Flower Delivery Sipson Privacy Policy
Introduction
Flower Delivery Sipson is committed to safeguarding your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, protect, and manage your information when you place orders with Flower Delivery Sipson from Sipson and surrounding districts. We are dedicated to complying with the UK General Data Protection Regulation (GDPR) and ensuring you have confidence in how your personal data is treated when interacting with our services.
Scope of this Policy
This policy applies to all individuals who place orders for flower delivery through Flower Delivery Sipson, whether online, by telephone, or in person, within Sipson and the neighbouring districts. It details our practices regarding the collection, use, sharing, and retention of your personal data.
What Data We Collect
We may collect and process various types of personal data, depending on your interaction with our services:
- Contact Details: Your name, delivery recipient's name, postal address, email address, and telephone number.
- Order Information: Details of products you order, delivery instructions, order history, occasion messages or gift notes, and payment method (note: we do not process or store complete card details).
- Communication Records: Correspondence with customer service, feedback, and recorded customer queries.
- Technical Data: Device type, IP address, browser type, date and time of access, and website usage information collected through cookies.
Purpose and Lawful Basis for Processing
Under GDPR, we must have a lawful basis to process your data. We process your data for the following purposes and under these lawful bases:
- Contract: To process and fulfil your order and provide customer service (Article 6(1)(b) GDPR).
- Legal Obligation: For compliance with our legal obligations regarding taxation and accounting (Article 6(1)(c) GDPR).
- Legitimate Interests: For operational reasons, such as administrative efficiency, product improvement, and fraud prevention (Article 6(1)(f) GDPR).
- Consent: We may ask for your explicit consent for specific marketing communications. You can withdraw your consent at any time.
Data Retention
We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, to comply with legal or accounting obligations, or to resolve disputes. The standard retention periods are as follows:
- Order and delivery information: retained for six years from the date of purchase, in line with accounting requirements.
- Communications and customer service correspondence: retained for up to two years after your last interaction.
- Technical and analytics data: retained for up to 18 months after collection.
When data retention is no longer necessary, your personal data will be securely erased or anonymised.
Sharing Personal Data and Data Processors
To provide you with our services, we may share your personal data with trusted third-party service providers ("processors") who act on our instructions and only process data for specified purposes. These may include:
- Payment processing companies (for secure transaction handling)
- Couriers and delivery services (to enable flowers to reach their destination)
- IT and software providers (for website hosting, order management, and analytics)
- Professional advisors (such as accountants or auditors as required by law)
We require all processors to respect the security of your personal data, to act only according to our instructions, and to comply fully with data protection legislation. We do not sell or rent your data to third parties for marketing purposes.
International Transfers
Most of your data is stored and processed within the United Kingdom or the European Economic Area (EEA). Should we transfer your data outside these regions, we will ensure suitable safeguards are in place, such as standard contractual clauses or equivalent mechanisms, to protect your information.
Your Rights Under GDPR
As a data subject, you have a range of rights over your personal data under GDPR:
- Right of Access: Request a copy of the personal data we hold about you.
- Right to Rectification: Request correction of inaccurate or incomplete data.
- Right to Erasure: Ask for your data to be erased when it is no longer necessary or if you withdraw consent.
- Right to Restrict Processing: Ask us to limit how we use your data.
- Right to Data Portability: Request your data in a commonly used format and transfer it to another service provider.
- Right to Object: Object to processing based on legitimate interests or direct marketing.
- Right to Withdraw Consent: If we process your data with consent, you can withdraw it at any time.
To exercise your rights, please contact us through our usual customer service channels. To ensure your data is protected, we may require verification of your identity before fulfilling your request.
Security Measures
We implement suitable technical and organisational measures to protect your personal data from unauthorised access, loss, destruction, or alteration. Measures include data encryption, secure servers, access controls, and staff training. While no method of transmission or storage is completely secure, we are committed to maintaining high standards of data protection.
Changes to This Policy
We may update this Privacy Policy as needed to reflect legal standards, operational changes, or improvements. Any substantial changes will be clearly communicated via our website or, where appropriate, by direct notification. The most current version will always be available for your review.
Contact & Complaints
If you have any questions or concerns about this privacy policy or wish to exercise your rights, please contact our customer service team through the methods provided on our website. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) or your local data protection authority.
Thank you for choosing Flower Delivery Sipson. We value your trust and are committed to protecting your privacy.
