Flower Delivery Mortlake Privacy Policy

Introduction

At Flower Delivery Mortlake, we value our customers’ privacy and are committed to protecting your personal information in accordance with the General Data Protection Regulation (GDPR) and applicable UK data protection laws. This Privacy Policy explains how we collect, use, store, and manage your data when you place orders with us, either directly or through our website. This policy applies to all customers placing Flower Delivery Mortlake orders from Mortlake and surrounding districts.

What Data We Collect

We collect and process the following types of personal information to provide and improve our flower delivery services:

• Contact details: Your name, address, delivery address (if different), and telephone number
• Order details: Details of flower and gift selections, messages to recipients, order dates, and order numbers
• Payment information: Payment card information (processed via secure third-party providers), transaction records, and billing addresses
• Communication records: Customer support correspondence and order-related communication
• Technical data: Device information, IP address, browser type, and cookies (when accessing our website)

We do not knowingly collect data from children under 16 years of age.

Lawful Basis for Processing

We process your personal data using one or more of the following lawful bases, as set out under the GDPR:

• Contractual necessity: We process personal information to fulfil your order, deliver your flowers, and provide customer service.
• Legal obligation: We may process your data to comply with relevant laws and regulations, such as accounting or tax requirements.
• Legitimate interests: We may use certain data (such as contact details or order history) to improve our services, prevent fraud, or inform you of important service changes, provided these are not overridden by your rights and interests.
• Consent: In certain cases, such as marketing communications, we will obtain your explicit consent before processing your personal data for those purposes.

How Your Data Is Used

Your information is primarily used to process orders, arrange delivery, handle payments, and respond to your enquiries. Additionally, we may use your data to:

• Send order updates and delivery notifications
• Respond to feedback or resolve complaints
• Improve our flower ordering and delivery services
• Perform essential administrative, accounting, and auditing tasks
• Fulfil legal requirements
• Send marketing communications, only if you have consented to receive them

All data processing activities are conducted in accordance with this Privacy Policy and applicable laws.

Data Storage and Retention

We store your personal data securely within the United Kingdom or the European Economic Area (EEA). Personal data will only be retained for as long as necessary to fulfil the original processing purposes, satisfy legal, accounting, or reporting requirements, or resolve disputes.

Typically, customer order records are retained for up to seven years in accordance with accounting obligations, after which your data is securely deleted or anonymised. Shorter retention periods may apply for data held for marketing or website analytics purposes, unless you withdraw your consent earlier.

Data Processors and Third Parties

To facilitate efficient service, we may share certain personal data with trusted third-party processors who perform activities on our behalf. These may include:

• Payment processing providers (e.g., card payment services)
• Certain delivery and courier partners
• IT and website hosting service providers
• Customer support and communication tools
• Accounting and professional advisory firms (where required)

All third-party processors have agreed to handle your data safely and in compliance with GDPR, using it solely for the purposes specified by Flower Delivery Mortlake. We do not sell or share your personal data with unrelated third parties for their own marketing purposes.

User Rights Under GDPR

You have the following rights concerning your personal data under the General Data Protection Regulation:

• Right to Access: Request a copy of any personal data we hold about you
• Right to Rectification: Request a correction to any inaccurate or incomplete data
• Right to Erasure: Request your personal data be deleted in certain circumstances
• Right to Restrict Processing: Request to limit the ways we use your data
• Right to Data Portability: Request that we provide your data in a format that can be transferred to another service provider
• Right to Object: Object to processing where we rely on legitimate interests or direct marketing
• Right to Withdraw Consent: Withdraw your consent at any time, where processing is based on consent (this will not affect the lawfulness of processing before withdrawal)
• Right to Lodge a Complaint: You can raise a complaint with the Information Commissioner’s Office (ICO) if you are concerned about how we handle your data

To exercise any of these rights, please contact us using the contact details provided on our website or in your order confirmation documentation.

Data Security Measures

We take appropriate technical and organisational measures to safeguard your information. Security measures include encryption, secure servers, limited data access controls, confidentiality training for our staff, and regular review of our processes to prevent unauthorised access, misuse, loss, or disclosure of your data.

Updates to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. The date of the latest update will be displayed at the bottom of the policy. We encourage you to review this policy periodically for any changes.

Contact and Further Information

If you have any questions about this Privacy Policy, our processing of your data, or wish to exercise your GDPR rights, please contact us using the information provided on our website or in your order confirmation details. We are committed to addressing your data privacy concerns fully and promptly.

Last updated: June 2024