Flowers Lee Privacy Policy: Information for Customers in Lee and Surrounding Districts

Introduction

This Privacy Policy explains how Flowers Lee collects, uses, stores, and protects your personal information when you place an order with us. This Policy covers all customers who make purchases from Flowers Lee for delivery in Lee and surrounding districts, and complies with the General Data Protection Regulation (GDPR). Your privacy is our priority, and we are committed to transparency and responsibility in handling your data.

What Personal Data We Collect

When you place a Flowers Lee order, we collect and process the following data to deliver our services:

  • Identification Data: Name, delivery address, and contact details (such as phone number).
  • Order Information: Details of the flowers and products ordered, delivery instructions, and purchase history.
  • Payment Information: Transaction details (note: card details are processed securely by third-party payment providers and are not stored by Flowers Lee).
  • Communication Data: Emails, feedback, and messages exchanged with our team regarding your order.

We do not collect more information than is strictly necessary to fulfil your order and communicate with you regarding your purchase.

Lawful Basis for Processing Your Data

We only process your personal data when there is a lawful basis to do so, as outlined by GDPR. The main reasons are:

  • Contractual Necessity: Your data is required to fulfil and deliver your order, and to provide customer support.
  • Legal Compliance: We may be required to retain transaction records for tax and legal obligations.
  • Legitimate Interests: We may use your data to improve our products and services, provided this does not override your rights and interests.
  • Consent: In certain cases, such as receiving promotional messages (if applicable), we rely on your explicit consent, which you may withdraw at any time.

How We Use Your Data

We use your information for the following purposes:

  • To process and deliver your flower order to the specified recipient address.
  • To communicate important order updates or resolve queries.
  • To handle payments securely through approved payment processors.
  • To maintain business and financial records for auditing and legal purposes.
  • To improve our service and customer experience.

Data Processors and Third Parties

To provide our services, we may share limited data with third-party service providers ("processors") acting on our behalf. These include:

  • Payment Processors: To enable secure payment for your order. These processors are PCI DSS compliant.
  • Delivery Partners: For successful order fulfilment if we work with external couriers or local delivery services.
  • IT Service Providers: For website hosting, maintenance, and secure data storage.

All processors are contractually obligated to handle your data securely and in accordance with GDPR. Your data will never be sold or shared for marketing purposes without your explicit consent.

International Transfers

Your personal data is stored within the United Kingdom or European Economic Area (EEA). Should data be transferred outside these regions, we ensure adequate safeguards and protections are in place, consistent with GDPR requirements.

How Long We Keep Your Data

We retain your personal data only as long as necessary to fulfil the purposes we collected it for:

  • Order and transaction data: Kept for up to 7 years to meet legal and tax obligations.
  • Communication records: Retained for up to 2 years to resolve queries and ensure quality of service.
  • Marketing consent data: Retained until you withdraw consent or request deletion.

When data is no longer needed, it is securely deleted or anonymised.

Your GDPR Rights

Under the GDPR, you have several rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request corrections of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your data where there is no longer a lawful reason to keep it.
  • Right to Restrict Processing: Ask us to temporarily halt processing your data, for example, while we address a concern.
  • Right to Data Portability: Receive your personal data in a commonly used format or have it transferred to another provider.
  • Right to Object: Object to processing based on legitimate interests or direct marketing purposes.
  • Right to Withdraw Consent: Where processing is based on your consent, you may withdraw it at any time.

If you wish to exercise any of these rights, or have questions about how we use your data, please contact our support team. We will aim to respond within one month and provide further details as requested.

Security and Data Protection

We take data security seriously, using appropriate technological and organisational measures to protect your data from unauthorised access, loss, or alteration. This includes encryption, access controls, regular training, and secure data transmission protocols.

Policy Updates

This Privacy Policy may be reviewed and updated from time to time to reflect changes in our processes or regulatory requirements. The latest version will always be made available to our customers. We encourage you to review this Policy periodically.

Contact Information

If you have any questions, concerns, or requests related to your personal data or this Policy, please get in touch with our customer service team. We are committed to resolving your queries and ensuring your rights are respected.

Applicability of This Policy

This Privacy Policy applies to all customers placing Flowers Lee orders in Lee and surrounding districts. By ordering from us, you acknowledge and accept the practices outlined in this Policy.