Flower Delivery Harrow on the Hill Privacy Policy

Our Commitment to Your Privacy

At Flower Delivery Harrow on the Hill, we are dedicated to respecting and protecting the privacy of our customers. This Privacy Policy describes how we collect, use, retain, and protect your personal data when you place flower delivery orders with us, whether you are located in Harrow on the Hill or in the surrounding districts. We process your personal data in accordance with the General Data Protection Regulation (GDPR), ensuring transparency, security, and respect for your rights.

Scope of This Policy

This Privacy Policy applies to all individuals who interact with Flower Delivery Harrow on the Hill services, specifically customers placing flower delivery orders from Harrow on the Hill and nearby areas. By placing an order with us, you accept the practices described in this policy.

What Data We Collect

In order to provide and improve our flower delivery services, we collect and process certain personal data. The types of data we may collect include:

  • Identity Data: Full name, title.
  • Contact Data: Delivery address, billing address, phone number, and (if provided) other contact details.
  • Transaction Data: Details of the orders you place, including items purchased, delivery instructions, dates and times, and payment confirmation information. (Note: Detailed financial data such as payment card numbers are processed only by our payment providers and are not stored by us.)
  • Recipient Data: Name, address, and phone number of the person receiving the delivery if different from the customer.
  • Communication Data: Information you provide when contacting us for enquiries, complaints, or customer support.
  • Technical Data: Basic data such as IP address, browser type, and access times if you use our website for placing orders.

Lawful Basis for Processing

We process your personal data based on the following lawful bases under GDPR:

  • Contractual necessity: To fulfil our contract with you for delivering flowers, processing payments, and handling any customer requests related to your order.
  • Legal obligations: To comply with applicable legal requirements, such as tax and accounting rules.
  • Legitimate interests: To improve our services, provide customer support, prevent fraud, and protect the security of our services, provided these interests are not overridden by your rights.
  • Consent: In cases where we may ask for your explicit consent (for example, to send you marketing materials), we will do so in a clear and specific manner. You have the right to withdraw your consent at any time.

How We Use Your Personal Data

Your data helps us to:

  • Process and deliver your flower orders accurately and efficiently.
  • Contact you with updates about your order or in the event of any issues.
  • Manage customer relationships and respond to your enquiries.
  • Comply with our legal and accounting obligations.
  • Improve our products, services, and customer experience.
  • Monitor and secure our servers and website against misuse or unauthorised access.

Retention of Your Data

We retain customer personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with our legal and regulatory obligations. Generally, we keep order-related data for up to six years to comply with accounting and tax laws. After this, your personal data is securely deleted or anonymised unless we are required by law to retain it for a longer period.

Data Processors and Sharing with Third Parties

We do not sell or rent your personal data to any third parties. However, we may share your data with trusted service providers that help us deliver our flower delivery services, such as:

  • Payment Processors: For processing your payments securely.
  • Couriers and Delivery Partners: To deliver flowers and gifts to the designated recipients.
  • IT and System Administrators: For operation and support of our website and order management systems.
  • Professional Advisors: Including accountants, legal advisors, and auditors where necessary for business operations and compliance.

All third parties are required to respect the security of your personal data, process it only according to our instructions, and comply with GDPR.

International Data Transfers

Your personal data is generally processed and stored within the United Kingdom or the European Economic Area (EEA). If for any reason your data needs to be transferred outside these areas, we ensure that adequate safeguards are in place to protect your data rights in accordance with GDPR.

Your Data Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access: Ask for a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Ask us to delete your personal data under certain circumstances.
  • Right to Restrict Processing: Request the restriction of processing your personal data in limited situations.
  • Right to Data Portability: Request a copy of your data in a machine-readable format or transfer it to another service provider.
  • Right to Object: Object to our processing of your personal data based on legitimate interests.
  • Right to Withdraw Consent: If we process your data based on consent, you may withdraw your consent at any time.

If you wish to exercise any of these rights, please contact us using the contact details provided on our website. We will respond to your request as soon as practicable and within the legally required timeframes.

Data Security

We take the security of your data seriously. We use appropriate technical and organisational measures to safeguard your personal data against loss, unauthorised access, alteration, disclosure, or destruction. These measures include secure systems, encryption, restricted access, and regular data protection training for our staff.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal reasons. Any substantial changes will be communicated to you where appropriate, for example via our website or when you next place an order.

Contact Us

If you have any questions about how we handle your personal data or about your rights under GDPR, please refer to the contact information provided on our website. We are committed to addressing your queries and concerns promptly and transparently.

This policy was last updated in June 2024.