Flower Delivery Chigwell Customer Privacy Policy

Introduction

This Privacy Policy explains how Flower Delivery Chigwell collects, uses, stores, and protects your personal data in accordance with the General Data Protection Regulation (GDPR). It applies to all customers placing Flower Delivery Chigwell orders from Chigwell and the surrounding districts. Please review this policy carefully to understand your rights and our obligations regarding your personal information.

Data We Collect

When you place an order with Flower Delivery Chigwell, we collect only the data necessary for processing and delivering your flower order. The categories of personal data we collect may include:

  • Contact Information: Name, address, delivery address, billing address, and phone number.
  • Order Details: Order history, flower selections, delivery preferences, recipient details (name and address), and messages to recipients.
  • Payment Information: Payment card details or payment transaction records, which are processed securely by our payment processor. We do not retain full payment card information on our systems.
  • Communication Records: Correspondence with us, including order confirmations, queries, feedback, and complaints.
  • Technical Information: When you use our website, we may collect IP address, browser type, and usage data to improve functionality and security.

Lawful Basis for Processing

Under the GDPR, we are required to identify a lawful basis for processing your personal information. For Flower Delivery Chigwell, our lawful bases are as follows:

  • Performance of a Contract: Most of the personal data we process is necessary to fulfill our contract with you when you place an order (such as processing payments and delivering flowers).
  • Legal Obligation: Certain processing is required for us to comply with financial, tax, or regulatory obligations.
  • Legitimate Interest: We may process your data to improve our services, support customer queries, prevent fraud, or ensure security, provided these interests do not override your fundamental rights.
  • Consent: Where required, for example, for direct marketing communications, we will ask for your explicit consent, which you may withdraw at any time.

How We Use Your Data

Your personal data is used for the following purposes:

  • Processing, fulfilling, and delivering your orders.
  • Contacting you regarding order statuses or any issues related to your purchase.
  • Managing your account, if applicable.
  • Handling billing and payments.
  • Responding to queries and addressing customer service issues.
  • Improving our website, services, and order experience.
  • Complying with legal/regulatory requirements.
  • Sending customer service communications. (You will only receive marketing communications if you have consented.)

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal, accounting, or reporting obligations:

  • Order Information: Retained for up to 7 years to comply with legal and tax obligations.
  • Communication Records: Retained for a minimum of 2 years for customer support purposes and quality assurance.
  • Marketing Preferences: Retained until you withdraw your consent or unsubscribe from communications.
  • Technical Information: Retained for up to 1 year for security and analytical purposes.

After the retention period, your data will be securely deleted or anonymised.

Third Party Data Processors

To deliver our services efficiently, we engage trusted third-party providers who process information on our behalf. These include:

  • Payment Processors: Facilitate secure payment transactions for your orders.
  • Delivery Partners: Assist in delivering your orders to the correct address.
  • IT and Website Hosting Services: Provide website infrastructure, security, and backup services.
  • Customer Support Tools: Aid our team in managing communication and resolving issues promptly.

All third-party processors are contractually obligated to process your personal data securely, use it only as instructed by us, and in accordance with data protection laws. We do not sell, rent, or trade your personally identifiable data with other organizations for marketing purposes.

Your Rights Under GDPR

As a customer in Chigwell and the surrounding areas, you have several rights concerning your personal data under the GDPR. These include:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can ask us to correct or update inaccurate or incomplete data.
  • Right to Erasure: You can request deletion of your data in certain circumstances, such as where it is no longer needed for our legitimate purposes.
  • Right to Restrict Processing: You may request that we limit the way we use your personal data.
  • Right to Data Portability: You may request a transferable copy of your data (where applicable).
  • Right to Object: You may object to certain types of processing, such as direct marketing or where processing is based on legitimate interests.
  • Right to Withdraw Consent: Where you have provided consent, you may withdraw it at any time. This does not affect the lawfulness of processing prior to withdrawal.

If you wish to exercise any of these rights, please use the contact form provided on our website. We will respond to all requests within the timelines prescribed by GDPR.

Data Security

We are committed to ensuring your information is secure. We implement appropriate technical and organizational measures to protect the personal information we hold against unauthorized access, disclosure, alteration, or destruction. Our security measures are regularly reviewed and updated to reflect best practices.

International Data Transfers

Your personal information is primarily processed within the United Kingdom and the European Economic Area (EEA). If, in rare circumstances, we transfer data outside the EEA, we ensure that such transfer is subject to appropriate safeguards, such as standard contractual clauses, to protect your privacy rights.

Updates to This Privacy Policy

We may review and update this privacy policy from time to time. Revised versions will be posted on our website with an updated revision date. We encourage you to revisit this policy regularly to stay informed about our information practices.

Contact Us

If you have any questions about this Privacy Policy or how your data is handled, please use the contact form on our website to reach our data protection officer or customer support team. We are committed to promptly addressing your privacy concerns.