Florist Barnsbury Privacy Policy

Introduction

This Privacy Policy explains how Florist Barnsbury (“we”, “our”, “us”) collects, uses, shares, and safeguards the personal data of customers placing orders within Barnsbury and surrounding districts. We are committed to complying with the General Data Protection Regulation (GDPR) and ensuring the privacy and security of your personal information. This policy applies to all individuals who use our services within our operating area.

What Personal Data We Collect

When you place an order with Florist Barnsbury, we may collect and process the following categories of personal data:

  • Identification Data: Name, title.
  • Contact Information: Delivery address, billing address, postcode, and other location details within Barnsbury and nearby districts.
  • Communication Data: Any information you provide when contacting us or leaving notes/instructions with your order.
  • Order Details: Information about your purchases, payment method (note: we do not store your full card details), and order history.
  • Recipient Information: Name and delivery address of recipients (where different from the customer).
  • Technical Data: IP address, browser type, and other data provided through cookies or website analytics.

Lawful Basis for Processing Your Data

Under the GDPR, we are required to have a legal basis to process your personal data. The lawful bases on which we rely are:

  • Contractual Necessity: Processing your data is necessary to fulfil your order and provide you with products or services.
  • Legitimate Interests: We may use your information to enhance our services, for administrative purposes, or to prevent fraud, where our interests are not overridden by your data protection rights.
  • Legal Obligation: We may process your data to comply with legal requirements, such as tax or accounting regulations.
  • Consent: For marketing communications and certain types of data processing, we will ask for your explicit consent. You may withdraw consent at any time.

How We Use Your Personal Data

We use your personal data for the following purposes:

  • To process and deliver your orders and purchases.
  • To communicate order updates, confirmations, and respond to your enquiries.
  • To customise and improve our services based on your preferences and feedback.
  • To process payments and prevent fraudulent transactions.
  • To meet legal, regulatory, or accounting obligations.
  • With your consent, to send marketing and promotional materials, such as special offers or newsletters.

Data Retention: How Long We Keep Your Data

We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, including to meet legal, accounting, or reporting obligations. Typically, we retain order-related information for up to six years due to regulatory and tax requirements. Data used for marketing will be retained until you withdraw your consent or request deletion. Once retention periods expire, data is securely deleted or anonymised.

Who Processes and Has Access to Your Data

We may share your data with carefully selected third-party processors who support our business operations and help us deliver your order efficiently. These may include:

  • Payment Processors: To process payments securely. Only limited payment data is shared, and we do not retain your full card details.
  • Delivery Partners: To enable delivery of your orders within Barnsbury and surrounding areas.
  • IT Service Providers: For data hosting, website management, and technical support.
  • Professional Advisors: Such as accountants or legal professionals, if required for compliance.

Our third-party processors are bound by contractual obligations to protect your data in accordance with GDPR standards. We do not sell or rent your personal data to any third parties for marketing purposes.

Your Rights Under GDPR

As a customer, you have the following rights over your personal data:

  • Right to Access: You can request a copy of your personal data held by us.
  • Right to Rectification: You may ask us to correct or update inaccurate or incomplete information we hold about you.
  • Right to Erasure: You can request deletion of your personal information, except where we are legally required to retain it.
  • Right to Restriction: You can request that we restrict the processing of your data in certain circumstances.
  • Right to Data Portability: You can request to receive your personal data in a structured, machine-readable format or have it transferred to another service provider.
  • Right to Object: You may object to our processing your data based on legitimate interests or for direct marketing.
  • Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw it at any time.

We will respond to your rights requests as required by law and within one month of receiving your request.

Your Data Security

We take the security of your data seriously. We implement appropriate technical, physical, and organisational measures to ensure a level of security appropriate to the risk, including encryption, access controls, and secure storage. Access to personal data is limited to authorised personnel and only where necessary for business operations.

Policy Updates and Contacting Us

We may revise this Privacy Policy from time to time to reflect changing legal, regulatory, or business requirements. The most current version will always be available on our website and will state the date of its last update. By continuing to use our services after changes are made, you accept the revised policy. For any questions, or to exercise your rights regarding your data, please contact us using the details provided on our website.

Scope of Policy

This Privacy Policy applies to all customers who place orders with Florist Barnsbury, whether residing in Barnsbury or the surrounding districts. By using our services, you acknowledge that you have read and understood this policy.