Privacy Policy for Flowers Harlesden Customers

Introduction

This Privacy Policy outlines how Flowers Harlesden collects, uses, and protects your personal data in accordance with the General Data Protection Regulation (GDPR). It applies to all individuals placing orders with Flowers Harlesden, whether residing in Harlesden or the surrounding districts.

Who We Are

Flowers Harlesden is committed to safeguarding the privacy and rights of its customers. As a data controller, we determine the purposes and means of processing your personal data when you use our services.

What Personal Data We Collect

We collect the following categories of personal information from customers placing orders with Flowers Harlesden:

  • Identification Data: Name, contact address, delivery address.
  • Contact Information: Phone number, email address provided during order placement.
  • Payment Data: Transaction details (note: Flowers Harlesden does not store full payment card information; payments are processed via secure third-party providers).
  • Order Details: Products ordered, messages for recipients, delivery instructions, purchase history.
  • Technical Data: IP address, browser details, and device type when you interact with our website (for site analytics and security purposes).

The Lawful Basis for Processing Your Data

We only process your personal data when permitted by law. Our legal bases under GDPR are:

  • Performance of a Contract: Most information is processed to fulfill your order and deliver flowers or related products as requested.
  • Legal Obligations: Some personal data (such as transaction records) must be retained and processed to comply with accounting, tax, and legal responsibilities.
  • Legitimate Interests: We may use anonymized data for service improvement or to ensure network and information security. This never overrides your fundamental rights and freedoms.
  • Consent: When required, we request your clear consent (for example, to send marketing communications). You have the right to withdraw consent at any time.

How We Use Your Data

Your data is used for the following purposes:

  • Processing and delivering your flower orders efficiently.
  • Contacting you regarding your orders or in response to your queries.
  • Personalizing your customer experience and internal record keeping.
  • Fulfilling necessary legal obligations and resolving disputes.
  • Conducting service analysis and making website improvements (using aggregated, non-identifiable data whenever possible).

Who May Access Your Data: Data Processors and Third Parties

To fulfill your orders and operate our business securely, we share your data only with trusted organizations acting as data processors under our instructions. These may include:

  • Payment processors for secure handling of transactions (we do not retain your full payment card details).
  • Delivery couriers to ensure your order reaches the intended recipient.
  • Service providers supplying website hosting, technical support, or analytics, strictly as needed to support our operations.

All such third-party processors are bound by contract to comply with GDPR and protect your information. We do not sell your personal data or share it without lawful basis.

International Transfers

Your data is generally stored and processed within the UK or European Economic Area (EEA). If there is any need to transfer your data outside the EEA, such transfer will only occur with appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission.

How Long We Retain Your Data

Your personal data is retained only as long as is necessary:

  • Order and transaction information: Kept for up to seven years to fulfill legal, tax, and accounting obligations.
  • Customer service communications: Retained for two years to monitor and improve service quality.
  • Technical logs and site analytics: Stored for a maximum of twelve months, in aggregate, anonymized form where possible.

Once the relevant retention period has expired, your data is securely deleted or anonymized.

Your Rights Under The GDPR

As a Flowers Harlesden customer, you have the following rights over your personal information:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Ask us to correct any inaccurate or incomplete data.
  • Right to erasure: Request deletion of your data where there is no lawful reason for its continued processing.
  • Right to restrict processing: Ask us to limit how your data is used in specific circumstances.
  • Right to data portability: Receive your personal data in a machine-readable format or have it sent to another organization at your request.
  • Right to object: Object to processing when based on legitimate interests or direct marketing.
  • Right to withdraw consent: Withdraw consent at any time for processing reliant upon it, without affecting prior lawful processing.

Security of Your Personal Data

Flowers Harlesden employs strict technical and organizational measures to ensure your personal data is protected. These include encrypted communications, access controls, and secure records management. In the unlikely event of a data breach, we will notify affected individuals and regulatory authorities where required by law.

Making a Complaint

If you have any concerns about how Flowers Harlesden uses your data, please contact us in the first instance to resolve your concerns. If you remain unsatisfied, you have the right to lodge a complaint with your local data protection authority.

Policy Updates

We may make periodic updates to this Privacy Policy to reflect changes in regulations or our data handling practices. Please check regularly to stay informed about how we protect your privacy.

Scope of This Policy

This Privacy Policy applies to all Flowers Harlesden customers placing orders from Harlesden and the surrounding districts. By using our services, you acknowledge that you have read and understood this policy.