Flowers Walworth Privacy Policy Overview

Introduction

This Privacy Policy explains how Flowers Walworth collects, uses, stores, and shares your personal data when you place orders with us, whether from Walworth or the surrounding districts. We are fully committed to safeguarding your privacy and complying with the requirements of the General Data Protection Regulation (GDPR) and other UK data protection laws. By purchasing from Flowers Walworth, you acknowledge that this Policy applies to your personal data.

What Data We Collect

When you make an order or interact with us, we may collect the following categories of personal data:

  • Identity Data: Name, surname, and title.
  • Contact Data: Delivery address, billing address, contact numbers, and (if provided) email addresses.
  • Order Data: Details about your orders, including products, delivery instructions, and messages to recipients.
  • Payment Data: Payment card details (handled securely by our payment processors; we do not store full card details).
  • Technical Data: IP address, browser type, and cookies (if you use our website).
  • Communications Data: Your correspondence with us regarding orders, feedback, or queries.

Our Lawful Basis for Processing Your Data

Under GDPR, we are required to identify a lawful basis for collecting and processing your data. At Flowers Walworth, we process your personal data on one or more of the following bases:

  • Contractual Necessity: To fulfil your orders, deliver flowers, process payments, and provide customer service, it is necessary to handle your data.
  • Legal Obligations: We may collect and retain certain data for tax, accounting, and fraud prevention purposes as required by law.
  • Legitimate Interests: For improving our services, handling enquiries, and managing administrative functions, provided your interests and rights do not override ours.
  • Consent: Where we seek your agreement, such as for optional marketing communications, we will process your data based on consent, which you can withdraw at any time.

How We Use Your Data

Your personal data may be used for the following purposes:

  • To process, confirm, and fulfil your flower orders, including delivery and payment handling.
  • To communicate with you about your orders, changes, or customer service issues.
  • To keep records required by law or for accounting purposes.
  • To respond to your enquiries or handle your feedback.
  • To improve our website, services, and customer experience (e.g., via anonymised analysis or aggregated data).

Sharing Your Data: Our Processors

To carry out certain business operations, we engage trusted third parties ("data processors") that process data on our behalf. All partners are contractually obliged to handle your data securely and in compliance with GDPR. Data processors may include:

  • Payment Service Providers: To securely process card or digital payments (we do not store your full payment card data).
  • IT and Hosting Providers: Who enable our website and store business records.
  • Delivery Partners: In some cases, delivery logistics companies may handle address information for fulfilment.
  • Accountants or Legal Advisors: Where needed for statutory compliance.

We do not sell or rent your data to any third parties for marketing purposes.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements. Standard retention periods are:

  • Order and Transaction Records: Retained for up to six years from the completion of your order to comply with legal obligations.
  • Customer Correspondence: Kept for up to three years for service improvement and dispute resolution.
  • Technical and Website Data: Retained for up to two years for analytics and security purposes.

After these periods, data is securely deleted or anonymised.

Your Rights as a Customer

Under GDPR, you have various rights regarding your personal data. These include:

  • Right of Access: You may request a copy of the personal data we hold about you.
  • Right to Rectification: If your data is inaccurate or incomplete, you can ask us to correct it.
  • Right to Erasure: You may request deletion of your data where there is no further legal basis for retention.
  • Right to Object or Restrict Processing: You can object to or request limits on how we use your data.
  • Right to Data Portability: You have the right to obtain and reuse your data for your own purposes across different services, where technically feasible.
  • Right to Withdraw Consent: Where we rely on your consent (e.g., for marketing communications), you can withdraw it at any time.

To exercise any of these rights, please contact us using our standard communication methods. We will respond to requests in line with legal requirements, typically within one calendar month.

Security of Your Data

We take your privacy seriously and implement appropriate technical and organisational measures to protect your data. These measures include the use of secure servers, encrypted payment processing, and restricted staff access. While we strive to ensure the security of your personal data, no method of transmission over the internet is completely secure. We encourage you to keep your own devices and passwords safe at all times.

Policy Scope and Changes

This Privacy Policy is applicable to all customers placing orders from Walworth and neighbouring districts. We reserve the right to update this Policy to reflect changes in our practices, operations, or legal obligations. The latest version will always be provided to you before collecting any new personal data.

Contacting Flowers Walworth

If you have any questions about this Policy or our data practices, you can contact us via our regular customer service channels. We are committed to resolving any concerns you may have regarding your privacy and data protection at Flowers Walworth.