Flowers Harold Wood Privacy Policy

Introduction

This Privacy Policy explains how Flowers Harold Wood ("we,“ "our,” or "us,") collects, stores, uses, and protects personal data provided by customers placing orders within Harold Wood and surrounding districts. Your privacy is of paramount importance, and we are committed to handling your data fairly, securely, and in accordance with the UK General Data Protection Regulation (GDPR).

Scope of This Policy

This Privacy Policy applies to all individuals who interact with Flowers Harold Wood, including placing orders via any method (such as phone, in person, or through an online platform) from Harold Wood and its surrounding districts. By using our services, you acknowledge that you have read and understood the information set out within this policy.

What Personal Data We Collect

We collect various categories of personal data to fulfill flower orders and related services. These may include:

  • Identity Information: Customer name, recipient name
  • Contact Details: Delivery address, billing address, phone number
  • Order Information: Details of products and services purchased, order history, messages or notes to recipients
  • Payment Information: Payment method and relevant transaction details (note: actual payment details may be handled by third-party processors and not stored by us)
  • Correspondence Data: Any communications you send us, including feedback or customer service queries

We do not intentionally collect special categories of personal data (e.g., health or sensitive information) unless absolutely necessary and only with explicit consent.

Lawful Basis for Processing Personal Data

Under the GDPR, we must have a valid lawful basis for processing personal data. Flowers Harold Wood processes customer data primarily on the following bases:

  • Contractual Necessity: Processing your information is necessary to fulfill your order and deliver products and services you requested.
  • Legal Obligation: We may need to retain certain records to comply with laws and regulations (such as tax rules or consumer protection legislation).
  • Legitimate Interests: Where it is necessary for our legitimate business interests (such as record-keeping, improving services, or handling complaints) and your interests and fundamental rights do not override those interests.
  • Consent: Where we rely on your consent, such as for direct marketing, you can withdraw this consent at any time.

How We Use Your Information

Flowers Harold Wood uses your data to:

  • Process and deliver your orders
  • Send service-related communications (order status, delivery updates)
  • Respond to your enquiries or feedback
  • Improve and enhance our products and services
  • Meet our regulatory and legal obligations

Your data is never sold or shared for purposes unrelated to your direct interaction with Flowers Harold Wood.

How Long We Retain Personal Data

We only retain your personal data for as long as is necessary to fulfill the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements. Typically, order-related data is held for a period of up to six years, unless shorter or longer retention is required by law or to handle ongoing queries or complaints. Once data is no longer needed, it is securely deleted or anonymised.

Use of Data Processors

In some cases, we rely on trusted third-party service providers (data processors) who process your data on our behalf, for example:

  • Payment processing providers (for secure payment authorisation)
  • IT providers supporting our website or order management systems
  • Delivery companies or couriers responsible for order fulfilment

All third-party processors engaged by Flowers Harold Wood are required to handle your data strictly in accordance with applicable data protection laws, following our express instructions, and implementing appropriate security measures.

Data Security

We implement appropriate organisational, technical, and administrative safeguards to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. While we strive for the highest security standards, no method of transmission or storage is completely secure; however, we continually review our processes to mitigate risk.

Your Rights Under GDPR

As a customer residing in the UK or EU, you have the following rights under the GDPR:

  • Access: You may request information about the personal data we hold about you.
  • Rectification: You can ask us to correct any inaccuracies or update incomplete information.
  • Erasure: You have the right to request deletion of your data, subject to lawful retention obligations.
  • Restriction: You can request restriction of processing in certain circumstances.
  • Portability: You can request a copy of your data in a machine-readable format for transfer to another provider.
  • Objection: You may object to the processing of your data where we rely on legitimate interests or direct marketing purposes.
  • Withdraw Consent: Where processing is based on your consent, you can withdraw it at any time.

To exercise any of these rights, please contact us using the contact details provided at the time of ordering or on our company materials. We will respond to your request within the timeframe permitted by law, typically within one month.

Children’s Privacy

Our services are intended for use by adults. We do not knowingly collect personal data from children under 16 years old. If you believe a child has provided us with personal data, please contact us so we can remove this information.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We encourage customers to review this policy periodically. The date of the most recent update will be shown at the top of the document.

Contact For Privacy Queries

If you have any questions about how your data is handled, your rights, or how to make a complaint, please contact us using the details available in your previous customer correspondence or at our place of business. If you remain unsatisfied, you have the right to contact the UK Information Commissioner's Office (ICO).