Privacy Policy for Hampstead Garden Suburb Florist

Introduction

This Privacy Policy explains how Hampstead Garden Suburb Florist ('we', 'our', or 'us') collects, uses, stores, and protects your personal information in compliance with the General Data Protection Regulation (GDPR). We are committed to safeguarding your privacy while providing flower delivery and related services to customers ordering from Hampstead Garden Suburb and surrounding districts.

Scope of This Policy

This policy applies to all individuals placing flower orders with Hampstead Garden Suburb Florist whether via telephone, in person at our shop, or through our online shopping service, and who reside or require delivery in Hampstead Garden Suburb and adjacent districts.

Information We Collect

To process your orders and provide a personalised service, we may collect the following personal data:

  • Contact information: such as your name, delivery address, recipient’s name and address, and telephone number.
  • Order details: including products purchased, desired delivery date, and any special instructions or messages.
  • Payment information: (such as payment method and transaction identifiers) required to process your payment via secure third-party platforms.
  • Communication records: such as order-related correspondence, queries, or feedback you provide to us.
  • Technical data: such as IP address and browser type (only when you interact with our website).

Lawful Basis for Processing

We process your personal data under the following lawful bases as defined in Article 6 of the GDPR:

  • Contractual Necessity: Processing is necessary to fulfil your order and deliver goods and services you have requested.
  • Legal Compliance: Certain information may be required to comply with legal obligations, such as accounting and tax regulations.
  • Legitimate Interests: We process data for legitimate business interests, such as improving our services or handling customer complaints, in a way that does not infringe on your rights or freedoms.
  • Consent: If required, such as for marketing communications, we will obtain your explicit consent, which you may withdraw at any time.

How We Use Your Data

Your personal data will be used for the following purposes:

  • Processing and delivering your orders.
  • Communicating with you about your order and responding to enquiries.
  • Managing payments, and where necessary, issuing refunds.
  • Complying with any legal or regulatory requirements.
  • Improving our services and customer experience.
  • With your permission, sending you information about special offers or updates relevant to our products and services.

Data Retention Periods

We only retain your personal data for as long as is necessary to fulfil the purposes for which it was collected. Order details and related personal data are typically retained for up to seven years to comply with legal, accounting, and tax obligations. After this period, your data will be securely deleted or anonymised except where continued retention is required by law or for the establishment, exercise, or defence of legal claims.

Third-Party Data Processors

To support our business operations and provide efficient service delivery, we use carefully selected third-party data processors who process your information on our behalf, strictly according to our instructions. Categories of such processors include:

  • Payment processing providers, to securely handle payment transactions.
  • IT service providers, such as web hosting, email, and cloud storage services.
  • Delivery partners, where necessary to fulfill local or national deliveries outside our primary delivery area.
  • Professional advisers, such as accountants or legal consultants, solely for formulating compliance or legal obligations.

Each processor is required to maintain appropriate confidentiality and security measures, in line with GDPR requirements. We do not sell or otherwise share your personal data with unrelated third parties for marketing purposes.

International Data Transfers

We endeavour to store and process your data within the UK and European Economic Area (EEA). If it becomes necessary for your data to be transferred outside this area by one of our processors, we shall ensure that appropriate safeguards are in place to maintain the security of your information.

Data Security

We implement suitable technical and organisational measures to safeguard your personal data against accidental loss, unauthorised access, misuse, alteration, or disclosure. Only authorised personnel are given access to your information as required to fulfil their duties.

Your GDPR Rights

As an individual whose personal data we process, you have the following rights under the GDPR:

  • Right to access: Obtain a copy of your personal data we hold.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Ask for your data to be deleted where there is no overriding legal reason for retention.
  • Right to restrict processing: Request a halt to processing under certain circumstances.
  • Right to data portability: Receive your data in a usable electronic format or request its direct transmission to another controller.
  • Right to object: Object to certain types of processing, such as direct marketing or where processing is based on legitimate interests.
  • Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
  • Right to lodge a complaint: You have the right to complain to your relevant data protection authority if you believe your rights have been infringed.

To exercise any of these rights, or for further information about this Privacy Policy, please contact us using the details provided in-store or on our official communications channels.

Policy Updates

We may review and update this Privacy Policy from time to time to address changes in our business, legal requirements, or technology. Please check this policy periodically to stay informed about how we protect your data.

Contact and Further Information

If you have any questions about your personal data or this Privacy Policy, please contact us in-store or via the contact information provided on our official documentation. We are committed to assisting you with any concerns regarding your privacy and data rights.