Flower Delivery St James's – GDPR Privacy Policy

Introduction

This Privacy Policy explains how Flower Delivery St James's collects, uses, processes, and protects your personal data when you place an order with us for flower delivery within St James's and the surrounding districts. Your privacy matters to us, and we are committed to complying with the General Data Protection Regulation (GDPR) and all related data protection laws. Please read this policy carefully to understand how your personal information is handled.

Scope of This Policy

This policy applies to all customers who place flower delivery orders with Flower Delivery St James's in St James's and neighbouring areas. The policy covers data collected through our website, telephone orders, and in-person inquiries directly related to our flower delivery services.

What Data We Collect

We collect the following categories of personal data when you use our service:

  • Contact Information: Name, delivery address, telephone number, and any additional instructions regarding your order or delivery.
  • Order Details: Details of flower arrangements ordered, delivery preferences, special messages to accompany bouquets, and order history.
  • Payment Information: Payment card details (processed via secure third-party payment processors), transaction amounts, and payment confirmation status.
  • Communications: Correspondence between you and Flower Delivery St James's such as order confirmations, queries, and feedback.
  • Technical Information: IP addresses, browser type, device identifiers, and cookies for website functionality and analytics.

Lawful Basis for Processing Your Data

We process your personal data only when we have a valid legal basis to do so as required by GDPR. Our processing activities rely on one or more of the following lawful bases:

  • Contractual Necessity: We need your data to process and deliver your order as per the contract formed when you place an order with us.
  • Legitimate Interests: We may use your data to improve our services, manage our relationship with you, and ensure the security of our systems, as long as our interests do not override your rights and freedoms.
  • Legal Obligations: We may process data to comply with applicable legal requirements, tax regulations, or in response to lawful requests from law enforcement or regulatory authorities.
  • Consent: For direct marketing or communications not strictly related to your order, we will seek your explicit consent, which you can withdraw at any time.

How We Use Your Data

Your personal information is used strictly for the following purposes:

  • Processing and fulfilling your flower delivery orders.
  • Contacting you regarding your order or to clarify details.
  • Managing payment and billing information securely.
  • Customer support and handling inquiries or complaints.
  • Providing delivery updates and order confirmations.
  • Improving our products and services through analytical data (using aggregated and anonymised information where possible).
  • Where permitted by law or consented by you, sending you information about our services, offers, or updates.

Data Retention

We retain your personal data for only as long as necessary to fulfill the purposes for which it was collected, in accordance with legal requirements and business needs. Typically, we retain order and contact details for up to six years, to comply with accounting and tax obligations and to resolve any disputes that may arise. Payment card details are not stored by us beyond what is required for legitimate transaction processing. After the retention period, your data is securely deleted or anonymized.

Third-Party Processors

To ensure smooth service delivery and payment processing, we work with third-party service providers who may process your personal data on our behalf. These include payment gateways, delivery partners, email service providers, IT support, and analytics providers. All such processors are contractually required to safeguard your data and are only permitted to use it for specified purposes in accordance with GDPR requirements. We do not sell or otherwise share your data with third parties for their independent purposes.

Data Security

Flower Delivery St James's implements appropriate technical and organisational safeguards to protect your personal data from unauthorised access, misuse, alteration, disclosure, or destruction. These measures include secure data storage, restricted access, encryption of sensitive transactions, and regular system monitoring.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right of Access: You have the right to request information about whether and how we process your personal data, and to receive a copy of the information we hold about you.
  • Right to Rectification: You can ask us to correct or complete any inaccurate or incomplete data we hold about you.
  • Right to Erasure ("Right to be Forgotten"): In certain circumstances, you may request that we delete your personal data that we no longer have a lawful reason to keep.
  • Right to Restrict Processing: You can ask us to restrict the processing of your data in limited situations.
  • Right to Data Portability: You have the right to receive your data in a structured, commonly used format and transmit it to another controller where technically feasible.
  • Right to Object: You can object at any time to certain types of processing, such as direct marketing or processing based on legitimate interests.
  • Right to Withdraw Consent: Where processing is based on your consent, you may withdraw this at any time, without affecting the lawfulness of processing up to that point.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements or our data processing practices. We encourage you to review this policy periodically so that you remain informed of how we protect your information.

Contacting Us

If you have any questions or concerns about this Privacy Policy or how your data is handled at Flower Delivery St James's, please contact us through our usual business channels. We are committed to working with you to address any privacy concerns you may have.