Bexley Flowers Privacy Policy

Introduction

This Privacy Policy outlines how Bexley Flowers (“we,” “us,” or “our”) collects, processes, and protects the personal data of customers (“you”) who place orders from Bexley and surrounding districts. We are committed to complying with the UK General Data Protection Regulation (GDPR) and other applicable laws to ensure your privacy is respected and your personal data is handled appropriately.

Who This Policy Applies To

This policy applies to all customers placing orders with Bexley Flowers from within Bexley and neighboring districts. By placing an order with us, you acknowledge that you have read and understood this Privacy Policy.

What Data We Collect

When you interact with us, we may collect and process the following personal data as part of our business activities:

  • Contact Information: Your name, delivery address, billing address, and contact details such as telephone number.
  • Order Information: Details about your order, including recipient’s name and address, card messages, and any preferences or special instructions.
  • Payment Details: Limited payment information necessary to process your transaction. Payment card details are processed directly by our payment processor and are not stored by Bexley Flowers.
  • Communication Records: Records of communications (such as emails, notes regarding your order or queries).
  • Technical Data: Information related to your use of our website, such as IP address, browser type, operating system, and usage data. This may be collected via cookies or similar technologies.

Lawful Basis for Processing

We process your personal data based on the following lawful grounds under the GDPR:

  • Contractual Necessity: Most of the information we collect is necessary to fulfill your order and provide you with our flower delivery services.
  • Legal Obligation: We may process certain data to comply with legal requirements, such as taxation or accounting rules.
  • Legitimate Interests: We may use your data to improve our services, handle queries and complaints, or notify you of essential changes, where this does not override your fundamental rights.
  • Consent: On rare occasions, we may ask for your explicit consent for specific uses (e.g., marketing communications), which you may withdraw at any time.

How We Use Your Data

Your personal data may be used in the following ways:

  • To process payments and deliver your orders.
  • To contact you about your order, respond to your requests or queries, and provide customer support.
  • To manage business operations such as accounting, administration, and quality control.
  • To fulfil legal, regulatory, or contractual obligations.
  • To enhance our services and user experience.

Data Processors and Sharing

We may share your personal data with selected third parties only when necessary for processing orders or fulfilling legal requirements. These may include:

  • Payment Service Providers: To handle your transaction securely (card details are not retained by us).
  • Delivery Partners: To ensure your flowers are delivered as instructed.
  • IT and Web Service Providers: For website hosting, technical support, or maintenance services.
  • Accountants or Regulatory Bodies: Where legally required.

All third-party service providers are required to handle your data securely and only use it according to our instructions and the law. We do not sell, rent, or trade your personal data to unrelated third parties.

International Data Transfers

We aim to store and process your data within the United Kingdom. If, for any reason, your data is transferred outside the UK or European Economic Area, we ensure appropriate safeguards are in place to protect your privacy in accordance with GDPR requirements.

Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes we collected it for, including legal, accounting, or reporting obligations. Typically, order and customer records are kept for up to six years after your last purchase or interaction, unless a longer retention period is required by law. After this period, your data will be securely deleted or anonymised.

Data Security

Bexley Flowers implements appropriate technical and organisational measures to protect your personal data from accidental loss, misuse, unauthorised access, alteration, or disclosure. Access to your data is restricted to authorised staff and necessary service providers who are bound by confidentiality obligations.

Your Rights

Under the UK GDPR, you have the following rights regarding your personal data:

  • Right of Access: You may request access to the personal data we hold about you.
  • Right to Rectification: You can ask us to correct or update your information.
  • Right to Erasure: You may request deletion of your data where there is no compelling reason for its continued processing.
  • Right to Restrict Processing: You can ask us to limit the processing of your data under certain circumstances.
  • Right to Data Portability: You have the right to receive your data in a commonly used format and transfer it to another provider.
  • Right to Object: You can object to processing based on legitimate interests or direct marketing.
  • Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw this at any time.

If you wish to exercise any of your rights, please contact us using the contact methods detailed on our website. We will endeavor to respond to all legitimate requests within one month.

Changes to This Privacy Policy

Bexley Flowers reserves the right to update this Privacy Policy at any time to reflect changes in legal, technical, or business developments. The effective date will be indicated at the start of this policy. We encourage you to review this page regularly for the latest information on our privacy practices.

Contact and Complaints

If you have any questions about this policy, your data, or how we use it, please use the contact details available on our website to get in touch. You also have the right to lodge a complaint about our processing of your information with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection.

Summary

Protecting your personal data is a priority at Bexley Flowers. We strive to process your information lawfully, fairly, and transparently, ensuring your privacy is respected throughout every step of your customer experience with us.