience (aggregated or anonymised data may be used for analytical purposes).

How We Share Your Personal Data

We do not sell or rent your personal data to third parties. However, in order to operate our services efficiently, we may share your data with trusted processors and third parties as outlined below:

  • Delivery Partners: Delivery information (address, recipient name, and contact details) is shared with our couriers or local florists to fulfil your order.
  • Payment Processors: Secure payment providers process your payment details on our behalf. We do not store your payment card information ourselves.
  • Technical Service Providers: Website hosting or IT support partners may have incidental access for maintenance or technical troubleshooting.
  • Legal and Regulatory Bodies: If required by law or to defend our rights, we may disclose information to authorities.

All third-party processors are vetted to ensure they handle your data securely and in compliance with the GDPR. Data is not transferred outside the UK or EEA without adequate protection.

Data Retention

Your personal data is kept only as long as necessary for the purposes set out in this policy:

  • Order and delivery records: Kept for up to 7 years to comply with legal and accounting requirements.
  • Account and communication data: Retained for up to 3 years after your last order, unless a longer retention is required by law.
  • Technical and analytics data: Retained for up to 24 months for service improvement.

After these periods, your data is securely deleted or anonymised.

Your Rights Under GDPR

You have several important rights regarding your personal data:

  • Right to Access: Obtain a copy of personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Ask for your personal data to be deleted when no longer necessary.
  • Right to Restrict Processing: Request temporary restriction of processing under certain circumstances.
  • Right to Data Portability: Receive your data in a structured format and transfer it to another controller.
  • Right to Object: Object to processing based on legitimate interests or for direct marketing.
  • Right to Withdraw Consent: Where you have provided consent, you can withdraw it at any time.
  • Right to Lodge a Complaint: Complain to the Information Commissioner's Office (ICO) if you believe your rights have been breached.

To exercise these rights, please use the contact details provided on our website.

How We Protect Your Data

Your privacy and the security of your information are very important to us. We have implemented appropriate technical, physical, and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction. These include restricted access, encryption, security training for our staff, and regular review of our processors’ compliance.

Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. The latest version will always be posted on our website and will show the date of the most recent revision.

Scope & Applicability

This Privacy Policy applies to all customers placing orders for flower delivery from St John's Wood and neighbouring districts with Flower Delivery St John's Wood. If you use our services from other locations, please refer to the relevant privacy terms provided for your area.