Privacy Policy for Flower Delivery Hoxton Customers

Introduction

This Privacy Policy explains how Flower Delivery Hoxton collects, uses, shares, and retains your personal data when you place an order with us in Hoxton and surrounding districts. Flower Delivery Hoxton is committed to complying with the UK General Data Protection Regulation (GDPR) and ensuring your privacy is protected at all times. By ordering from us, you agree to the terms set out in this policy. Please read it carefully to understand your rights and the way we safeguard your information.

What Data We Collect

We collect and process the following categories of personal data for the purpose of fulfilling your flower delivery order:

  • Contact Information: Name, delivery address, billing address, and telephone number.
  • Order Details: Items ordered, special instructions, and occasion.
  • Payment Details: Payment card information (processed securely via third-party payment processors; we do not store your card numbers).
  • Communication Data: Correspondence or queries made via our website or over the phone regarding your order.
  • Technical Data: IP address, device type, browser type, and cookies (when you use our website).

Lawful Basis for Processing

Under the GDPR, we rely on several legal bases to process your personal data:

  • Contractual Necessity: Most of the data we collect is necessary for us to fulfil your flower delivery order or to take steps at your request before entering into a contract with you.
  • Legal Obligation: We may process your data where required to do so by law, such as for accounting or tax purposes.
  • Legitimate Interests: In some instances, we process data to improve our services, maintain security, or respond to inquiries, as long as these interests do not override your fundamental rights and freedoms.
  • Consent: Where required, such as for marketing communications, we will obtain your explicit consent first. You can withdraw this consent at any time.

How We Use Your Data

Your data is used exclusively to process and deliver your orders, support customer service, comply with legal requirements, and, with your permission, send you relevant information about our products and services.

  • To process, confirm, and deliver your flower order to the correct address.
  • To keep you updated about your order status.
  • For internal record keeping and accounting requirements.
  • To handle customer service requests, complaints, or feedback.
  • To periodically send you updates or promotional information, only if you have opted in.
  • For website analytics, to improve our website’s functionality and user experience.

How We Share and Store Your Data

Your personal data is only shared with trusted third parties when necessary for processing your order. This includes payment processors who handle your payment transactions and IT service providers supporting our website and internal systems. All third parties are required to comply with strict data protection and confidentiality agreements. We do not sell or rent your information to any third parties for marketing purposes.

Your data is securely stored on systems within the United Kingdom or the European Economic Area (EEA). In rare cases where data processing may occur outside the EEA, we ensure that appropriate safeguards are in place as required by the GDPR.

Retention of Your Data

We retain your personal data only as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting, or reporting requirements. Typically, order and transaction data is retained for up to six years, in line with UK legal and tax obligations. After this retention period, your personal data will be securely deleted or anonymised. Data collected for marketing will be retained until you choose to withdraw your consent.

Processors and Sub-processors

To deliver our services, we engage third-party data processors, including:

  • Payment service providers (for payment processing).
  • IT systems providers (for hosting and maintaining our website and systems).
  • Delivery partners (for delivering your order to the specified address).

All such processors act solely on our instructions and are obliged to adhere to confidentiality and data protection standards required under GDPR.

Your Rights

As a customer, you have the following rights under the GDPR:

  • Right of Access: You can request information about the personal data we hold about you and how we use it.
  • Right to Rectification: You can request that incorrect or incomplete data about you be corrected.
  • Right to Erasure: In certain cases, you can request the deletion of your personal data ("right to be forgotten").
  • Right to Restriction: You can request restrictions on how we process your data in specific circumstances.
  • Right to Data Portability: You can request that we provide your data in a structured, commonly used, and machine-readable format.
  • Right to Object: You can object to certain types of processing, such as direct marketing at any time.
  • Right to Withdraw Consent: If processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  • Right to Lodge a Complaint: You can lodge a complaint with a supervisory authority if you believe your data protection rights have been breached.

Changes to This Policy

We review and update this Privacy Policy regularly to remain compliant with relevant laws and to reflect how we process data. Any changes will be posted on our website. We encourage you to review this notice each time you use our services.

Contact

If you have questions about this Privacy Policy or your personal data, please get in touch with us through the contact details provided on our website. We will be happy to address any concerns you may have.