Privacy Policy for Florist Gidea Park Customers

Introduction

At Florist Gidea Park, we are committed to preserving the privacy and safeguarding the personal data of all our customers. This Privacy Policy provides clear information about how we collect, use, store, and protect your data in accordance with the General Data Protection Regulation (GDPR). The policy applies to all individuals placing Florist Gidea Park orders from Gidea Park and surrounding districts.

What Personal Data We Collect

When you interact with Florist Gidea Park, either through our website, by phone, or in person, we collect and process specific categories of personal data. This typically includes:

  • Contact Details: Your name, delivery address, billing address, and contact information.
  • Order Details: Purchase information, order history, recipient details, and any delivery instructions.
  • Payment Details: Payment card details (processed securely through third-party payment processors), billing address, and transaction records.
  • Communication Records: Correspondence via our customer service channels and feedback you provide.
  • Website Usage Data: IP address, browser type, device identifiers, cookies, and usage statistics (if you interact with our online services).

We do not collect or process any special categories of personal data such as health information, ethnicity, or political opinions.

The Lawful Basis for Processing Your Data

We only process your personal data where we have a valid legal basis under the GDPR. The main bases for processing include:

  • Contractual Necessity: To fulfill your order and provide products and services you have requested.
  • Legal Obligation: To comply with the law; for example, we keep transaction records for tax purposes.
  • Legitimate Interests: To understand and improve our products and services, detect and prevent fraud, and administer our business operations.
  • Consent: When you have provided explicit consent, such as subscribing to marketing communications (which you may withdraw at any time).

How We Use Your Personal Data

Your information is used for the following purposes:

  • Processing and delivering your flower orders, including communicating with you about your order status.
  • Managing payments and refunds securely.
  • Providing tailored customer service and support.
  • Keeping legal and financial records as required by law.
  • Improving our services, including website experience and product range, based on usage statistics and feedback.
  • Sending you information about our products and services, only where you have opted in.

Sharing and Processors

Florist Gidea Park only shares your data with trusted third parties where this is necessary to fulfil your order, operate our services, or comply with the law. Examples include:

  • Payment service providers: To securely process card payments. We do not store your full payment card details.
  • Delivery partners: For ensuring your order reaches the correct address and recipient.
  • IT and system providers: Entities that supply or maintain our order management, website, and email systems.
  • Legal and professional advisors: Only if required for legal proceedings or compliance.

We ensure that all data processors and service providers operate in accordance with GDPR standards. Your personal data is never sold or shared for external marketing purposes.

Data Retention

We only retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including statutory, accounting, or reporting obligations. Typically, this means:

  • Order and transaction data are retained for up to six years from the end of our relationship, in line with legal record-keeping requirements.
  • Communication and feedback records are kept only as long as needed to address your enquiry or improve services.
  • Where the lawful basis is consent (such as marketing), we retain this data until you withdraw consent or request deletion.

Once data is no longer required, it is securely deleted or anonymised.

Your Rights Under the GDPR

The GDPR gives you important rights regarding your personal data held by Florist Gidea Park. These include:

  • Right to Access: You may request a copy of your personal data and information on how it is processed.
  • Right to Rectification: You may require that inaccurate or incomplete data be corrected without undue delay.
  • Right to Erasure: Also known as the 'right to be forgotten', you can request deletion of your data where there is no lawful reason for retaining it.
  • Right to Restrict Processing: You can request us to limit the processing of your data in certain circumstances.
  • Right to Data Portability: You can ask to receive your data in a structured, machine-readable format to transfer to another provider.
  • Right to Object: You have the right to object to processing, especially concerning direct marketing.

If you wish to exercise any of these rights or have a complaint about how we handle your data, please contact our customer service team. We will respond to requests and concerns in accordance with GDPR requirements.

Security of Your Data

We take appropriate technical and organisational measures to maintain the security, confidentiality, and integrity of your personal data. These include secure servers, encrypted payment processes, restricted access, and staff training. While we strive to protect your information, please note that no transmission over the internet can be guaranteed as 100% secure.

International Data Transfers

Your personal data is primarily stored and processed within the United Kingdom and European Economic Area. If we transfer data outside this region (for example, due to an IT provider), we will ensure appropriate safeguards are in place in line with GDPR requirements.

Changes to Our Privacy Policy

This Privacy Policy may be updated from time to time to reflect changes in our processes or legal requirements. Any updates will be promptly published on our website. We encourage you to check this policy periodically to stay informed.

Contact and Further Information

If you have any questions about this policy, your rights, or how we use your information, please contact us through our standard customer service channels. We are committed to assisting you in understanding and exercising your data rights and handling all privacy concerns transparently.