Privacy Policy for Florist Romford Customers

Introduction

At Florist Romford, we are dedicated to protecting the privacy and personal data of every customer. This Privacy Policy explains how we collect, use, store, and protect your personal information in compliance with the General Data Protection Regulation (GDPR) and applicable UK data protection laws. This policy applies to all individuals placing orders with Florist Romford from Romford and the surrounding districts.

Scope of This Policy

This Privacy Policy applies to all personal data processed by Florist Romford in relation to the purchase of products or services through any of our order channels, including online, telephone, or in-person transactions, and covers all customers in Romford and nearby areas. By placing an order with us, you acknowledge the terms of this policy.

What Data We Collect

To fulfil your flower orders and provide excellent customer service, we may collect and process the following types of personal data:

  • Identity Data: Name, surname, and, if necessary, title and contact person details.
  • Contact Data: Billing address, delivery address, telephone number, and occasionally alternative contact information for the recipient.
  • Order Information: Details of products and services you have purchased, special notes or instructions, and transaction history.
  • Payment Data: Payment method information (card type, last four digits for referencing, and payment status). We do not store complete payment card information as payments are processed via secure third parties.
  • Correspondence: Communications with our team, including feedback, complaints, and queries, whether via email, phone, or written correspondence.
  • Technical Data: Where applicable, IP address, browser type and version, and device information when you use our website for orders or inquiries.

Lawful Basis for Processing Your Data

Our processing of your personal information is based on the following lawful bases:

  • Contractual Necessity: To process your flower order, arrange delivery, and manage payment, your data is required to fulfil the contract between you and Florist Romford.
  • Legal Obligation: We may retain and process some data to comply with applicable legal and regulatory obligations, such as record-keeping for tax purposes.
  • Legitimate Interests: We may use your information to improve our services, resolve queries, prevent fraud, or inform you of changes to our services, provided these interests are not overridden by your rights.
  • Consent: We will only send you marketing communications with your explicit consent, which you may withdraw at any time.

How We Use Your Information

Florist Romford uses personal data for the following purposes strictly in connection with our services:

  • Processing and fulfilling your orders, including arranging and tracking deliveries;
  • Communicating with you about your order or responding to your inquiries;
  • Managing customer accounts and record-keeping;
  • Improving our products and service quality based on feedback and order patterns;
  • Where permitted, informing you about products, promotions, or surveys, with your consent;
  • Detecting and preventing fraud or misuse of our services;
  • Complying with legal and regulatory obligations.

Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes outlined above, including satisfying any legal, accounting, or reporting requirements. In general:

  • Order and transaction records are kept for up to 7 years, in line with accounting regulations and to resolve any potential disputes.
  • Marketing preferences and consent records are retained until you withdraw your consent or request erasure.
  • Technical and usage information may be stored for up to 12 months for security and analysis, unless longer retention is justified for investigation purposes.

Once your data is no longer required, it is securely deleted or anonymised.

Data Sharing and Processors

We do not sell or rent your personal information to third parties. However, to provide our services effectively, we may share your data with trusted third-party processors, including:

  • Payment service providers for secure transaction processing;
  • Delivery partners and couriers to fulfil your orders;
  • IT service providers who support our website and order management systems;
  • Professional advisers (such as accountants or legal advisors) where required for regulatory compliance.

All processors are contractually bound to protect your information and may only process data on our instructions. We ensure that any third party handling your personal data complies with data protection regulations and maintains adequate safeguards.

Data Security

We take appropriate security measures to protect your information from unauthorised access, alteration, disclosure, or destruction. These include technical safeguards (encrypted databases, secure payment gateways) and organisational policies (staff training, restricted data access). While we strive to ensure your data is protected, please note that no internet transmission is entirely secure.

Your Rights Under GDPR

As a data subject, you have specific rights under the GDPR regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request corrections to inaccurate or incomplete personal data.
  • Right to Erasure: Request deletion of your data where legal or contractual constraints do not override this right.
  • Right to Restrict Processing: Request we restrict use of your data in certain circumstances.
  • Right to Data Portability: Request a copy of data in a machine-readable format for use with another provider.
  • Right to Object: Object to the processing of your data where it is based on legitimate interests or for direct marketing.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting previous processing.

If you wish to exercise any of these rights or have questions about how your data is handled, please contact our customer service team. We may need to verify your identity before responding to such requests to protect your privacy.

Policy Updates

We may update this Privacy Policy from time to time to reflect changes to our practices, legal requirements, or customer feedback. The latest version will always be available through our customer service channels. We encourage you to review this policy regularly to stay informed about how we protect your data.

Contact and Queries

For further information regarding this Privacy Policy, or if you have any concerns or wish to exercise your data rights, please reach out to our customer support. We are committed to working with you to address any queries, complaints, or requests concerning your privacy and data protection.