Flowers Kidbrooke Privacy Policy: Protecting Your Personal Data

Introduction

This Privacy Policy describes how Flowers Kidbrooke ("we", "our", "us") processes your personal data in accordance with the General Data Protection Regulation (EU 2016/679) ("GDPR") and the UK Data Protection Act 2018. This policy applies to all individuals placing orders with Flowers Kidbrooke from Kidbrooke and surrounding districts, whether you place orders online, by phone, or in person.

What Personal Data We Collect

When you place an order or interact with Flowers Kidbrooke, we may collect the following categories of personal data:

  • Identity Data: Name, title.
  • Contact Details: Delivery address, billing address, phone number, and, where relevant, user account login information.
  • Order and Transaction Data: Order details, payment method details (note: payment card numbers are handled by our payment processors and are not stored by us), purchase history, delivery instructions, correspondence and communications with us.
  • Technical Data: IP address, browser type and version, time zone setting, operating system, and device information (collected via our website where applicable).
  • Marketing Preferences: Your preferences regarding marketing communications from us.

The Lawful Basis for Processing Your Data

We process your personal data under the following lawful bases, as outlined by GDPR:

  • Contractual Necessity: Processing your data is necessary for the performance of a contract with you, for example, to fulfill your flower order and manage payments.
  • Legal Obligation: Certain processing activities are required to comply with legal and financial record-keeping obligations.
  • Legitimate Interests: We may process your data to improve our products and services, prevent fraud, and safeguard our business interests, provided these do not override your fundamental rights.
  • Consent: Where required, such as for sending marketing communications, we will obtain your explicit consent, which you can withdraw at any time.

How We Use Your Personal Data

The information we collect may be used for the following purposes:

  • To process, manage, and deliver your flower orders
  • To communicate with you regarding your orders or customer queries
  • To manage customer accounts, order history, and preferences
  • To keep records in line with legal requirements
  • To improve our services, website security, and general business operations
  • To send you relevant marketing communications (only if you have given consent)

How Long We Keep Your Data (Data Retention)

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, and to comply with legal, accounting, or reporting requirements. Typically, order and transaction records are held for six years to comply with tax and accounting regulations. Personal data provided for marketing purposes is retained until you withdraw your consent or exercise your right to object. When retention is no longer necessary, personal data is securely deleted or anonymised.

Data Processors and Third-party Service Providers

To provide our services, we may share your data with third-party processors, including but not limited to:

  • Payment processing providers (to handle secure payment transactions)
  • Delivery and courier partners (to deliver your order to the correct address)
  • IT and website hosting providers (for secure management of our online systems)
  • Professional advisers such as accountants or legal consultants (for business operations)

All third-party processors are required to respect the confidentiality of your data, act only on our instructions, and are subject to data processing agreements that comply with GDPR requirements.

International Transfers

Flowers Kidbrooke prefers to process data within the United Kingdom or European Economic Area (EEA). In rare cases where personal data is transferred outside of these areas (for example, if a processor’s servers are located abroad), we will ensure appropriate safeguards are in place, such as Standard Contractual Clauses, to protect your data.

Your Rights Under GDPR

As a customer, you have the following rights regarding your personal data:

  • Right of Access: Request access to the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate personal data.
  • Right to Erasure: Request your data be deleted when there is no good reason for us to continue processing it.
  • Right to Restrict Processing: Ask us to restrict how we process your information in certain circumstances.
  • Right to Data Portability: Obtain and reuse your personal data across other services.
  • Right to Object: Object to the processing of your data, including for direct marketing purposes.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw this at any time without affecting the lawfulness of processing before withdrawal.
  • Right to Lodge a Complaint: You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data is not being processed in accordance with the law.

Security Measures

We implement appropriate technical and organisational measures to protect your personal data from loss, misuse, unauthorised access, disclosure, alteration, or destruction. This includes secure data storage protocols, restricted access controls, staff training, and review of security policies.

Policy Updates and Contacting Us

This Privacy Policy may be updated from time to time to reflect changes in legislation or our practices. The most current version will always be available to customers. If you have any questions about your personal data or require further information about this Privacy Policy, please contact us through our usual customer communication channels.

Scope of Policy

This policy applies to all information collected from customers placing orders with Flowers Kidbrooke in Kidbrooke and surrounding districts. By using our services, you acknowledge you have read and understood this Privacy Policy.