Flower Delivery Shooter's Hill Privacy Policy

Introduction

This Privacy Policy explains how Flower Delivery Shooter's Hill ("we", "us", or "our") collects, uses, stores, and protects your personal information when you place orders with us from Shooter's Hill and the surrounding districts. Our practices are designed to comply with the General Data Protection Regulation (GDPR) and to ensure your data is handled with the utmost care and transparency.

Who Does This Policy Apply To?

This policy applies to all individuals who place flower delivery orders with Flower Delivery Shooter's Hill from Shooter's Hill and nearby areas. It applies whether you order through our website, by phone, or in person.

What Data We Collect

We collect only the personal information necessary to fulfil your orders and provide excellent service. The types of data we collect may include:

  • Contact Information: Your name, address, delivery address, phone number, and other contact details necessary to process and deliver your order.
  • Order Details: Information regarding the flowers and products you purchase, your order history, personalised messages, and delivery instructions.
  • Payment Information: Payment card details or transaction records, processed securely by our payment processors.
  • Communication Data: Records of communications between you and our team, such as emails, messages, or phone calls relating to your order or queries.
  • Technical Information: When you use our website, we may collect your IP address, browser type, access times, and device information for analytical and security purposes.

Lawful Basis for Processing Your Data

Under GDPR, we are required to have a lawful basis to process your personal data. Our main bases for processing are:

  • Contractual Necessity: We process your information as it is necessary to fulfil our contract with you when you place an order for delivery.
  • Legal Obligations: We may retain certain data to comply with laws relating to tax, accounting, or fraud prevention.
  • Legitimate Interests: We use your information to improve our services, manage operational efficiency, and communicate relevant updates, provided this does not override your rights or interests.
  • Consent: On some occasions, such as for unsolicited marketing communications, we will ask for your explicit consent. You may withdraw this at any time.

How We Use Your Data

Your data is used for the following purposes:

  • Processing, confirming, and delivering your flower orders efficiently and correctly.
  • Communicating with you regarding your orders, queries, or customer service requests.
  • Managing and fulfilling payments securely through trusted processors.
  • Personalising your experience, such as remembering preferences or previous orders (if applicable).
  • Complying with legal, regulatory, and accounting obligations.
  • Conducting analysis to improve our products and services.

Who Processes Your Data (Processors)

We work with selected third-party processors who help us manage our business and deliver your order. These processors act only under our instructions and are contractually bound to uphold your data protection rights. Examples include:

  • Payment Processors: Securely handle card transactions and payment details.
  • IT & Hosting Providers: Store data on secure servers and provide technical support.
  • Delivery Partners: Help deliver your order to the designated address.

We do not sell your data or share it with unrelated third parties for their own purposes.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including for satisfying any legal, accounting, or reporting requirements. Our retention periods are:

  • Order and Contact Data: Kept for up to seven years to comply with legal obligations and for order-related queries.
  • Marketing Data: Kept until you withdraw consent or unsubscribe.
  • Technical Data: Retained for up to two years for analytics and security.

After these periods, your data will be securely deleted or anonymised.

Data Security

We implement robust security measures to protect your personal data from loss, misuse, unauthorised access, disclosure, alteration, or destruction. These include encrypted transmissions, secure servers, and regular reviews of our data handling practices.

Your Data Protection Rights

Under the GDPR, you have several rights in relation to your personal data. You can:

  • Access: Request a copy of the personal data we hold about you.
  • Rectify: Ask us to correct any inaccurate or incomplete information.
  • Erase: Request erasure of your personal data when it is no longer necessary for us to retain it, unless prevented by law.
  • Object: Object to our processing based on legitimate interests or direct marketing purposes.
  • Restrict: Ask us to restrict processing if there is a dispute about accuracy or lawfulness.
  • Portability: Request the transfer of your data to you or another service provider where technically feasible.
  • Withdraw Consent: Withdraw your consent at any time for processing activities that rely on it (e.g., marketing communications).

To exercise your rights, please contact us using the contact form or service channels indicated on our website. We may verify your identity and will respond to your request within the timeframe set out by applicable law.

Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Any significant amendments will be clearly published on this page. We encourage you to review this policy periodically for the latest information regarding your privacy.

Contacting Us

If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, you can contact us using the methods listed on our website. We are committed to working with you to resolve any issue to your satisfaction.