Privacy Policy for North Harrow Florist Customers
Overview
This Privacy Policy explains how North Harrow Florist collects, uses, stores, and protects the personal data of individuals placing flower orders with us from North Harrow and surrounding districts. We are committed to fully complying with the General Data Protection Regulation (GDPR) and ensuring the highest standards of data privacy for our customers and recipients of floral orders.
Data We Collect
To enable smooth transaction and delivery services, we may collect and process the following personal data as part of our operations:
- Customer Identification Data: This includes your name, address (for billing and/or delivery), contact telephone number, and, where applicable, company name.
- Order Data: Information about the products and services you order from us, including recipient’s name, delivery address, and any message included with the order.
- Payment Information: Details required to process payment for your order, such as payment card data processed securely by our payment providers.
- Communication Data: Records of communications with you, including queries, feedback, or complaints, mostly stored to improve customer service and order fulfillment.
- Website Usage Data: Information automatically collected when you visit our website, such as IP addresses, browser type, and cookies for website analytics and improvement.
Lawful Basis for Processing
We process your personal data based on the following lawful grounds as defined under GDPR:
- Contractual Necessity: Most information we collect is necessary to perform or enter into a contract with you, such as processing your order and delivering flowers.
- Legal Obligation: In certain cases, we may be required by law to process personal data, such as for taxation or recordkeeping requirements.
- Legitimate Interests: We may process your data where it is in our legitimate interest to do so, provided these interests do not override your fundamental rights and freedoms. Examples include fraud prevention, keeping our services secure, and improving our products/services.
- Consent: In instances where no other legal basis applies, we will ask for your explicit consent to process your data (such as for marketing or promotions). You may withdraw such consent at any time.
How We Use Your Data
Your data is used for the following purposes:
- To process your floral orders and provide requested services
- To contact you regarding your order or to respond to your queries
- To deliver flowers to your chosen recipient within North Harrow and surrounding districts
- To process payments and prevent fraudulent transactions
- To improve our products and the customer experience
- To comply with legal and regulatory obligations
- If you consent, to send you marketing information about our offers and services
Data Retention
We only retain your personal data for as long as is necessary to fulfill the purposes it was collected for, including for satisfying legal, accounting, or reporting requirements. The specific retention period will depend on the type of data and our lawful basis for processing. Typically, we retain order and transaction data for up to six years, in accordance with tax and accounting laws. After this period, data is securely deleted or anonymized, unless required longer by legal proceedings or regulations.
Data Sharing and Third-Party Processors
To facilitate our services, we may need to share your personal data with trusted third-party service providers. Such sharing is limited and governed by data processing agreements to ensure your privacy. Examples include:
- Payment Processors: Securely process customer payments and refunds. We do not store payment card details ourselves.
- Courier and Delivery Services: To deliver flowers to customers and recipients as part of fulfilling orders.
- IT and Web Service Providers: Who maintain our website, hosting, and software solutions, securely processing data on our behalf.
- Accountants and Legal Advisors: When required for statutory compliance or legitimate business interests.
We do not sell, rent, or otherwise disclose your personal information to commercial third parties. Whenever your data is shared with a third-party processor, it is done securely and subject to strict confidentiality and security measures.
International Data Transfers
Our operations are based in the UK, and we aim to keep all data processing within the UK or European Economic Area (EEA) where possible. If we engage processors outside the EEA, we ensure that appropriate safeguards are in place as required by the GDPR, such as using Standard Contractual Clauses or ensuring the country has been deemed to provide adequate data protection by relevant authorities.
Your Rights Under GDPR
As a North Harrow Florist customer, you have the following rights regarding your personal data under the GDPR:
- Right to Access: Request a copy of the personal data we hold about you.
- Right to Rectification: Ask us to correct any inaccurate or incomplete data.
- Right to Erasure: In certain circumstances, request deletion of your data, e.g., when it is no longer needed for the purposes collected.
- Right to Restrict Processing: Ask us to restrict processing under some circumstances.
- Right to Data Portability: Obtain your personal data in a structured, commonly used, and machine-readable format and transfer it to another provider.
- Right to Object: Object to certain processing activities, such as direct marketing.
- Right Not to Be Subject to Automated Decision-Making: We do not carry out automated profiling that would significantly affect you.
- Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw your consent at any time.
To exercise any of these rights, or if you have concerns regarding how your personal data is handled, you may contact us using the contact details provided in your order documentation or on our website. We will respond to all legitimate requests within one month, as required by law.
Security Measures
We employ appropriate technical and organisational measures to protect your data. This includes encryption, secure servers, access controls, and regular staff training on data protection and privacy. Our systems are regularly reviewed for vulnerabilities and potential threats to data security.
Policy Updates
This policy may be updated from time to time to reflect changes in legislation or our internal processes. We encourage customers to review this policy periodically. The latest version will always be available in our store and on our website.
Applicability
This Privacy Policy applies to all customers placing orders with North Harrow Florist, whether as individuals or on behalf of organisations, in North Harrow and the surrounding districts. It covers personal data relating to both orderers and recipients of gifts, where applicable.
Contact & Questions
If you have any questions about this Privacy Policy or how we handle your data, please refer to your order documentation or visit our premises for further information.