Flower Delivery Bexleyheath Privacy and Data Protection Policy

Introduction

This Privacy Policy outlines how Flower Delivery Bexleyheath collects, uses, stores, and protects your personal data in accordance with the UK General Data Protection Regulation (GDPR) and other related data protection laws. This policy applies to every individual placing orders with Flower Delivery Bexleyheath from Bexleyheath and the surrounding districts. We are committed to protecting your privacy and ensuring that your personal data is treated securely and lawfully.

What Data We Collect

To fulfil our flower delivery services, we may collect, store, and process the following types of personal data:

  • Identity Data: Such as your name and the recipient’s name.
  • Contact Data: Including delivery addresses, billing addresses, and phone numbers.
  • Transaction Data: Details of the products and services you purchase from us, order history, and payment status (Note: Payment card information is processed securely by third-party payment processors and is not stored by us).
  • Communications Data: Records of your correspondence with us, including order instructions or customer support enquiries.
  • Technical Data: Information collected through automated technologies, such as IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform when you interact with our website.
  • Marketing Preferences: Your preferences in receiving marketing communications from us, where applicable.

Lawful Basis for Processing Your Data

We process your personal data under the following lawful bases as established by the GDPR:

  • Contractual Necessity: Most of the personal data we collect is necessary for the performance of a contract with you (for example, to fulfil your flower delivery order).
  • Legitimate Interests: We may process certain data to pursue our legitimate business interests, such as improving our services, ensuring security of our website, or managing and developing customer relationships. We always balance these interests with your rights and reasonable expectations.
  • Legal Obligation: In some cases, we are required to process personal data to comply with legal and regulatory obligations (for example, for tax or accounting purposes).
  • Consent: Where required, we will ask for your consent before sending you marketing information or when using certain cookies. You are free to withdraw your consent at any time.

How We Use Your Personal Data

We use your personal data for the following purposes:

  • To process, deliver, and confirm your flower orders.
  • To communicate with you regarding your orders and provide customer support.
  • To improve our products, services, and user experience.
  • To send you updates, special offers, or marketing communications if you have consented to receive them.
  • To comply with legal obligations or enforce our terms and conditions.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which we collected it, including satisfying any legal, accounting, or reporting requirements. In general, we retain order information for up to six years to comply with statutory retention requirements. Communications data may be retained for a shorter period, depending on the context and our operational needs. Once personal data is no longer required, we will securely delete or anonymise it.

Processors and Third Parties

We use trusted third-party processors to help deliver our services. These may include:

  • Payment processing companies for secure handling of payment transactions.
  • IT service providers who support our website and IT infrastructure.
  • Delivery partners or couriers for fulfilling your order.
  • Professional advisers (such as accountants or legal counsel) as required by law.

All third-party service providers are required to take appropriate security measures to protect your personal data in line with our policies. We do not allow our third-party processors to use your personal data for their own purposes and only permit them to process your data for specified purposes in accordance with our instructions.

Your Rights Under GDPR

You have several important rights under data protection law. These include:

  • Right to Access: You can request access to the personal data we hold about you and confirm how it is being processed.
  • Right to Rectification: You can request correction of any incomplete or inaccurate data we hold about you.
  • Right to Erasure: You can ask us to delete your personal data under certain circumstances, such as where the information is no longer necessary for the purposes for which it was collected.
  • Right to Restrict Processing: You may request the restriction or suppression of your personal data in certain situations.
  • Right to Data Portability: Where applicable, you can request a copy of your personal data in a commonly used and machine-readable format or request we transfer it to another service provider.
  • Right to Object: You can object to processing based on legitimate interests or to direct marketing at any time.
  • Right to Withdraw Consent: Where we rely on consent to process your personal data, you may withdraw your consent at any time.

To exercise these rights, please contact us using the details provided on our website. We may request verification of your identity before responding to your request.

Security

We have implemented appropriate technical and organisational measures to secure your personal data and protect it from loss, misuse, unauthorised access, disclosure, or alteration. Access to your data is restricted to authorised personnel and third parties bound by confidentiality obligations.

Policy Updates

We may update this Privacy Policy from time to time to reflect changes to our practices, operational or legal requirements. We recommend you review this policy periodically for any updates. Where significant changes are made, we will take reasonable steps to notify customers.

Contact and Complaints

If you have any questions about this Privacy Policy, data protection, or your rights, you are encouraged to contact us via the contact information available on our website. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you believe your data has been processed in breach of the GDPR.

Thank you for trusting Flower Delivery Bexleyheath with your personal data. We are committed to safeguarding your privacy and ensuring your flower delivery experience is secure and enjoyable.