Privacy and Data Protection for Flower Delivery Loughton Customers

Our Commitment to Your Privacy

At Flower Delivery Loughton, we are dedicated to ensuring the security and privacy of our customers' personal data. This Privacy Policy outlines how we collect, use, retain, and protect your information in compliance with the General Data Protection Regulation (GDPR). This policy applies to all customers who place orders for flower deliveries within Loughton and the surrounding districts.

What Data We Collect

We collect only the personal data necessary to provide you with a seamless flower delivery service and to comply with our legal obligations. The types of personal data we collect include:

  • Contact Information: Full name, billing address, delivery address, and telephone number.
  • Order Information: Details of flower arrangements purchased, gift messages, preferred delivery date and time, and payment details (processed securely via our payment processor).
  • Account Information: If you choose to create an account, we collect your email address, user credentials, and order history.
  • Communication Data: Any correspondence you have with us, including order queries, feedback, and customer support requests.
  • Technical Data: Limited information related to your devices and website interactions, such as IP address, browser type, date and time of access, and cookies for essential website functionality.

Lawful Basis for Processing Your Data

Under the GDPR, we are required to have a lawful basis for collecting and processing your personal information. For Flower Delivery Loughton, these include:

  • Contractual Necessity: We process your contact and order information to fulfill your flower delivery orders, make arrangements for delivery, process payments, and communicate order updates.
  • Legal Obligation: We may process certain personal data to comply with legal or regulatory requirements, such as record-keeping for tax and accounting purposes.
  • Legitimate Interests: We process some data to improve our services, prevent fraud, and ensure customer support, provided such processing does not override your fundamental rights and freedoms.
  • Consent: Where we require secondary uses of data (such as offering marketing communications), we will seek your explicit consent. You can withdraw your consent at any time.

How We Use Your Data

Your personal data is used only for the purposes specified and in accordance with applicable laws. The main uses are to:

  • Process and deliver your flower order efficiently.
  • Communicate with you about your order status, delivery issues, or customer support requests.
  • Handle billing and payment processes securely through vetted payment gateways.
  • Improve our website, offerings, and customer service operations.
  • Comply with legal and regulatory obligations.
  • Send you marketing updates or promotions if you have opted in (with the right to opt out at any time).

Data Retention Policy

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including satisfying any legal or reporting obligations. The retention period is determined by:

  • The duration required to process and deliver your order(s).
  • Any statutory obligations for keeping transaction records (such as tax or accounting purposes, typically up to seven years).
  • Operational needs (historical order queries or repeat customer benefits).
  • Your preferences — you can request data deletion at any time, subject to exceptions for legal compliance.

Once retention periods have expired, we securely delete or anonymize your data.

Data Processors and Third Parties

To deliver our services, we use trusted third-party service providers, known as data processors, under strict contractual obligations. These include:

  • Payment Processors: To handle and secure transactions. We do not store your complete payment card details on our systems.
  • Delivery Partners: To coordinate and complete flower deliveries to your specified address.
  • IT and Website Support: To ensure our systems operate reliably and securely.

All third parties process your data exclusively for service delivery and may only access data necessary to perform their function. We do not sell or share your data with unrelated third parties.

User Rights Under GDPR

As a customer of Flower Delivery Loughton, you have specific rights regarding your personal data, including:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Ask us to correct or update inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data, subject to legal exceptions.
  • Right to Restrict Processing: Ask us to restrict how your data is used in certain circumstances.
  • Right to Data Portability: Receive your personal data in a commonly used, machine-readable format, or ask us to transmit it to another controller.
  • Right to Object: Object to processing based on legitimate interests or direct marketing.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time.

To exercise any of these rights, or to make a data-related request, please contact us using the methods indicated on our website. We will respond within the timelines required by GDPR.

Data Security

We implement appropriate technical and organisational measures to keep your personal data secure. This includes encrypted payment processing, secure data storage, regularly updated security protocols, and access controls to minimize risk of data loss, theft, or unauthorized access.

International Transfers

Flower Delivery Loughton does not generally transfer personal data outside the United Kingdom or European Economic Area (EEA). If, due to technical issues or third-party service providers, any data needs to be transferred internationally, we ensure adequate safeguards are in place to protect your rights and data privacy.

Policy Updates

We may update this Privacy Policy to reflect legislative or operational changes. Any material updates will be clearly communicated on our website. We encourage you to review this policy periodically to stay informed.

Contact Us

If you have questions about this Privacy Policy, your personal data, or your GDPR rights, please use the contact details provided on our website to reach our data protection team.