Flower Delivery Covent Garden Privacy Policy

Introduction

This Privacy Policy outlines how Flower Delivery Covent Garden collects, uses, stores, and protects your personal data when you place an order with us. It is our commitment to respect the privacy and security of our customers, in compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”). This policy applies to all individuals placing Flower Delivery Covent Garden orders from Covent Garden and the surrounding districts.

What Data We Collect

When you use our services to place a flower delivery order, we collect the following categories of personal data:

• Identity information: Name, surname, and, if relevant, company name.
• Contact information: Delivery address, billing address, email address, and telephone number.
• Order details: Product selections, delivery instructions, recipient details, order notes, and messages included with the order.
• Payment information: Transaction details, such as payment method and transaction reference numbers (we do not store complete payment card details as these are processed securely by our payment processors).
• Technical information: IP address, browser type, device information, and cookies (collected through our website for functionality and analytics purposes).

Lawful Basis for Processing

We process your personal data under the following lawful bases, as provided by the GDPR:

• Contractual necessity: Processing your data is necessary for us to fulfil our contract with you, specifically to provide, process, and deliver your orders.
• Legal obligation: We are required to retain certain transactional data for accounting and tax purposes.
• Legitimate interests: We may use your data to maintain and improve our services, address customer service queries, or prevent fraudulent activities. Where we rely on legitimate interests, we ensure that your interests, freedoms, and fundamental rights are adequately protected.
• Consent: For specific activities, such as sending marketing communications, we will request your explicit consent. You may withdraw consent at any time.

How We Use Your Data

Your personal data is used for the following purposes:

• Processing orders, including payment and delivery arrangements
• Sending order confirmations, updates, and delivery notifications
• Responding to customer enquiries and providing support
• Improving our services and website experience
• Compliance with legal and financial obligations
• Sending occasional marketing communications, where you have provided consent

Retention of Personal Data

We retain your personal data only for as long as necessary for the purposes for which it was collected, or as required by applicable laws. Generally, your order and account information is retained for up to seven years to comply with our legal obligations, including accounting and tax requirements. Data used for marketing purposes will be retained until you withdraw your consent or unsubscribe.

Processors and Third Parties

We may engage third-party service providers (“processors”) to help us deliver our services, such as:

• Payment processing providers (to securely handle credit/debit card transactions)
• IT and website support providers (for website hosting, email services, and technical maintenance)
• Courier and delivery partners (to deliver your orders to the correct address)

These processors act on our instructions and are required to adhere to data protection standards equivalent to our own. We do not sell, rent, or otherwise share your personal data with third parties for their own marketing purposes.

Whenever we engage such service providers, we will ensure that your data remains securely protected through legal agreements.

International Data Transfers

If we transfer your personal data outside the United Kingdom or European Economic Area, we guarantee that such transfers occur only where adequate safeguards are in place, such as through use of standard contractual clauses approved by the European Commission.

Your Rights Under GDPR

You have the following rights regarding your personal data:

• Access: You may request a copy of the personal data we hold about you.
• Rectification: You may correct any inaccurate or incomplete data.
• Erasure: You may request the deletion of your personal data, where there is no overriding lawful reason for us to continue to process it.
• Restriction: You may request that we restrict the processing of your data.
• Data portability: You may request to receive your data in a commonly used format and, where feasible, have it transmitted to another provider.
• Objection: You have the right to object to processing of your data based on our legitimate interests or for direct marketing purposes.
• Withdrawal of consent: Where processing is based on consent, you may withdraw this at any time.

To exercise these rights, or for questions about how your personal data is used, you may contact us using the details provided on our website. We will respond to your requests promptly, in line with our legal obligations.

Data Security

We implement appropriate technical and organisational measures to protect your personal information from loss, misuse, unauthorised access, disclosure, alteration, or destruction. This includes secure website management, encrypted communications, and restricted access to personal data within our organisation and among our processors.

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices or relevant legislation. Changes will be posted on our website and, where appropriate, communicated to you directly. The most recent version will always be available for you to review.

Contact Us

If you have any questions, concerns, or wish to exercise any of your rights regarding your personal data, please reach out to us using the contact details found on our website. Thank you for trusting Flower Delivery Covent Garden with your personal information.