Privacy Policy for Flower Delivery Amersham Customers

Introduction

This Privacy Policy applies to all customers placing Flower Delivery Amersham orders from Amersham and surrounding districts. We are committed to protecting your personal data and respecting your privacy, in full compliance with the UK General Data Protection Regulation (GDPR). This policy outlines what data we collect, our lawful basis for processing, data retention periods, the use of third-party processors, and your rights regarding your personal information.

What Personal Data We Collect

When you place an order with Flower Delivery Amersham, we may collect the following types of personal data:

  • Contact Information: Full name, address (including delivery address if different), post code, and phone number.
  • Order Details: Details of products purchased, special requests, desired delivery date, and card messages.
  • Payment Information: Your payment details are securely processed; we do not store full card numbers or CVV codes.
  • Communication Records: Records of correspondence when you contact us with queries, feedback, or complaints.
  • Website Usage Data: Information on your interactions with our website, such as IP address, browser type, device, operating system, and pages visited. This data is typically collected via cookies and analytics tools.

Lawful Basis for Processing

Under GDPR, Flower Delivery Amersham must have a lawful basis for each type of processing of your data. We rely on the following bases:

  • Contractual Necessity: To fulfill your flower delivery order, communicate updates, and manage your account details.
  • Legal Obligation: To comply with applicable legislation, such as tax or accounting requirements.
  • Legitimate Interests: To improve our services, manage our operations efficiently, carry out customer service, or detect and prevent fraud, provided such interests are not overridden by your rights and interests.
  • Consent: Where required (for example, for direct marketing by email), we will obtain and rely on your informed consent. You can withdraw consent at any time.

How We Use Your Data

We use your personal data for the following purposes:

  • Processing and delivering your flower orders, including order confirmation, delivery updates, and addressing queries or complaints.
  • Managing payments and refunds securely.
  • Maintaining our business records for accounting and legal compliance.
  • Improving our website, products, and overall customer experience through analysis of website usage data (where applicable and subject to cookie consent).
  • Sending you service-related notifications or, with your consent, marketing communications (which you can opt out of at any time).

Data Retention

We only keep your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of complying with legal, accounting, or reporting requirements. Typically, we retain:

  • Order and contact details for up to six years for financial and tax record-keeping.
  • Communication records for up to two years after the last contact, to assist with customer service issues.
  • Website usage data (where collected) is anonymised or deleted after a period consistent with our analytics provider's policy, generally no longer than two years.

Data Processors and Sharing

We may share your personal data with third-party service providers (processors) who perform functions on our behalf, including:

  • Payment processors, to handle card payments and financial transactions securely.
  • IT service providers for website hosting, maintenance, and communication systems.
  • Delivery partners to facilitate the delivery of your orders in Amersham and surrounding areas.
  • Analytics providers if website usage data is collected (subject to your cookie preferences).

These processors are required to process your data only for specified purposes and in accordance with our instructions. We do not sell or rent your personal data to third parties. Data is only shared in line with current UK data protection law requirements.

Storage and Security

We put appropriate technological and organisational measures in place to protect your personal data from loss, misuse, wrongful access, modification, or disclosure. Access to personal data is limited to staff and processors who need it and are subject to confidentiality obligations. All payment data is handled using secure, compliant methods.

Your Rights Under GDPR

As a customer in Amersham or the surrounding districts, you have the following rights in relation to your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete personal data.
  • Erasure: Request erasure of your personal data where there is no longer a reason for us to retain it.
  • Restriction: Request that we restrict how we process your data under certain circumstances.
  • Data Portability: Request transfer of your data to another provider in a structured, commonly used format.
  • Objection: Object to our processing of your personal data where we rely on legitimate interests or direct marketing.
  • Withdraw Consent: Where you have given consent, you have the right to withdraw it at any time.

To exercise any of these rights, you may contact us through the methods outlined on our website. We aim to respond to requests within one month, as prescribed by law.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or updates to law. We encourage you to review this policy regularly to stay informed about how your information is protected and used.

Contact and Further Information

If you have any concerns, questions, or wish to exercise your data protection rights, please refer to the contact details provided on our website. We take your privacy seriously and will do our utmost to address any concerns promptly and transparently.