Flower Delivery Broxbourne Privacy Policy

Introduction

This Privacy Policy explains how Flower Delivery Broxbourne collects, uses, and protects your personal data when you place orders for flower delivery services in Broxbourne and the surrounding districts. We are fully committed to complying with the General Data Protection Regulation (GDPR) and safeguarding your privacy.

Scope of This Policy

This policy applies to all individuals who place orders with Flower Delivery Broxbourne for flowers and related products to be delivered within Broxbourne and neighbouring areas. By using our services, you agree to the data practices described in this policy.

What Data We Collect

When you place an order or use our services, we may collect and process the following categories of personal data:

  • Contact Information: Your name, address, delivery address (if different), and phone number.
  • Order Details: Details about the products you order, preferences, order notes, and delivery times.
  • Payment Information: Billing address and payment confirmation. (Card details are processed securely by payment processors and not stored by us.)
  • Communications: Any messages or correspondence between you and our team related to your order.
  • Technical Data: IP address, browser type, and usage data gathered via cookies and web analytics tools for service performance and security.

Lawful Basis for Processing Your Data

We process your personal data on the following lawful bases as per the GDPR:

  • Contractual Necessity: To provide and deliver the products and services you request.
  • Legal Obligations: To comply with relevant tax and accounting regulations.
  • Legitimate Interests: To improve our service, prevent fraud, and manage our business.
  • Consent: Where required, we may also ask for your explicit consent (for example, if you wish to receive marketing communications). You can withdraw your consent at any time.

How We Use Your Data

Data collected from you is used for the following purposes:

  • Processing, fulfilling, and delivering your orders.
  • Managing and responding to your enquiries and feedback.
  • Communicating service updates, confirmation of orders, or delivery issues.
  • Improving our products and customer service based on user feedback and analytics.
  • Complying with our legal and regulatory obligations.

Retention of Your Data

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy and to meet our legal obligations:

  • Order and delivery data: Typically stored for up to 6 years to meet tax, regulatory, and accountancy requirements.
  • Marketing preferences: Stored until you withdraw consent or unsubscribe.
  • Customer communications: Retained as long as needed to resolve your queries and according to our internal retention schedule.

Once data is no longer required, it will be securely deleted or anonymised.

Data Processors and Sharing Your Data

We use trusted third-party service providers (“processors”) to support our operations, such as:

  • Payment processors (for secure payment handling)
  • Website hosting companies
  • IT support providers
  • Analytics providers

We ensure all processors contractually uphold GDPR requirements and only access your data to the extent required for their services. Your personal data is not sold or shared with any third party for their own marketing purposes.

Where required by law or to protect our legal interests, we may disclose your information to authorities or regulatory bodies.

Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of any inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data in certain circumstances.
  • Right to Restrict Processing: Request restriction of how we process your data in some situations.
  • Right to Data Portability: Request to receive your data in a commonly used format and transfer it to another provider.
  • Right to Object: Object to certain uses of your data, such as direct marketing.
  • Rights regarding Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing.

You can exercise these rights by contacting us using the details provided on our website. Proof of identity may be required to process certain requests.

Security of Your Data

We implement technical and organisational measures to safeguard your personal data against unauthorised access, disclosure, alteration, and destruction. These measures include regular reviews of our security practices and cooperation only with processors meeting GDPR standards.

Children’s Privacy

Our services are not directed to children under 16 years of age, and we do not knowingly collect personal data from children. If we become aware that data from a child has been inadvertently collected, we will promptly delete it.

Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or for legal, regulatory, or operational reasons. Changes will be posted on our website, and, where appropriate, you will be notified of significant changes.

Contact and Complaints

If you have questions, concerns, or wish to exercise any of your rights, please refer to our website’s contact section. You also have the right to lodge a complaint with the UK Information Commissioner’s Office concerning our handling of your data.