Elmers End Florist: Customer Privacy Policy

Introduction

This Privacy Policy outlines how Elmers End Florist collects, uses, retains, and protects your personal information when you place an order with us, either in Elmers End or the surrounding districts. Our commitment to safeguarding your data and respecting your privacy is paramount, in accordance with the General Data Protection Regulation (GDPR) and all applicable UK data protection laws. By placing an order with Elmers End Florist, you acknowledge and agree to the practices described in this policy.

Scope of this Policy

This Privacy Policy applies to all customers placing orders with Elmers End Florist, whether online, by telephone, or in person, in Elmers End and the neighbouring districts. The policy covers all data collected and processed for the purpose of fulfilling customer orders and providing high-quality floral services.

What Data We Collect

We collect a variety of personal data to ensure successful order handling and the efficient delivery of our services. The types of personal data we may collect include:

  • Identity Data: Full name, title, and occasionally, the recipient's name if sending flowers as a gift.
  • Contact Data: Delivery address, billing address, contact telephone number(s), and at times, a contact email address for confirmation or updates.
  • Order Details: Purchase records, item selections, customer notes or special requests (such as card messages), and delivery instructions.
  • Transaction Data: Payment method, transaction date, and value. Please note, all card payment details are processed directly by our payment service providers and are not stored by Elmers End Florist.
  • Correspondence Data: Records of communications regarding your order, feedback, complaints, or queries.

Lawful Basis for Processing Your Data

We process your personal data only where the law allows us to. The primary lawful bases we rely on under the GDPR include:

  • Contractual Necessity: Most data is processed so that we can fulfil our contract with you, for example, by delivering your floral order or contacting you about your order.
  • Legitimate Interests: In certain cases, we may use your data to pursue our legitimate business interests, such as improving our services, provided these interests do not override your rights and freedoms.
  • Legal Obligation: Where required by law, we may process data to comply with our legal and regulatory obligations.
  • Consent: If you opt-in to receive marketing communications or newsletters, processing will be based on your consent, which you can withdraw at any time.

How We Use Your Information

Your personal information is used strictly for the following purposes:

  • Processing and fulfilling your floral orders, including delivery logistics
  • Communicating order confirmations, updates, and resolving potential issues
  • Managing payments and refunds
  • Improving our services based on your feedback and order trends
  • Meeting legal, regulatory, and accounting requirements
  • Sending marketing communications if you have opted in

Data Retention

We retain your personal data only as long as is necessary to fulfil the purposes described above. In general, this means:

  • Order and transaction data will be retained for up to seven years, in line with legal and tax requirements.
  • Contact details and correspondence related to queries or complaints may be retained for up to three years following your last interaction with us.
  • If you have signed up for marketing updates, your details will be retained until you unsubscribe or withdraw consent.

At the end of the relevant retention period, your data will be securely deleted or anonymised.

Third-Party Data Processors

In order to deliver our services, we may use trusted third-party service providers (data processors) who assist with payment processing, order management software, delivery logistics, and marketing management. All such processors are contractually obligated to maintain the confidentiality and security of your data, acting solely under our instructions, and are compliant with GDPR requirements. We do not rent or sell your personal data to any third parties for their own use.

Your Data Protection Rights

As a customer of Elmers End Florist, you have several rights under the GDPR, including:

  • Access: You can request details of the personal information we hold about you.
  • Rectification: You can ask us to correct inaccurate or incomplete personal data.
  • Erasure: You may request deletion of your data where there is no longer a valid reason for retention.
  • Restriction: You can request restriction of processing under certain circumstances.
  • Objection: You may object to certain processing, including direct marketing.
  • Portability: You can request that we transfer your data to another service provider where applicable.

To exercise any of your rights, please contact us via the means described on our website or in store. Please note that we may need to verify your identity before processing your request. Some rights may be subject to exemptions or limitations.

How We Keep Your Data Secure

We take the security of your personal data seriously. All information is stored securely, and appropriate technical and organisational measures are in place to safeguard against loss, misuse, or unauthorised access. Staff are trained in data protection, and our procedures are regularly reviewed to ensure ongoing compliance and effectiveness.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our operations or legal requirements. The latest version will always be available on our website and in our store. We recommend visiting periodically to stay informed about how your data is used and protected.

Contact Us

If you have any questions or concerns about this Privacy Policy or your personal data, please contact us through the methods provided on our website or by visiting our store in Elmers End.