Florist Parsons Green Privacy Policy

Introduction

This Privacy Policy explains how Florist Parsons Green («we», «us», «our») collects, uses, discloses, and protects your personal data when you place an order with us. It applies to all customers placing orders for floral arrangements and related products or services from Parsons Green and surrounding districts. We are committed to upholding your privacy in accordance with the UK General Data Protection Regulation (GDPR) and related data protection laws.

What Data We Collect

When you place an order or interact with Florist Parsons Green, we may collect the following categories of personal data:

  • Contact Information: Your name, billing address, delivery address, and contact details (such as telephone number).
  • Order Details: Information about your order, including recipient name and delivery address (when different from your own), order contents, instructions, and any additional comments.
  • Payment Information: Payment amount, transaction date and time, and payment confirmation status (note: we do not store full card data; payments are processed through secure third-party providers).
  • Communication Records: Correspondence with our team, including order confirmations, delivery updates, queries, and feedback.
  • Technical Data: Usage data, device information, IP address, and cookies (where consented) collected when you use our website.

Lawful Basis for Processing Your Data

Under the GDPR, we must have a lawful basis to process your personal data. Florist Parsons Green processes your information based on the following grounds:

  • Contract: Processing is necessary to fulfill the purchase contract for goods or services you order.
  • Legal Obligation: To comply with applicable laws, including tax and accounting requirements.
  • Legitimate Interests: To improve our service, manage our business operations, respond to enquiries, ensure secure payments, and prevent fraud. We always balance our interests with your rights and expectations.
  • Consent: Where you have given explicit consent, for example, to receive marketing communications (which you can withdraw at any time).

How We Use Your Information

Your personal data is used for the following purposes:

  • Processing and fulfilling your orders, including arranging delivery to the specified recipient or address.
  • Communicating with you about your order, updates, and customer service issues.
  • Processing payments through secure third-party payment processors.
  • Improving our products, services, and customer experience based on feedback and usage data.
  • Complying with our legal and regulatory obligations.
  • Sending you marketing communications if you have opted in (you may opt out at any time).

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal, accounting, or reporting obligations. Generally, we retain order data for up to seven years to satisfy tax and regulatory requirements. Communication data may be retained for up to two years for customer service purposes. Marketing data is retained until you withdraw consent or request deletion. After these periods, your data is securely deleted or anonymised.

Data Processors and Third Parties

We may disclose your personal data to trusted third-party service providers («processors») who act on our behalf for specific functions, for example:

  • Payment Processing: Securely processing your payments and refunds.
  • Delivery Partners: Assisting with delivery logistics when necessary.
  • IT and Hosting Providers: Supporting our website, data storage, and communications.

These processors may only use your data as required to provide their services and are contractually obligated to maintain data security and confidentiality compliant with GDPR.

If required by law, court order, or regulatory requirement, we may disclose your personal data to appropriate authorities.

Your Data Protection Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request corrections to any inaccurate or incomplete data.
  • Right to Erasure: You can request deletion of your personal data under certain circumstances («right to be forgotten»).
  • Right to Restrict Processing: You can ask us to restrict the processing of your personal data in specific situations.
  • Right to Data Portability: You can request that we provide your personal data in a commonly used format for transfer to another data controller.
  • Right to Object: You may object to processing based on legitimate interests or direct marketing.
  • Right to Withdraw Consent: Where we process your data based on consent, you can withdraw this at any time without affecting prior processing.

To exercise these rights, please contact us using the contact details provided on our website or at our shop. We may need to verify your identity to address your request. We aim to respond within one month of your request.

Data Security

Florist Parsons Green implements appropriate technical and organisational measures to safeguard your personal data from accidental loss, unauthorised access, alteration, disclosure, or destruction. Our processors are selected for their high standards of data security.

International Data Transfers

We store personal data within the UK or EEA wherever possible. If we ever transfer data outside of these areas, we ensure that such transfers are protected by appropriate safeguards in accordance with GDPR requirements.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes. Please review it regularly to stay informed of any updates. The revised policy will apply from the date it is posted.

Contact & Queries

If you have any questions about this Privacy Policy or how we handle your personal data, please visit our website or contact us at our shop in Parsons Green for further information.

Complaints

If you believe that your data protection rights have been infringed, you have the right to complain to the Information Commissioner's Office (ICO) or your local supervisory authority.