Golders Green Flowers Privacy Policy

Introduction

This Privacy Policy outlines how Golders Green Flowers ('we', 'us', or 'our') collects, uses, stores, and protects your personal data. We are committed to complying with the General Data Protection Regulation (GDPR) and protecting your privacy when you place an order with us from Golders Green and the surrounding districts. Please read this policy carefully to understand how we handle your information.

Scope of the Policy

This Privacy Policy applies to all customers who place orders with Golders Green Flowers, whether online, by phone, or in person, based in Golders Green and adjacent areas. By using our services, you acknowledge the terms set out below.

What Data We Collect

When you order flowers or related products and services from us, we may collect and process the following categories of personal data:

  • Identity Data: Name, title, and contact information (such as billing and delivery address).
  • Contact Details: Phone number and delivery address details.
  • Order Information: Details about the products you order, message cards, and delivery instructions.
  • Payment Data: Payment method, and transaction information. We do not store full payment card details, as these are handled securely by our payment processors.
  • Communication Data: Any correspondence you send us, including customer service requests and feedback.
  • Technical Data: Limited data such as IP address, device type, and browsing activity when you interact with our website.

Lawful Basis for Processing Your Data

We process your personal data only where we have a lawful basis under GDPR. These bases include:

  • Contractual Necessity: Processing your information to fulfill your order and provide our services to you.
  • Legal Obligation: Retaining information as required by law, such as for tax and accounting reasons.
  • Legitimate Interests: Using your data to improve our services, manage our relationship with you, and for administrative purposes, provided your rights and interests do not override ours.
  • Consent: We may ask for your consent to send you marketing communications or use cookies where required. You may withdraw consent at any time.

How We Use Your Data

Your personal data may be used for the following purposes:

  • To process and deliver your orders, including communicating with you about order status and delivery.
  • To manage payments and, where applicable, to prevent fraudulent transactions.
  • To respond to your inquiries, provide customer service, and handle any requests or complaints.
  • To comply with our legal and regulatory obligations.
  • To improve our service, operations, and website functionality.
  • With your consent, to provide you with marketing updates, newsletters, or promotions relating to Golders Green Flowers.

Sharing Your Data and Use of Processors

We treat your personal data with care and only share it when necessary. This may include disclosing information to the following categories of recipients:

  • Service Providers: Payment processing companies, delivery couriers, website hosting providers, and IT support. These processors act on our behalf under strict contractual agreements to ensure your data remains protected.
  • Professional Advisors: Accountants, auditors, and legal advisors where required.
  • Government Bodies: If legally obliged, we may share data to comply with laws or respond to lawful requests from public authorities.

We do not sell your personal data to any third parties.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy, including any legal, accounting, or reporting obligations. Typically, order and transaction information is kept for up to seven years for legal reasons. Communication data may be retained for up to two years for customer service quality and queries.

At the end of the retention periods, data will be securely deleted or irreversibly anonymised.

Your Rights Under GDPR

Under the GDPR, you have a number of important rights regarding your personal data:

  • The right to access – You can request a copy of the personal data we hold about you.
  • The right to rectification – You may ask us to correct inaccurate or incomplete data.
  • The right to erasure – You have the right to request deletion of your data under certain circumstances.
  • The right to restrict processing – You can ask us to limit the way we use your data.
  • The right to data portability – You may request to receive your data in a structured, commonly used format or have it transferred to another service provider.
  • The right to object – You can object to the use of your data for direct marketing, or where we process data based on our legitimate interests.
  • The right to withdraw consent – If processing is based on consent, you can withdraw it at any time.

If you wish to exercise any of these rights, please contact us with your request. We will respond in accordance with the GDPR requirements and may require verification of your identity before proceeding.

Data Security

We implement appropriate technical and organisational measures to protect your personal information from unauthorised access, accidental loss, misuse, or disclosure. Our staff are trained in data protection principles, and we ensure that our service providers also comply with high standards of data security.

Children's Privacy

Our services are not intended for children under the age of 16. We do not knowingly collect personal data from children in this age group.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The latest version will always be available upon request and on our premises/website. Where appropriate, we will notify you of any material changes.

Contact and Complaints

If you have any questions, concerns, or complaints about how we use your personal data, please contact us. If you are not satisfied with our response, you also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO).