Florist Queen's Park Customer Privacy Policy

Introduction

At Florist Queen's Park, we are committed to safeguarding the privacy and security of our customers' personal information. This Privacy Policy explains how we collect, use, store, and protect your data in compliance with the General Data Protection Regulation (GDPR). The policy applies to all customers placing orders with Florist Queen's Park from Queen's Park and the surrounding districts.

Who We Are

Florist Queen's Park is a provider of floristry services for customers located in Queen's Park and nearby areas. We collect and process personal data necessary to fulfill your orders and deliver a high standard of customer service.

What Data We Collect

We collect and process only the information necessary to provide our services effectively. The data we may collect includes:

  • Identity Information: Full name.
  • Contact Details: Delivery address, billing address, and delivery instructions.
  • Transaction Data: Details of the products you have ordered, purchase history, and payment confirmation.
  • Recipient Data: Name and delivery address of the recipient (if different from the customer placing the order).
  • Communication Records: Order-related correspondence or customer service queries.
  • Technical Data: Where applicable, we may gather IP addresses, browser type, device details, and anonymised analytics for website functionality and security.

Purposes and Lawful Basis for Processing

We process your data for the following purposes, each with an appropriate lawful basis under GDPR:

  • Contractual necessity: Most personal data is processed to fulfill our contract with you (e.g., processing and delivering your order).
  • Legitimate interests: To improve our services, ensure the security of our website, and respond to queries or complaints, provided such interests do not override your rights.
  • Legal obligation: To comply with any legal requirements relating to financial record-keeping and other statutory obligations.
  • Consent: Where you have chosen to receive marketing communications or for any processing that is not covered by the above bases, we rely on your explicit consent, which you may withdraw at any time.

How We Use Your Data

Data is used strictly for the purposes it was collected. In particular, we use your information to:

  • Process and manage your flower orders
  • Deliver products to the specified address
  • Handle payments and refunds
  • Communicate updates regarding your order
  • Respond to customer enquiries and support requests
  • Improve and secure our website’s operations (where technical or analytic data is collected)
  • Meet legal and regulatory requirements

Data Retention

We retain your personal data only as long as necessary for the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Generally, we keep order and customer records for up to six years after the transaction, in line with financial and consumer law. Communication records are typically retained for up to two years. Recipient details are retained only as long as necessary to complete delivery and resolve any associated issues.

Data Processors and Sharing

We do not sell or lease your personal data. Where necessary, we share it with trusted third-party service providers to assist with order fulfillment, payment processing, accountancy, IT support, or delivery logistics. These processors act on our instructions, are contractually bound to protect your data, and may not use it for their own purposes. Processors may include payment gateways, IT hosting providers, couriers, and software platforms.

Where legally required, we may also disclose information to regulatory or legal authorities. If we ever transfer data outside of the European Economic Area, we will ensure appropriate safeguards are in place as required by GDPR.

Your Data Protection Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right to access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Ask for your data to be deleted where we no longer have a legal basis to retain it.
  • Right to restrict processing: Request that we suspend the processing of your data in certain circumstances.
  • Right to data portability: Request the transfer of your data to yourself or another controller, where technically feasible.
  • Right to object: Object to processing of your data where we are relying on legitimate interests or for direct marketing.
  • Right to withdraw consent: Where we rely on your consent (such as for marketing), you can withdraw it at any time.

To exercise these rights, please contact us using the details provided through our website or other official channels. We may require proof of identity to safeguard your privacy. You also have the right to lodge a complaint with the relevant supervisory authority if you are unhappy with how we have handled your data.

Security Measures

We implement appropriate technical and organisational measures to ensure your personal data is kept secure and confidential. This includes encrypted payment processing, secure servers, data minimisation, and regular staff training on data protection. Despite our efforts, the transmission of information via the internet is not completely secure and any such transmission is at your own risk.

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in practices, laws, or technology. Please review this page periodically for the latest information. Continued use of our services following an update indicates acceptance of the revised policy.

Contact and Further Information

If you have any questions or wish to exercise your data protection rights, please contact us through our website’s official channels. We are committed to working with you to ensure your information is safe and your rights are upheld.