Our Commitment to Your Privacy at Flower Delivery Ealing

Introduction: Who This Privacy Policy Applies To

This Privacy Policy outlines how Flower Delivery Ealing collects, uses, stores, and protects your personal information in compliance with the General Data Protection Regulation (GDPR). This policy applies to all customers ordering from Flower Delivery Ealing within Ealing and surrounding districts. By placing an order with us, you confirm that you have read and understood this Privacy Policy.

What Personal Data We Collect

We collect necessary information to fulfill your order and provide our services. The personal data we may collect includes:

  • Contact Information: such as your name, delivery address, billing address, and telephone number
  • Order Details: including products purchased, order notes, and recipient details (if you are sending flowers to another individual)
  • Payment Information: payment method, transaction details (we do not store your card details; payments are processed securely via our payment processor)
  • Account Data: if you create an account with us, your login details and order history
  • Correspondence: communications with our customer service team
  • Technical Data: such as your IP address, device type, and browsing data as captured by cookies for website functionality and analytics

Lawful Basis for Processing Your Data

Under GDPR, we must have a lawful basis to process your personal data. We rely on the following lawful grounds:

  • Contract: Processing is necessary to fulfill your flower delivery order and take steps at your request prior to entering into a contract.
  • Legal Obligation: Processing may be necessary to comply with laws, such as accounting or tax requirements.
  • Legitimate Interests: We may process personal data for certain legitimate business interests such as internal analytics, service improvements, fraud prevention, or marketing (where you have not opted out).
  • Consent: We seek your explicit consent before using your data for marketing communications. You may withdraw consent at any time.

How We Use Your Personal Data

We use your personal data for the following purposes:

  • Processing and delivering your flower orders, including communicating with you and the recipient about the delivery
  • Managing your account and order history
  • Responding to your inquiries or complaints
  • Improving our products, services, and website experience
  • Complying with our legal, regulatory, and contractual obligations
  • Sending you relevant information about our services, promotions, or updates – only if you have opted in

Data Retention: How Long We Keep Your Data

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Typically, we keep order and account information for up to seven years to comply with legal obligations. Information provided for marketing purposes will be held until you unsubscribe or request deletion. After the retention period, your data is securely deleted or anonymised.

Who Processes Your Data: Processors and Third Parties

Flower Delivery Ealing may engage third-party companies ("data processors") to support the operation of our business and delivery of services. Examples of such processors include payment service providers, IT hosting companies, couriers, marketing and analytics providers. Each processor is contractually obliged to handle your data securely and in accordance with GDPR. We do not sell your information to third parties.

Where required by law, we may share personal data with law enforcement or government bodies. Otherwise, your data will be shared only with trusted parties essential for processing and delivering your order or with your explicit consent.

Cookies and Analytical Data

Our website uses cookies and similar technologies to ensure functionality, enhance user experience, and analyze usage. Some cookies are essential for order placing, while others help us understand website performance. You can adjust your browser settings to control or block cookies, though this may affect website functionality.

How We Protect Your Data

We take your privacy and data security seriously. Your information is stored on secure servers, and suitable physical, electronic, and managerial procedures are in place to safeguard data against unauthorized access, use, alteration, or disclosure. Only authorized personnel and trusted processors have access to personal data as required for their role.

Your Rights Under GDPR

You have certain rights regarding your personal data under GDPR, including:

  • The right to access: Request a copy of the personal data we hold about you.
  • The right to rectification: Request correction of incomplete or inaccurate data.
  • The right to erasure: Request deletion of your data (subject to certain legal requirements).
  • The right to restrict processing: Ask us to limit the way we use your data.
  • The right to data portability: Receive your personal data in a commonly used format and transfer it to another data controller.
  • The right to object: Object to specific uses, such as direct marketing.
  • The right not to be subject to automated decision-making: We do not rely on automated decisions that have legal or similar significant effects on you.

If you wish to exercise any of these rights, please contact us using the details on our website. We will respond to your request within legal timeframes and may need to verify your identity before processing your request.

Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our processes, applicable regulations, or for other operational reasons. The latest version will always be available on our website, and we recommend reviewing this Policy regularly for updates.

Contacting Us

If you have any questions or concerns about this Privacy Policy or how your data is handled, please use the contact details provided on our website to get in touch.