Privacy Policy – How Flower Delivery Coulsdon Protects Your Information

Introduction

This Privacy Policy sets out how Flower Delivery Coulsdon ('we', 'us', or 'our') collects, uses, stores, and protects the personal information of customers who place flower delivery orders in Coulsdon and surrounding districts. We are committed to upholding the principles of the UK General Data Protection Regulation (GDPR) and ensuring that your personal data is handled securely and transparently.

Scope of This Policy

This Privacy Policy applies to all individuals using Flower Delivery Coulsdon services by placing an order for flower delivery within Coulsdon and adjacent areas. The policy covers data collected through our website, over the phone, and in person for the fulfilment of our services.

What Data We Collect

In order to process your flower order and deliver our services efficiently, we may collect the following types of personal data:

  • Contact Information – Name, delivery address, billing address, and contact details (such as phone number).
  • Order Details – Details of products ordered, delivery instructions, preferred delivery date, and card messages.
  • Payment Information – Payment card details and transaction confirmations (note: payment card details are processed securely and not stored by us when payment is processed via third-party gateways).
  • Communication Records – Correspondence with us, feedback, and customer satisfaction responses.
  • Technical Data – IP address, device and browser information, and usage data if you use our website.

Lawful Basis for Processing Personal Data

We collect and process your personal data on several lawful bases, including:

  • Contractual necessity – To process and deliver your order or to take steps at your request before entering into a contract.
  • Legal obligation – To comply with legal and regulatory requirements (such as accounting and tax obligations).
  • Legitimate interests – For business management, customer service, order delivery, and to improve our services, provided that these interests are not overridden by your rights and interests.
  • Your consent – For optional activities such as receiving marketing communications (you may withdraw consent at any time).

How We Use Your Data

We process personal data to:

  • Take, process, and deliver your flower orders;
  • Communicate regarding your order or respond to your enquiries;
  • Process payments securely and prevent fraud;
  • Meet legal and tax requirements;
  • Improve our services, website, and customer experience;
  • Send you relevant updates or marketing information if you have opted in.

Sharing Your Data with Processors

Your personal data is sometimes shared with trusted third parties (‘processors’) who assist us in providing our services. These include:

  • Payment service providers for processing payments;
  • Couriers or delivery partners for delivering your flowers;
  • IT and website support providers for technical operations and security;
  • Professional advisers (such as accountants or legal advisors) where necessary.

Each processor is carefully selected and bound by contractual obligations to keep your data confidential and secure, and to process it only on our instructions.

How Long We Keep Your Data

We retain personal information only as long as necessary to fulfil the purposes for which it was collected, including the period required by law (for example, tax or accounting records). Typically, customer and order data is held for up to seven years, unless you request deletion sooner and there is no overriding legal obligation requiring us to retain it.

After the relevant retention period, your personal data will be securely deleted or anonymised so that it can no longer be associated with you.

Your Data Protection Rights

Under the UK GDPR, you have the following rights regarding your personal data held by Flower Delivery Coulsdon:

  • The right to access – You can request a copy of the personal data we hold about you.
  • The right to rectification – You can ask us to correct any inaccuracy in your data.
  • The right to erasure – In certain circumstances, you can request deletion of your personal data.
  • The right to restrict processing – You can request that we limit the way your data is used in certain situations.
  • The right to data portability – You can ask for your data in a structured, commonly used, and machine-readable format.
  • The right to object – You can object to certain processing activities, such as direct marketing or processing based on legitimate interests.
  • The right to withdraw consent – Where we process your data based on consent, you may withdraw this at any time.

To exercise any of these rights, please contact us using the contact details indicated on our website or in store. We will respond to your request in accordance with data protection legislation.

Data Security and Protection

We implement suitable organisational and technical measures to protect your personal data from unauthorised access, loss, or alteration. These measures include secure storage systems, encryption, restricted access controls, and staff training on data protection. However, while we strive to use best practices, no method of transmission over the internet or electronic storage is completely secure.

Changes to This Privacy Policy

We may review and update this policy from time to time to reflect changes to our practices or for other operational, legal, or regulatory reasons. The latest version of the Privacy Policy will always be available on our website in the relevant section.

Contact and Complaints

If you have any questions about this Privacy Policy or how we handle your personal data, please get in touch using the contact options provided on our website or at our place of business. You also have the right to lodge a complaint with the Information Commissioner’s Office or your local data protection authority if you believe your rights have been infringed.