Privacy Policy for Flowers Finsbury Park Customers

Introduction

This Privacy Policy explains how Flowers Finsbury Park (“we”, “our”, or “us”) collects, uses, discloses, and protects your personal data in accordance with the General Data Protection Regulation (GDPR). This policy applies to all customers placing orders with Flowers Finsbury Park within Finsbury Park and the surrounding districts. We are committed to handling your personal data responsibly and transparently.

What Data We Collect

We collect and process various types of personal data necessary for providing our products and services. Typically, the data we collect includes:

  • Identity Data: Full name, title, and, where appropriate, details of the recipient for flower deliveries.
  • Contact Data: Billing and delivery address, phone number, and any other relevant contact details required for completing your order.
  • Transaction Data: Details about payments to and from you, and other details of products and services you have purchased from us.
  • Order Information: The specific products you order, special instructions (such as delivery notes), and any messages to accompany flowers.
  • Technical Data: Internet protocol (IP) address, browser type and version, time zone setting, browser plug-in types, operating system, platform, and other technology on the devices you use to access our website or place orders, when applicable.
  • Usage Data: Information about how you use our website, products, and services.
  • Marketing & Communications Data: Your preferences in receiving marketing communications from us and your communication preferences, if you choose to subscribe to updates.

Lawful Basis for Data Processing

We process your personal data under specific lawful bases as required by the GDPR:

  • Contractual Necessity: To fulfil our contract with you when you place an order or make a purchase.
  • Legitimate Interests: To manage our business operations effectively, analyse usage, improve services, and ensure our services meet your needs, provided these interests are not overridden by your rights or interests.
  • Legal Obligation: To comply with laws and statutory requirements regarding business and financial records, fraud prevention, and other regulatory matters.
  • Consent: For sending marketing communications via email or other channels, where you have given clear consent. You may withdraw consent at any time.

How We Use Your Data

Your personal data is used for the following purposes:

  • Processing and completing your flower orders, including delivery and invoicing.
  • Communicating with you regarding your order status or responding to inquiries.
  • Improving our products, services, and website through usage analysis and customer feedback.
  • Complying with applicable accounting, tax, and legal obligations.
  • Sending promotional offers and updates, if you opt in to marketing communications.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including for satisfying any legal, accounting, or reporting requirements. Specifically:

  • Order and Transaction Data: Retained for up to seven years to comply with legal and tax obligations.
  • Marketing Preferences: Retained until you withdraw your consent or opt out of marketing communications.
  • Technical and Usage Data: Retained for a shorter period (typically up to 24 months) for analysis and improvement purposes.

After these periods, your personal data is securely deleted or anonymised.

Processors and Third Parties

We use trusted third-party service providers (“processors”) to help us operate our business and provide services. These may include:

  • Payment processors for handling payments securely.
  • Delivery and courier partners for ensuring timely flower deliveries.
  • IT and website hosts for storing data and ensuring service reliability.
  • Marketing partners for sending opted-in communications.

All our processors are contractually required to handle your personal data with the highest level of security and in compliance with GDPR. We do not sell or rent your personal data to any third party for marketing purposes.

Your Rights Under GDPR

You have the following rights concerning your personal data, as outlined by the GDPR:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can ask us to correct any inaccurate or incomplete data.
  • Right to Erasure: You can request the deletion of your data under certain circumstances (the "right to be forgotten").
  • Right to Restrict Processing: You can restrict our processing of your personal data in specific situations.
  • Right to Data Portability: You can ask us to provide your data in a structured, commonly used, and machine-readable format and have it transferred to another service provider.
  • Right to Object: You can object to the processing of your data for direct marketing purposes or where processing is based on legitimate interests.
  • Right to Withdraw Consent: Where processing is based on consent, you can withdraw your consent at any time.
  • Right to Complain: You have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated.

Security of Your Data

We take appropriate technical and organisational security measures to protect your data against unauthorised or unlawful processing and against accidental loss, destruction, or damage. Our security procedures are regularly reviewed in line with technological developments and regulatory changes.

Policy Updates

We may revise this Privacy Policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons. Any changes will be posted on this page, and we encourage you to review it periodically.

Contacting Us

If you have any questions about this Privacy Policy, your personal data, or your rights, please contact our customer care team. We take your privacy seriously and are committed to responding to your concerns promptly and transparently.