Privacy Policy for Flowers Harlow Customers

Introduction

This Privacy Policy outlines how Flowers Harlow collects, uses, and protects personal data relating to all customers who place orders within Harlow and the surrounding districts. Your privacy is of the utmost importance to us, and we are committed to safeguarding your personal information in accordance with the UK General Data Protection Regulation (GDPR).

Scope of Policy

This policy applies to all customers of Flowers Harlow who place orders directly through our website, by telephone, or in person, provided the order is for delivery or collection within Harlow and neighbouring districts. By placing an order with Flowers Harlow, you acknowledge and agree to the terms of this Privacy Policy.

What Personal Data We Collect

To fulfil your order and provide our services, we may collect the following types of personal data:

  • Identification Data: Your full name and, if applicable, the name of a recipient.
  • Contact Information: Phone number, postal address, and occasionally contact information for order recipients (such as for delivery).
  • Order and Transaction Data: Details about the flowers or products you order, payment details (note: payment card data is processed securely and not retained by us), transaction history, and preferences.
  • Communication Data: Correspondence between you and Flowers Harlow, including queries, feedback, order confirmations, and delivery instructions.
  • Technical Data: When you use our website, we may collect information such as IP address, browser type, device information, and usage statistics for analytical purposes (via cookies or analytics tools).

Lawful Basis for Data Processing

We only collect and process your data where we have a lawful basis under the GDPR. The lawful bases we rely on include:

  • Contractual Necessity: To process your order, arrange delivery, and communicate about your purchase.
  • Legal Obligations: To comply with applicable law, for example, accounting or tax regulations.
  • Legitimate Interests: To improve our services, respond to your queries, or inform you of service updates (provided your interests do not override ours).
  • Consent: Where we seek your consent, for example, to send marketing communications. You can withdraw your consent at any time.

How We Use Your Data

Flowers Harlow uses your personal data to:

  • Process and fulfil your orders, including communicating with you and arranging delivery
  • Respond to your requests and provide customer support
  • Carry out administrative functions, such as record-keeping and accounting
  • Improve our products, services, and customer experience
  • Meet legal and regulatory requirements
  • With your consent, provide you with information on our products, offers, or special events

Data Processors and Third Parties

We may share your data with trusted third-party service providers (“data processors”) who assist us in operating our business. Examples of processors include:

  • Payment processing providers (for secure handling of your transactions)
  • Delivery and courier services (to deliver your order to the specified address)
  • IT service providers (who help us ensure our website and systems are functioning securely and efficiently)
  • Professional advisers (for legal or accounting purposes, if necessary)

We ensure that any partners or processors who access your data do so in compliance with GDPR and only as necessary for fulfilling their contractual services to us. We do not sell, rent, or trade your personal data to third parties for marketing purposes.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy, unless a longer retention period is required by law. Typically, order data is retained for up to six years to meet accounting and legal obligations. Data provided solely on the basis of consent (such as for marketing) will be retained until you withdraw your consent or request erasure.

Once your data is no longer needed, it will be securely deleted or anonymised.

Data Security

We have implemented appropriate technical and organisational measures to safeguard your information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include secure servers, access controls, and encryption protocols where appropriate.

Your GDPR Rights

As a customer, you have specific rights under the GDPR. These are:

  • Right of Access: You may request a copy of the personal data we hold about you.
  • Right to Rectification: You can request correction of inaccurate or incomplete data.
  • Right to Erasure: You may have your data deleted in certain circumstances.
  • Right to Restrict Processing: You can ask us to suspend processing of your data in certain cases.
  • Right to Data Portability: You may request transfer of your data to another service provider.
  • Right to Object: You can object to processing based on legitimate interests or direct marketing.
  • Right to Withdraw Consent: Where you have previously given consent, you may withdraw it at any time, without affecting the lawfulness of processing prior to withdrawal.

If you wish to exercise any of these rights, please contact us using the contact details provided at the end of this policy or on our website.

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in legal, regulatory, or operational requirements. The date of the latest version will be indicated below. We encourage you to review this policy regularly to stay informed about how we protect your data.

This policy was last updated in June 2024.

Contact and Queries

If you have any questions or concerns about this Privacy Policy or the way in which your personal data is processed, please contact Flowers Harlow through the contact options listed on our website or at our business premises. If you are unsatisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO).