Old Ford Florist GDPR Privacy Policy
Our Commitment to Your Privacy
At Old Ford Florist, the privacy and protection of your personal data are of utmost importance to us. This privacy policy outlines how we collect, use, retain, and protect your information in compliance with the General Data Protection Regulation (GDPR). It applies to all customers placing orders with Old Ford Florist from Old Ford and surrounding districts.
What Data We Collect
We collect specific personal data required to process your orders and provide quality service. The information we collect may include:
- Contact Information: Such as your name, delivery address, billing address, and postcode.
- Order Details: This includes details of the products you purchase, delivery instructions, and any messages you request to accompany your orders.
- Payment Information: Details needed to carry out payment, though we do not store your full card details. Payment is processed through secure, compliant third-party payment processors.
- Communication History: Records of email or phone correspondence relating to your order, queries, or complaints.
- Technical Information: When you visit our website, we may collect information such as your IP address, browser type, operating system, and session activity through cookies and similar technologies.
Lawful Basis for Processing Data
Under the GDPR, we are required to identify legitimate grounds for processing your personal data. Our main lawful bases are:
- Performance of a contract: We process your data to fulfill our contractual obligation to provide goods and services, such as delivering your flower orders to the designated address.
- Legitimate interests: We may process your data to improve customer experience and service delivery, provided these interests do not override your rights and freedoms.
- Consent: For activities such as marketing communication, we seek your explicit consent before using your personal data. You may withdraw consent at any time.
- Legal obligations: We may be required to process your data to comply with financial or tax regulations.
How We Use Your Information
Your personal data is used for the following purposes:
- Processing and fulfilling your orders, including arranging delivery.
- Managing payments and invoices.
- Communicating with you regarding your order status or any customer service issues.
- Improving our products, services, and user experience.
- Complying with legal and regulatory requirements.
Data Retention Policy
We only retain your personal data for as long as necessary to fulfill the purposes outlined in this policy, including satisfying legal, accounting, or reporting requirements. The retention period depends on the nature of the data and the purpose for which it is processed. Typically, order information and associated contact details are kept for up to six years to comply with tax and accounting laws. After this period, your information will be securely deleted or anonymized, except where legal obligations require otherwise.
Data Processors and Sharing Information
To provide a seamless service, we may share your data with trusted third parties (data processors) for the following reasons:
- Payment processing (e.g., third-party payment gateways).
- Courier and delivery services to ensure timely delivery of your order.
- Information technology and hosting services that support our website and systems.
All third-party processors act on our instructions and are contractually obligated to comply with GDPR, maintain the confidentiality and security of your data, and not use your information for their own purposes. We never sell or rent your personal data to third parties for marketing or other purposes.
Your Rights Under GDPR
As a customer, you have several important rights regarding your personal data:
- Right to Access: You can request details of the personal data we hold about you.
- Right to Rectification: You have the right to ask us to correct any inaccurate or incomplete data.
- Right to Erasure: You can request the deletion of your data under certain circumstances, unless we are required to retain it by law.
- Right to Restrict Processing: You can ask us to restrict how we use your data while a complaint is being investigated or if you contest its accuracy.
- Right to Object: You may object to the processing of your data for direct marketing purposes or where processing is based on legitimate interests.
- Right to Data Portability: Where applicable, you may ask to receive your personal data in a structured, commonly used format or have it transferred to another service provider.
- Right to Withdraw Consent: Where processing relies on your consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.
- Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been infringed.
Security Measures
Your data is protected through appropriate technical and organisational measures. These include secure servers, encryption protocols, access controls, and regular staff training to ensure your information is handled responsibly. We continuously review these measures to identify and mitigate potential risks.
Policy Updates
This privacy policy may be updated from time to time to reflect changes in our practices or legal requirements. Any significant changes will be communicated clearly through our usual channels.
Applicability
This policy applies to all customers placing Old Ford Florist orders from Old Ford and the surrounding districts. By making a purchase or submitting personal data to us, you acknowledge the practices described in this policy.
Contact and Further Queries
If you have questions regarding this privacy policy or how we handle your personal data, please contact us using the contact methods published on our website or within your order confirmation materials.