Flowers Limehouse Privacy Policy

Introduction

This Privacy Policy explains how Flowers Limehouse collects, uses, stores, and protects your personal information when you place an order with us in Limehouse and surrounding districts. Our practices comply with the UK General Data Protection Regulation (GDPR) and related privacy legislation. Protecting your data is a fundamental commitment we uphold for all of our customers.

Scope of Our Policy

This policy applies to all individuals who place orders with Flowers Limehouse, whether online, by phone, or in person, and who reside in or order to Limehouse and neighbouring areas. By ordering from us, you acknowledge the practices described in this policy.

What Personal Data We Collect

We only collect the personal information that is necessary to fulfil your orders, communicate with you, improve our services, and comply with legal obligations. The types of data we may collect include:

  • Contact Information: such as your full name, address, delivery address, and phone number
  • Order Details: including chosen products, messages for the recipient, and delivery preferences
  • Payment Information: securely processed by authorised payment providers (we do not store card details ourselves)
  • Communications: correspondence with us by phone, in person, or written notifications relevant to your order
  • Technical Information: includes IP address, device type, and browsing activity (if you use our website), collected via cookies and similar technologies

Lawful Basis for Processing Personal Data

Flowers Limehouse processes your personal data based on one or more lawful reasons under GDPR. These may include:

  • Contractual necessity: To process and deliver your order as per your request
  • Legal obligation: To comply with laws, such as record-keeping for tax and accounting purposes
  • Legitimate interests: For the improvement of our services, handling customer queries, and ensuring security and fraud prevention
  • Consent: For specific activities such as sending marketing communications, when you have given us permission. You can withdraw consent at any time

How We Use Your Information

We use your information as follows:

  • To process, fulfil, and deliver your order
  • To communicate with you about your order or respond to your inquiries
  • To improve the efficiency and effectiveness of our services
  • To comply with applicable laws and regulations
  • For internal administration, dispute resolution, and fraud prevention
  • If you provide consent, to send you information about our products, offers, or updates

Data Retention

Flowers Limehouse keeps personal data only as long as necessary for the purposes described in this policy or as required by law. For customer order information, we retain data for up to seven years from the date of your order to meet legal, financial, and business compliance needs. Afterwards, your personal information is securely deleted or anonymised. Marketing consents are retained until you withdraw consent or request deletion.

Our Data Processors

We use trusted third-party providers to help us run our business smoothly. These might process your data on our behalf for the following functions:

  • Payment processing (e.g. card payment providers)
  • Order management and delivery logistics
  • IT hosting and maintenance services
  • Marketing platforms (with your consent)

All processors are carefully chosen and are required to comply with GDPR obligations, providing sufficient technical and organisational measures to protect your data while it is being processed on our behalf.

Security of Your Data

We prioritise keeping your personal information safe. Appropriate safeguards, both technical and organisational, are in place to prevent unauthorised access, loss, or misuse of your data. Only authorised personnel and approved processors have access to your data for legitimate business purposes.

Your Data Protection Rights

As a customer, you are entitled to rights under GDPR concerning your personal information:

  • Right to access: You can request a copy of the personal data we hold about you.
  • Right to rectification: You can ask us to correct incomplete or inaccurate data.
  • Right to erasure: You can request deletion of your data where there is no overriding reason for its continued processing.
  • Right to restriction: You may ask us to restrict use of your data in certain cases.
  • Right to object: You can object to our processing (for example, direct marketing).
  • Right to data portability: When applicable, you may request a copy of your data in a machine-readable format or for it to be sent to another controller.
  • Right to withdraw consent: Where consent is our lawful basis, you can withdraw it at any time, without impacting prior processing.
  • Right to complain: You can contact the relevant data protection authority if you believe your rights have been infringed.

Children’s Privacy

Our services are not directed at children under the age of 16. We do not knowingly collect data from children. If you become aware that a child has provided us with personal information, please contact us so we can take appropriate steps.

Policy Updates

We may update this policy from time to time to reflect changes in legal, technical, or business developments. When we update it, the revised policy will be made available with the new effective date noted at the top. We encourage you to review this policy regularly to stay informed on how we protect your information.

Contacting Us

If you have questions, concerns, or requests regarding your personal data or this privacy policy, or if you wish to exercise any of your GDPR rights, please contact us using the details provided on our website or at our place of business.