Protecting Your Data at The Flower Shop London

The Flower Shop London Privacy Policy

Scope of This Privacy Policy

This Privacy Policy outlines how The Flower Shop London collects, uses, stores, and safeguards your personal data when you place an order with us. It applies to all customers ordering from The Flower Shop London in the city and neighbouring districts. By using our services or making a purchase, you agree to the terms described in this policy, as required under the General Data Protection Regulation (GDPR).

What Personal Data We Collect

To provide our products and services, The Flower Shop London may collect and process the following types of personal data:

Contact Information: Your name, delivery address, billing address, and phone number.
Order Details: Details of the products you purchase, recipient’s name and delivery information, and any special instructions.
Payment Information: Payment card details or other payment-related data (processed securely by payment providers).
Communication Records: Messages, queries, or feedback you send to us through web forms or customer service platforms.
Technical Data: IP address, device information, and cookies (when you access our website), where applicable.

Lawful Basis for Processing

Under the GDPR, we are required to identify the lawful basis on which we collect and process your personal data. The Flower Shop London relies on the following bases:

Contractual Necessity: Most data we collect is necessary for us to fulfill orders, deliver flowers, and provide customer support.
Legal Obligation: Some information is required by law for purposes such as record-keeping, accounting, or tax obligations.
Legitimate Interests: We may process your data to improve our services, prevent fraud, and ensure the security of our operations, provided these interests are not overridden by your rights.
Consent: Where we use your data for marketing purposes, we will obtain your explicit consent in advance and provide a clear option to withdraw at any time.

How We Use Your Personal Data

Your personal data is used for the following purposes:

Processing and delivering your orders, including managing payment and arranging delivery to you or the recipient.
Communicating with you regarding your order, special requests, or customer service inquiries.
Fulfilling our legal and regulatory obligations, including tax and accounting requirements.
Improving our products, services, and website functionality, subject to applicable laws on analytics and cookies.
Sending you marketing communications, only where you have consented to this.

How Long We Keep Your Data

We will only retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements. In most cases, order and customer records are retained for up to seven years from the date of your purchase to comply with UK tax and business laws. After that period, records are deleted or anonymised, unless an ongoing business need exists.

Third Parties and Data Processors

The Flower Shop London works with trusted third-party service providers who process data on our behalf. These may include:

Payment Processors: Secure processing of your payments and refunds.
Delivery Partners: Exclusive use of your name, address, and contact details to ensure accurate order delivery.
IT and Hosting Providers: Hosting and maintaining our website and digital infrastructure.
Professional Advisors: Accountants, auditors, or legal advisers for business compliance.

All third-party processors are contractually bound to protect your data in accordance with this policy and GDPR requirements. We do not sell or lease your personal data to any third parties for marketing purposes.

International Transfers

In principle, your personal data is processed and stored within the United Kingdom and the European Economic Area (EEA). If we ever need to transfer data outside of these regions, it will only be done with appropriate safeguards in place as required by GDPR to ensure your data remains protected.

Your Rights Under GDPR

You have several important rights in relation to your personal data, as follows:

Right to Access: Request access to your personal data and receive a copy.
Right to Rectification: Request correction of inaccurate or incomplete data.
Right to Erasure: Request deletion of your personal information in certain circumstances (‘right to be forgotten’).
Right to Restriction: Request restriction of processing where you contest the data’s accuracy or lawfulness.
Right to Data Portability: Request a copy or transfer of your data in a machine-readable format.
Right to Object: Object to processing, especially where processing is for direct marketing purposes or legitimate interests.
Right to Withdraw Consent: If processing is based on consent, you can withdraw this at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us using the details provided on our website or in your order confirmation documentation.

How We Keep Your Data Secure

The Flower Shop London is committed to the highest standards of security. We implement appropriate technical and organisational measures to protect your data from loss, misuse, unauthorised access, alteration, or disclosure. These measures include encrypted connections, secure servers, controlled access, staff training, and regular security reviews.

Updates to This Privacy Policy

This policy may be updated from time to time to reflect changes in the law or in our processes. The latest version will always be available on our website and is effective from the date of publication. We encourage customers to review this policy periodically.

Contacting Us

If you have questions or concerns regarding this Privacy Policy or our processing of your personal data, please reach out to us through the contact options available on The Flower Shop London’s website. We will respond to your enquiries as promptly as possible and take appropriate steps to address your concerns.