Privacy Policy for Customers of Flowers Muswell Hill

Introduction

This Privacy Policy explains how Flowers Muswell Hill collects, uses, stores, and protects personal data obtained from customers placing orders from Muswell Hill and surrounding districts. We are committed to safeguarding your privacy and ensuring that your personal information is handled in accordance with the General Data Protection Regulation (GDPR) and all other applicable data protection laws.

This policy applies to all individuals who make purchases or engage with our flower delivery and related services in Muswell Hill and its neighboring areas.

Personal Data We Collect

To fulfill your orders and provide quality service, we collect and process certain types of personal information. The data we may collect includes:

  • Name (first and last)
  • Contact details (such as address, phone number, and postal code)
  • Email address (for order confirmations and communications)
  • Payment information (such as payment card details, though these are handled securely by payment processors and not stored on our systems)
  • Order details (specific requests, messages, preferences)
  • Recipient information (if you are sending flowers to someone else, their name and delivery address)
  • Communication records (e.g., queries, feedback, or complaints)

We only collect the minimum information necessary to process your order and deliver our services effectively

Lawful Basis for Processing Data

Flowers Muswell Hill only processes personal data where a legal basis exists under GDPR. The relevant lawful bases for processing your personal data include:

  • Contractual necessity: When you place an order, we process your personal data to fulfill our contractual obligations to you (e.g., processing payments, delivering flowers, and providing related services).
  • Legitimate interest: We may use your data for our legitimate interests, such as improving our services, handling customer enquiries, or preventing fraud, provided that your rights and freedoms are not overridden.
  • Legal obligation: In some cases we may be required to retain or share data to comply with applicable laws, such as tax or accounting regulations.
  • Consent: If we wish to send you marketing communications or use your data for purposes outside the scope of this policy, we will seek your explicit consent, which can be withdrawn at any time.

How We Use Your Personal Data

We use the personal data collected for the following purposes:

  • To process and deliver your orders
  • To manage payments and refunds
  • To communicate with you regarding your order or queries
  • To respond to feedback, complaints or customer service queries
  • To improve our products and services
  • For record-keeping and business administration
  • To comply with legal requirements

Data Retention

We retain personal data only for as long as is necessary to fulfill the purposes outlined in this policy and to satisfy legal, accounting, or reporting requirements.

  • Order information is typically kept for a period necessary for accounting and legal compliance, after which it will be securely deleted or anonymised.
  • Payment information is not stored by us directly; it is securely processed by our payment service providers.
  • Customer communications may be retained for up to six years for record-keeping and legal obligations.
  • Data retained for marketing purposes (where applicable) will be kept until you withdraw your consent or opt-out.

Once the retention period expires, personal data is deleted or anonymised in a secure manner.

Data Processors and Third Parties

Flowers Muswell Hill works with trusted third-party providers (data processors) to help deliver our services. These partners process data on our behalf strictly following our instructions and GDPR requirements. Key types of processors include:

  • Payment service providers for handling secure transactions
  • IT and cloud storage providers for secure storage and management of electronic data
  • Courier and delivery partners for delivering your orders

All third-party service providers are vetted to ensure they have appropriate security and data privacy policies in place. We do not sell, rent, or trade your personal information with any other third parties for their own marketing or commercial purposes.

Your Rights as a Data Subject

Under the GDPR, you have important rights regarding your personal data:

  • Right of access: You can request a copy of the personal data we hold about you.
  • Right to rectification: You can request correction of any inaccurate or incomplete data.
  • Right to erasure: You have the right to request deletion of your personal data, provided there is no lawful reason for us to continue processing it.
  • Right to restriction of processing: You may request we restrict the processing of your data under certain circumstances.
  • Right to data portability: You can receive your personal data in a structured, commonly used, machine-readable format and have the right to transmit that data to another controller.
  • Right to object: You can object to the processing of your personal data in certain situations, including for direct marketing.
  • Right to withdraw consent: If processing is based on your consent, you may withdraw it at any time.

If you wish to exercise any of these rights, please contact us using the communication channels provided on our website or at our shop.

Data Security

We employ technical and organisational measures to protect your personal data against unauthorised access, accidental loss, alteration, destruction, or disclosure. These measures include secure data storage, encryption for electronic records, limited access to personal data, and staff training on data protection best practices.

Children's Privacy

Our services are not directed to children under the age of 16. We do not knowingly collect personal information from children. If we discover that a child under 16 has provided us with personal data, we will take steps to delete such information promptly.

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices or for other legal, regulatory, or operational reasons. Any significant changes will be communicated via our website. We encourage you to review this policy periodically.

Contact and Questions

If you have any questions regarding this Privacy Policy or your data rights, please reach out to us at Flowers Muswell Hill via the contact methods published on our website or in-store. We will respond to your request as soon as possible and always within the legal timeframe required by GDPR.

Your trust is important to us. Thank you for choosing Flowers Muswell Hill. We are dedicated to protecting your privacy and ensuring your personal data is handled safely and respectfully.