Privacy Policy for Flower Delivery Customers in Harlesden
Introduction
This Privacy Policy explains how Flower Delivery Harlesden ("we," "us," or "our") collects, uses, stores, and protects your personal data when you place an order with us from Harlesden or the surrounding districts. We are committed to safeguarding your information in line with the requirements of the General Data Protection Regulation (UK GDPR). This policy applies to all individuals who order flower delivery services from Flower Delivery Harlesden.
What Data We Collect
When you interact with our service, we collect only the data necessary to fulfil your order and provide a high standard of customer service. We may collect the following categories of personal data:
- Identity Data: Your name, surname, and (if applicable) account username.
- Contact Data: Delivery address, billing address, telephone number (if provided), and any other contact details you supply.
- Order Information: Details of your flower order, including recipient details (if provided), order notes, and any instructions related to floral delivery.
- Payment Information: Partial payment details (e.g., last four digits of card number or transaction IDs where relevant to payment confirmation). We do not store full card details; payments are processed via secure third-party providers.
- Communications: Records of your correspondence with us, including enquiries, feedback, and support requests.
- Technical Data: IP address, browser type, device information, access times, and usage activities on our website, where applicable (collected via cookies or analytics tools).
Lawful Basis for Processing Personal Data
We only process your personal data where there is a lawful basis under GDPR. The main reasons we process your data are:
- Contractual Necessity: To process, deliver, and manage your flower delivery orders.
- Legal Obligation: To comply with legal and regulatory requirements, such as record-keeping and accounting.
- Legitimate Interest: To improve our services, respond to enquiries, or defend our legal rights. Where required, we assess these interests against your privacy rights.
- Consent: In specific cases, such as for direct marketing (if you opt in), we will request your explicit consent before processing your data for these purposes.
How We Use Your Information
Your data is processed for the following purposes:
- Fulfilling and delivering your flower orders, including updating you on order status.
- Managing customer support and responding to your queries or requests.
- Handling payments, refunds, and preventing fraudulent transactions.
- Improving and maintaining our website and services.
- Complying with legal obligations and resolving disputes where necessary.
- Sending marketing communications, only if you have provided informed consent.
Data Retention
We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected and to meet legal, accounting, or reporting requirements. Typically, customer order details and associated personal data are retained for up to six years after the transaction to comply with local tax and contract laws. Communications and customer feedback may be held for a shorter period unless still required under the above purposes.
After these periods, your data is securely deleted or anonymised to protect your privacy.
Data Processors and Data Sharing
We do not sell or share your personal data with third parties for their own marketing activities. However, we may share your data with trusted third-party service providers ("processors") for the following purposes:
- Payment processing (e.g., secure payment gateway providers)
- Delivery services, to deliver your order to the intended recipient
- IT and system administration, including hosting and website analytics
We require all processors to handle your information securely and only process it according to our instructions and applicable laws.
If required by law, we may also disclose your data to regulatory authorities or law enforcement agencies. Otherwise, we do not transfer your personal information outside the United Kingdom unless adequate levels of data protection are guaranteed.
User Rights Under GDPR
You have various rights regarding your personal information under the UK GDPR, including:
- Right of Access: Request a copy of the personal information we hold about you.
- Right to Rectification: Ask us to correct any inaccurate or incomplete information.
- Right to Erasure: Request the deletion of your personal data, subject to certain conditions.
- Right to Restrict Processing: Request that we limit processing of your personal information in specific circumstances.
- Right to Data Portability: Request a copy of your data in a commonly used digital format.
- Right to Object: Object to processing where we rely on legitimate interests or direct marketing.
- Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw that consent at any time.
If you wish to exercise any of your rights, please contact us with enough information to verify your identity and specify the nature of your request. We aim to respond to all valid requests within one month in compliance with legal standards.
Security Measures
We use appropriate organisational and technical measures to protect your personal data from unauthorised access, loss, or misuse. These include physical security, data encryption technologies, limited access controls, and regular staff training on data protection obligations.
Cookies and Website Analytics
Our website may use cookies and analytics tools to improve user experience, monitor website performance, and help us understand how customers use our service. Cookies are small text files placed on your device. You can manage or disable cookies using your browser settings. Our cookies do not store sensitive personal details.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect legal changes or improvements to our practices. The most current version will always be available through our website or on request. Your continued use of our services signifies your acceptance of any updates.
Contact and Complaints
If you have questions about this policy or our data handling practices, or if you wish to exercise your rights, please contact us using the details provided on our website. If you have unresolved concerns, you are entitled to lodge a complaint with the Information Commissioner's Office (ICO), the supervisory authority for data protection in the UK.
