Privacy Policy for Flower Delivery Hillingdon

Introduction

This Privacy Policy explains how Flower Delivery Hillingdon collects, uses, discloses, retains, and protects your personal data when you place an order for flower delivery services in Hillingdon and the surrounding districts. We are committed to upholding the principles of the General Data Protection Regulation (GDPR) and ensuring your information is handled lawfully and transparently.

Scope of the Policy

This policy applies to all customers who place flower delivery orders with Flower Delivery Hillingdon, whether through our website, by phone, or in person, and who reside in or request delivery to Hillingdon and surrounding districts.

What Personal Data We Collect

We collect only the minimum amount of personal data needed to process your order and provide our services. The types of personal data we may collect include:

  • Identity Data: Name of the sender and, if applicable, the recipient.
  • Contact Data: Delivery address, billing address, telephone number, and, if provided, email address.
  • Order Data: Details about the flowers and products ordered, delivery date and time, and any personal messages or special instructions.
  • Payment Data: Anonymous transactional data through payment providers (Flower Delivery Hillingdon does not store full payment card details).
  • Communication Data: Records of queries, feedback, or complaints sent by you regarding your order or our services.

Lawful Basis for Processing

Flower Delivery Hillingdon processes your personal data on the following lawful grounds, as defined under GDPR:

  • Contractual Necessity: Processing is required to fulfill your order, including delivery and communication about your order.
  • Legitimate Interests: Where appropriate, we process data to improve our services, ensure security, and prevent fraud, provided your rights do not override these interests.
  • Legal Obligations: In some cases, we process data to meet regulatory or tax requirements.
  • Consent: Where processing is not covered by the above, we will ask for your explicit consent, for example, for any marketing communications.

How We Use Your Data

We use your personal data for the following purposes:

  • To process and deliver your flower order accurately and on time.
  • To communicate with you about your order status and respond to your inquiries.
  • To improve our products and services based on customer preferences and feedback.
  • To keep financial and transaction records in line with legal and tax obligations.
  • To protect against or identify potential fraud or abuse of our services.
  • With your consent, to send occasional updates or promotional offers (opt-in required).

How We Store and Secure Your Data

Your personal data is stored securely using appropriate technical and organizational measures to protect against unauthorized access, loss, or theft. Access to your personal data is limited to those employees and third-party service providers who require the information to process your order or administer our services.

Data Retention

We keep your personal data only for as long as is necessary for the purposes for which it was collected, and as required by law. In most cases, your core order data is retained for up to seven years to comply with tax and regulatory requirements. After this period, your data is securely deleted or anonymised. Marketing data is held until you withdraw your consent or unsubscribe.

Processors and Third Parties

Flower Delivery Hillingdon may use trusted third-party processors to help us deliver our services. These may include:

  • Payment processing companies for secure transaction handling.
  • IT service providers who maintain our website and order management systems.
  • Courier or delivery partners for order fulfillment.

All our processors are contractually obliged to process personal data strictly as instructed by us and in line with GDPR requirements. We do not allow any third-party providers to use your data for their own purposes.

Your Rights Under GDPR

As a customer of Flower Delivery Hillingdon, you have the following rights concerning your personal data:

  • The right to access: You can request a copy of your personal data held by us.
  • The right to rectification: You can ask us to correct any inaccuracies in your personal data.
  • The right to erasure: In certain circumstances, you may request that we delete your personal data.
  • The right to restrict processing: You can request a restriction on how your data is processed in specific situations.
  • The right to object: You may object to processing based on legitimate interests or for direct marketing purposes.
  • The right to data portability: You have the right to receive your data in a structured, commonly used, and machine-readable format for transfer to another provider.
  • The right to withdraw consent: Where processing is based on consent, you may withdraw this at any time.

If you wish to exercise any of these rights, please contact us using the details provided at the end of this policy or through the methods available on our website. We will respond within one month of receiving your request.

Data Transfers Outside the UK/EEA

Your personal data is generally processed within the UK. If it is necessary to transfer data outside the UK or European Economic Area, we ensure that adequate safeguards are in place to protect your data in accordance with GDPR requirements.

Children's Data

Our services are intended for use by adults. We do not knowingly collect data from children under the age of 16 without appropriate parental consent.

Changes to This Privacy Policy

Flower Delivery Hillingdon reserves the right to update or amend this policy from time to time. Any changes will be published on our website and will apply from the time of posting. Please check back periodically to ensure you remain informed about how we protect your data.

Contact and Concerns

If you have any questions about this policy, wish to exercise your data protection rights, or have concerns about how we handle your data, please contact us using the contact details provided on our website. You also have the right to lodge a complaint with the Information Commissioner's Office if you believe your rights under GDPR have been infringed.