Florist Noak Hill Privacy Policy

Introduction

This Privacy Policy explains how Florist Noak Hill processes your personal data in accordance with the UK General Data Protection Regulation (GDPR). This policy applies to all customers who place orders with Florist Noak Hill in Noak Hill and the surrounding districts. Keeping your information secure and respecting your privacy is of utmost importance to us.

What Data We Collect

When you place an order with Florist Noak Hill, we may collect the following categories of personal data:

  • Identity Data: Your full name.
  • Contact Data: Your address, telephone number, and delivery address (if different from billing address).
  • Order Information: Details of the products you order, delivery notes, date and time of order, and any personal messages for recipients.
  • Payment Data: Payment method used; we do not store or directly process your full card details. These are managed securely by our payment processor.
  • Customer Correspondence: Records of communications between you and Florist Noak Hill, such as emails, phone calls or written messages, which may be recorded for quality and training purposes.
  • Marketing Preferences: Your preferences in receiving marketing communications from us.

Lawful Basis for Processing Your Data

We process your personal data based on the following lawful bases as required by the GDPR:

  • Contractual Necessity: To process and deliver your order, including communication about your purchase, we require certain personal data.
  • Legal Obligation: We may process and retain personal data to comply with applicable laws, such as those governing financial record-keeping.
  • Legitimate Interests: To improve our services, prevent fraud, or protect the security of our systems, provided your rights and freedoms are not overridden.
  • Consent: For marketing communications, we rely on your explicit consent, which you can withdraw at any time.

How We Use Your Data

Your personal data is used strictly for purposes relevant to your interactions with Florist Noak Hill and to enhance our services, including:

  • Processing, fulfilling, and delivering your orders.
  • Contacting you regarding your order, delivery status, or any issues arising from your order.
  • Responding to your enquiries or complaints.
  • Maintaining necessary business and financial records.
  • Sending marketing offers (where you have given consent).
  • Improving our services and customer experience.

Data Retention

We retain your personal data only for as long as necessary for the purposes for which it was collected, or as required to fulfil our legal obligations. The retention periods are as follows:

  • Order and transaction information: Retained for up to 7 years in compliance with financial and tax regulations.
  • Customer service correspondence: Retained for up to 3 years after the last interaction.
  • Marketing preference data: Retained until you withdraw your consent or unsubscribe.
  • Other personal data: Retained only as long as necessary to fulfil the relevant purposes, unless otherwise required by law.

Third Party Data Processors

To provide our services, we may share your data with certain third-party service providers ("processors") who act on our behalf. These include:

  • Payment processors: To securely process your payment transactions.
  • Delivery partners: To facilitate the delivery of your floral orders.
  • IT and system support providers: Who maintain our order management and communications systems.
  • Professional advisors: Such as accountants or auditors for compliance purposes.

All processors are carefully chosen to ensure they provide adequate safeguards for your personal data and process it in accordance with our instructions and the law. We do not sell or rent your data to any third parties.

Your Rights Under GDPR

As a data subject, you have several rights under the GDPR regarding your personal data, including:

  • Right to Access: You can request to see the personal data we hold about you.
  • Right to Rectification: You can ask us to correct inaccurate or incomplete data.
  • Right to Erasure ("Right to be Forgotten"): You can ask us to delete your data where there is no lawful reason for us to retain it.
  • Right to Restriction: You can request that we limit the way we use your data.
  • Right to Data Portability: You can request to receive your data in a structured, commonly used format, and have it transferred to another provider.
  • Right to Object: You can object to the processing of your data where we rely on our legitimate interests or for marketing purposes.
  • Right to Withdraw Consent: Where we rely on your consent, you may withdraw it at any time without affecting the lawfulness of processing prior to withdrawal.

To exercise any of these rights, please contact us using the methods provided on our website or through the means by which you placed your order.

Data Security

We implement appropriate technical and organisational measures to safeguard your personal data. This includes secure storage, access controls, encryption where appropriate, and regular staff training. In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and relevant authorities as required by law.

Policy Updates

We may update this Privacy Policy from time to time in response to legal, technical, or business changes. Any amendments will be posted on our website and will be effective as of the date of publication. We encourage you to review this policy regularly.

Contact Us

If you have any questions about this Privacy Policy or how your personal data is handled, please reach out using the contact details provided on our website or speak with a staff member in-store. We take your privacy seriously and are committed to addressing any concerns you may have.