Flower Delivery Pinner Privacy Policy

Introduction

This Privacy Policy explains how Flower Delivery Pinner collects, uses, stores, and protects the personal information of customers placing flower delivery orders in Pinner and the surrounding districts. We recognise the importance of safeguarding your data and are committed to complying with the UK General Data Protection Regulation (GDPR). Please read this policy to understand your rights and how we process your personal information.

Scope of this Policy

This policy applies to all Flower Delivery Pinner customers who place orders for delivery within Pinner and the neighbouring districts. By using our services and placing an order with us, you acknowledge and consent to the data practices described in this Privacy Policy.

The Data We Collect

When you place an order with Flower Delivery Pinner, we may collect and process the following personal data:

  • Identity Data: Your full name or the name of the recipient.
  • Contact Data: Billing and delivery addresses, contact telephone numbers.
  • Order Data: Details of your flower order, order preferences, delivery instructions, and gift messages.
  • Payment Data: Payment confirmation details from our payment processor (we do not retain your complete card details).
  • Communications Data: Any communications between you and our team, including notes about your order, any feedback, or queries.
  • Technical Data: IP address, browser type, and device type, collected via our website to enhance functionality and security.

Please note, we do not knowingly collect data of individuals under the age of 16 without verifiable parental consent.

Lawful Basis for Processing Data

Under GDPR, we must have a lawful reason for using your personal data. Our reasons include:

  • Contractual Necessity: To fulfil your order and deliver flowers as requested.
  • Legal Obligation: Where required to comply with tax, accounting, or legal requirements.
  • Legitimate Interests: For purposes such as enhancing our service, managing security, and handling queries, provided these do not override your rights.
  • Consent: For any marketing communications (when you opt in), which you may withdraw at any time.

How We Use Your Data

We use your personal data strictly for the following purposes:

  • Processing and delivering your flower orders efficiently.
  • Maintaining contact with you about your order or to address your queries.
  • Improving our website and service delivery through analysis of order and technical data.
  • Complying with legal, regulatory, and accounting obligations.
  • Sending marketing communications if you have agreed to receive them (you may unsubscribe at any time).

Data Retention

We retain your personal data only as long as necessary for the purposes for which it was collected, including for the fulfilment of orders, resolving disputes, and adhering to legal requirements:

  • Order Data: Retained for up to 6 years to comply with accounting and tax obligations.
  • Contact and Communications Data: Stored for up to 6 years to respond to post-order queries or disputes, unless you request earlier deletion where legally possible.
  • Technical Data: Retained for analytics and security purposes for up to 24 months.

We regularly review our retention periods to ensure we do not keep your information for longer than necessary.

Processors and Third Parties

We may share your personal data with trusted third-party service providers, strictly for the purposes outlined in this policy. Examples include:

  • Payment Processors: To securely process your payments (we do not store your full payment information).
  • Delivery Partners: Local couriers and drivers to fulfil your delivery request.
  • IT Support and Web Hosting: For secure management of our website and customer records.

All third-party processors are contractually bound to comply with GDPR, only process your data as instructed, and have appropriate safeguards in place to protect your information.

International Transfers

Your personal data is stored and processed within the United Kingdom. If exceptionally we need to transfer personal data outside the UK (for example, if our email or web servers are located in another country), we ensure that appropriate data protection safeguards are in place as required by law.

Your Rights Under GDPR

Under GDPR, you have several rights regarding your personal data. These include:

  • Access: The right to request a copy of the data we hold about you.
  • Rectification: The right to have incorrect or incomplete data amended.
  • Erasure: The right to request deletion of your data where legally permissible (the "right to be forgotten").
  • Restriction: The right to restrict how we process your data in some circumstances.
  • Data Portability: The right to obtain your data in a commonly used and machine-readable format, or have it transferred to another provider.
  • Objection: The right to object to certain types of processing, such as direct marketing.
  • Withdraw Consent: The right to withdraw consent where processing is based on consent, without affecting the lawfulness of processing based on consent before its withdrawal.

If you wish to exercise any of these rights, please contact us using the details provided in your order confirmation or on our website.

Security Measures

We take the security of your personal data seriously. Measures to protect your data include restricted access controls, secure data storage, regular review of data processors, and staff training on data protection principles. While we strive to use commercially acceptable means to protect your personal information, no method of transmission or storage is completely secure. We will notify you and any relevant regulatory body of any data breaches as required by law.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal or regulatory reasons. The latest version will always be displayed on our website. Your continued use of our services after any modification indicates your acceptance of our updated policy.

Contacting Us

If you have any questions regarding this Privacy Policy or our data protection practices, please refer to our website for contact details or use the phone number provided with your order confirmation. We are committed to responding promptly to all privacy-related enquiries or complaints, and you also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you are unhappy with how your data has been handled.