Privacy Policy for Florist Redbridge Customers

Scope of This Privacy Policy

This Privacy Policy describes how Florist Redbridge collects, uses, retains, and processes your personal data under the General Data Protection Regulation (GDPR) and other applicable data protection laws. It applies to all customers placing orders with Florist Redbridge from Redbridge and surrounding districts.

Information We Collect

When you use Florist Redbridge’s services, including placing flower orders, we may collect the following categories of personal data:

  • Identity Data: Full name, title.
  • Contact Data: Delivery address, billing address, and postcode.
  • Communication Data: Telephone number (if provided), order messages (e.g., card messages), and any correspondence with us.
  • Transactional Data: Order details, delivery details, products purchased, payment status (note: we do not store full card payment details).
  • Technical Data: IP address, browser type, and cookies, where applicable, to optimize website experience and security.

Please note that we do not collect or retain payment card details. All payments are processed through secure, third-party payment service providers.

Lawful Basis for Processing Personal Data

Florist Redbridge processes your personal data based on the following lawful grounds as required by the GDPR:

  • Performance of a Contract: Processing your data is necessary to fulfill your order, provide customer service, and deliver floral products.
  • Legal Obligation: We may be required to retain certain data to comply with accounting, taxation, and regulatory requirements.
  • Legitimate Interests: We may use your data to improve our services, prevent fraud, and keep our website secure, always ensuring that your interests and fundamental rights are not overridden.
  • Consent: Where required, we may ask for your explicit consent to process certain data, such as for direct marketing communications. You may withdraw your consent at any time.

How We Use Your Information

Your personal data is used for the following purposes:

  • Processing and fulfilling flower orders and purchases.
  • Delivering products to your chosen address.
  • Communicating with you regarding your order, including order confirmations, delivery updates, or any issues that may arise.
  • Maintaining accurate records for accounting, audit, and regulatory purposes.
  • Improving our products, services, and website functionality.
  • Responding to your inquiries and handling complaints or feedback.

Retention Periods

Florist Redbridge will retain your personal data only as long as necessary for the purposes outlined above:

  • Order and customer data: Retained for up to seven years to comply with accounting and tax laws.
  • Marketing data: Retained until you withdraw consent or opt out of communications.
  • Technical data: Retained in accordance with cookie lifespans or security policies, typically no more than two years.

Upon expiry of these periods, data is securely deleted or anonymized.

Data Sharing and Processors

To deliver our services, Florist Redbridge may share personal data with trusted third-party data processors. These may include:

  • Payment Service Providers: Facilitate secure payment processing.
  • Delivery Partners: Ensure timely and accurate delivery of your order.
  • IT and Hosting Providers: Support our website and data storage infrastructure.
  • Professional Advisors: Such as accountants or consultants for compliance with legal obligations.

All such third-party processors are bound by data processing agreements and are required to implement appropriate security measures, process data only as instructed, and comply fully with the GDPR.

We do not sell or rent your personal information to third parties.

Data Security

Florist Redbridge takes the security of your personal data very seriously. We use appropriate organizational and technical safeguards, such as encrypted communications, secure servers, and access controls, to protect against unauthorized access, alteration, or disclosure of your data.

Your Rights Under GDPR

Under the GDPR, you have the following rights in relation to your personal data:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Correct inaccuracies in your personal data.
  • Right to Erasure: Request deletion of your data when it is no longer necessary for the purposes collected, or where you have withdrawn consent.
  • Right to Restrict Processing: Request restriction of how we use your data in certain circumstances.
  • Right to Data Portability: Request transfer of your data to another service provider in a structured, commonly used format.
  • Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: If processing is based on consent, you may withdraw this at any time.

To exercise your rights, please contact us using the details on our website or via the contact form.

Children's Privacy

Florist Redbridge’s services are not intended for use by children under the age of 16, and we do not knowingly collect data from children. If we become aware that we have unintentionally collected personal information from a child, we will promptly delete such data.

Updates to This Policy

Florist Redbridge may update this Privacy Policy from time to time to reflect legal, technical, or business changes. When we do, we will update the date at the end of this document. We encourage you to review this policy regularly to stay informed of how we protect your privacy.

Contact and Complaints

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us through the contact information provided on our website. If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data protection authority.

This Privacy Policy was last updated in June 2024.