Flower Delivery Leyton Data Privacy Statement

Introduction

At Flower Delivery Leyton, your privacy is a top priority. This Privacy Policy outlines how we collect, use, retain, and safeguard your personal data when you place an order with us. This policy is intended for all customers who order flower delivery services from Leyton and the surrounding districts, ensuring compliance with the General Data Protection Regulation (GDPR) and relevant UK data protection laws.

Scope of this Policy

This Privacy Policy applies to all individuals who interact with Flower Delivery Leyton, including but not limited to users who place orders, make inquiries, or visit our website. By interacting with our services, you agree to the terms set out in this policy.

What Data We Collect

To provide our flower delivery services effectively, we may collect and process the following types of personal data:

  • Contact Information: such as your name, address, phone number, and delivery address details.
  • Email Address: for order confirmations, receipts, and service-related communications.
  • Order Details: including product selections, special instructions, and occasion details (e.g., birthdays, anniversaries).
  • Payment Information: such as partial credit/debit card details and payment confirmations (full payment card data is securely processed and not stored by us).
  • Customer Correspondence: such as feedback, queries, and records of communication with our staff.
  • Usage Data: including website visit logs, IP address, browser type, and information gathered using cookies when you access our website.

Lawful Basis for Processing Data

We process your data using the following lawful bases under GDPR:

  • Contractual Necessity: Processing is required to fulfil your orders and provide requested services.
  • Legal Compliance: We retain transaction and customer data required by law (such as tax or accounting regulations).
  • Legitimate Interests: For activities that support our business operations (such as improving services, customer support, or fraud prevention), provided those interests do not override your rights and freedoms.
  • Consent: For optional communications, such as marketing emails or newsletters, we will only send these with your explicit consent. Consent can be withdrawn at any time.

How We Use Your Information

Your data is used for the following purposes:

  • Processing and delivering your flower orders.
  • Confirming and updating you about your order status.
  • Processing payments securely.
  • Responding to inquiries and providing customer support.
  • Improving our services and website functionality.
  • Meeting legal and regulatory requirements.
  • Sending you service updates or marketing communications, as permitted by law and your preferences.

How Long We Retain Your Data

We retain personal information only for as long as necessary to fulfil the purposes described in this policy, including satisfying legal, accounting, and reporting requirements. Our typical retention periods are as follows:

  • Customer Orders: Retained for up to 6 years in line with statutory requirements.
  • Marketing Preferences: Retained until you withdraw consent or unsubscribe.
  • Website Usage Data: Retained for up to 26 months before being deleted or anonymised.

After the relevant retention period, your personal data will be securely deleted or anonymised, rendering it non-identifiable.

Our Data Processors

We use selected third-party service providers (“data processors”) to assist in our operations, who may process your data on our behalf. These include:

  • Payment gateways for secure card transactions.
  • IT service providers and web hosting companies supporting our website and communications.
  • Couriers or delivery partners handling order transportation.
  • Marketing or analytics platforms (for customers who have opted in to marketing).

All processors are carefully selected and comply with GDPR requirements. We ensure they process data only for the purposes we specify and protect it as required by law.

User Rights Under GDPR

As a customer, you benefit from the following rights relating to your personal data, subject to certain conditions and exceptions:

  • Right of Access: Request access to personal data we hold about you and obtain a copy.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request the deletion of your personal data where there is no legal reason for us to retain it.
  • Right to Restriction: Request the restriction of processing in certain circumstances.
  • Right to Data Portability: Receive your data in a structured, commonly-used and machine-readable format.
  • Right to Object: Object to certain processing, such as direct marketing.
  • Right to Withdraw Consent: Withdraw any consent you have provided to us, at any time.
  • Right to Lodge a Complaint: Complain to the UK data protection regulator if you believe your rights have been infringed.

Data Security

We implement appropriate technical and organisational security measures to protect your personal information from unauthorised access, loss, misuse or disclosure. Access to data is strictly limited to those staff and processors who need it to fulfil their roles.

International Data Transfers

Generally, your data is processed and stored within the UK or the European Economic Area (EEA). Where data transfer outside the EEA is necessary (e.g., if a processor operates internationally), we ensure adequate safeguards are in place as required by GDPR.

Children's Privacy

Our services are not intended for children under 16. We do not knowingly collect personal data from anyone under this age. If you believe we have inadvertently collected such information, please contact us so we can delete it.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our business practices or legal obligations. All updates will be posted in this section of our website. Please review this policy regularly to stay informed.

Contact and Exercising Your Rights

To exercise any of your rights, make a complaint, or ask questions about this Privacy Policy, please use the contact form available on our website or write to our business mailing address. We will respond to all legitimate requests within a reasonable timeframe and in line with our legal obligations.

This Policy was last updated on: June 2024.