Florist Little Ilford Privacy Standards

Introduction

This Privacy Policy explains how Florist Little Ilford collects, uses, and protects the personal data of customers placing orders from Little Ilford and its surrounding districts. We respect your privacy and process your personal data in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

Scope of this Policy

This Privacy Policy applies to all individuals who place orders with Florist Little Ilford, whether through our website, by telephone, or in-person within Little Ilford and the surrounding districts. By using our services, you acknowledge that you have read and understood the terms set out in this policy.

What Personal Data We Collect

We collect the following categories of personal data when you interact with Florist Little Ilford:

• Identification Data: Name, title, and contact details (such as address, delivery address, and any contact preferences you provide)
• Order Information: Details regarding your order including delivery instructions, messages to recipients, and purchased products
• Payment Information: Payment method and transaction details (processed securely by our payment provider; we do not store full card details)
• Communication Data: Any correspondence you have with us (such as special instructions or feedback)
• Technical Data: Information about your device, browser, and usage of our website, collected via cookies and analytics tools

Lawful Basis for Processing

Under GDPR, we must have a lawful basis for processing your personal data. Florist Little Ilford relies on the following bases:

• Performance of a Contract: Most data is collected to process and fulfill your orders, respond to enquiries, and provide customer service.
• Legal Obligations: Some information is retained to comply with legal and regulatory requirements, such as tax and accounting laws.
• Legitimate Interests: We may use your information to improve our services, maintain security, and prevent fraud, provided these interests are not overridden by your rights.
• Consent: In cases where we send you marketing communications, this is done with your explicit consent, which you may withdraw at any time.

How We Use Your Data

Your personal data is used for the following purposes:

• Fulfilling and managing your flower orders
• Processing payments and delivering products
• Responding to your queries and requests
• Personalizing your experience and our communications
• Complying with legal or regulatory requirements
• Improving our website and services

Data Retention

We retain your personal data only for as long as is necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. Typically, order-related data is kept for up to six years after the completion of your order, in accordance with applicable legal retention periods. Once personal data is no longer required, it is securely deleted or anonymised.

Processors and Data Sharing

Florist Little Ilford may share your personal data with trusted third-party service providers for specific tasks related to your order, including payment processing, delivery services, website hosting, and technical support. These processors are only permitted to use your information according to our instructions and are required to keep your data secure and confidential. We do not sell, rent, or trade your personal data to any third parties for marketing purposes.

International Data Transfers

Your data may occasionally be processed outside the European Economic Area (EEA) by our service providers. In such cases, we ensure adequate safeguards are in place, such as contractual data protection clauses, to protect your privacy rights in accordance with GDPR requirements.

Cookies and Website Analytics

We use cookies and similar technologies to collect technical data about your use of our website. Cookies help us enhance your browsing experience, analyze site traffic, and identify technical issues. You can set your browser to refuse some or all cookies, although this may affect the functionality of our site. Detailed information regarding our use of cookies is available in our separate Cookie Policy.

Your Rights under GDPR

As a data subject, you have the following rights regarding your personal data:

• Right to Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You may ask us to correct inaccurate or incomplete data.
• Right to Erasure: You can request the deletion of your data, where there is no legal basis for its retention.
• Right to Restrict Processing: You may ask us to restrict processing in certain circumstances.
• Right to Data Portability: You are entitled to receive your personal data in a portable format.
• Right to Object: You may object to our use of your data, in particular for direct marketing.
• Right to Withdraw Consent: Where processing is based on your consent, you may withdraw it at any time.

To exercise any of these rights, please contact us using the details provided on our website or in our communications.

Data Security

We are committed to keeping your data secure. Appropriate technical and organisational measures are taken to ensure your personal data is protected against unauthorized access, loss, or misuse. This includes secure systems, regular staff training, and restricted access within the organisation.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. The current version will always be available on our website. We encourage you to review this Policy periodically.

Contact and Complaints

If you have any questions, concerns, or requests regarding this Privacy Policy, or if you wish to make a complaint regarding the handling of your personal data, please reach out to us using the contact details provided on our website. You also have the right to lodge a complaint with the relevant supervisory authority in the United Kingdom.