Florist Ilford Privacy Policy for Customers

About This Privacy Policy

This Privacy Policy explains how Florist Ilford collects, uses, stores, and protects personal data from customers placing orders from Ilford and its surrounding districts. Our commitment is to handle your information in line with the General Data Protection Regulation (GDPR) and to outline your rights relating to your personal data. This policy applies to all individuals who order products or services from Florist Ilford.

Personal Data We Collect

When you place an order with Florist Ilford, we collect certain information necessary to process your request, deliver flowers or related products, and provide customer support. The types of personal data we may collect include:

  • Identity Information: Your full name, and if applicable, the recipient’s name.
  • Contact Information: Address, delivery address, phone number, and occasionally email address (if provided for order confirmation or updates).
  • Order Details: Products purchased, delivery instructions, and card messages.
  • Payment Information: Transaction details. Please note: We do not store your full payment card information. Payments are processed by secure, GDPR-compliant third-party providers.
  • Communications: Records of your correspondence with us, such as customer service enquiries or feedback.
  • Technical Data: When you interact with our website, we may collect data such as IP address, browser type, and general usage information to improve our services and security.

Legal Basis for Processing Your Data

Under GDPR, we must have a lawful reason to process your personal data. Florist Ilford processes your information under the following grounds:

  • Contractual Necessity: Data required to fulfil, process, and deliver your order forms the primary lawful basis. Without this data, we cannot complete your transaction or deliver goods.
  • Legitimate Interests: We process contact and order data to improve our services, respond to queries, and prevent fraud where it does not override your rights and freedoms.
  • Legal Obligations: In some cases, we are required by law to retain transaction records for a certain period (such as accounting or tax purposes).
  • Consent: For marketing communications, we only use your personal data when you have given us explicit permission to do so. You can withdraw consent at any time.

How We Use Your Data

Your personal data is used for the following purposes:

  • Processing and fulfilling your order, including delivery.
  • Communicating order updates and responding to enquiries.
  • Improving our services and customer experience.
  • Accounting and complying with legal requirements.
  • If agreed, sending marketing and promotional materials (which you may opt out of at any time).

Who Processes and Has Access to Your Data

Your personal data may be shared with trusted third-party service providers who help us operate our business and deliver your order effectively. These processors include:

  • Courier and delivery partners for order fulfilment in Ilford and surrounding districts.
  • Payment processing services to securely handle transactions.
  • IT service providers assisting in website hosting and data security.

All processors are contracted to process data only on Florist Ilford’s instructions and to uphold GDPR requirements regarding security and confidentiality. No data is sold or shared for unrelated third-party marketing purposes.

How Long We Keep Your Data

Florist Ilford retains your personal data only for as long as necessary for the purpose it was collected. Typically, we keep:

  • Order and transaction data for up to six (6) years, to comply with UK tax and accounting requirements.
  • Delivery and address data for up to one (1) year after order fulfilment to address delivery queries or issues.
  • Marketing preferences until you withdraw consent or request erasure.

When the retention period ends, your data will be securely deleted or anonymised, unless required otherwise by law.

Data Security

Florist Ilford takes appropriate technical and organisational measures to safeguard your personal data against accidental loss, unauthorised access, disclosure, alteration, or destruction. These measures include restricted staff access, encryption where appropriate, and secure data storage. Our website employs security protocols to protect online submissions.

Your Rights Under GDPR

As a customer, you have several rights regarding your personal data, including:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure: Ask for data to be deleted where there is no good reason for us to continue processing it.
  • Restriction: Request restriction of processing if you contest accuracy or require it for a legal claim.
  • Objection: Object to our processing where it is based on legitimate interests or for direct marketing.
  • Portability: Request the transfer of your data to another service provider in a machine-readable format.
  • Withdraw Consent: Where we rely on your consent (e.g., for marketing), you can withdraw it at any time.

To exercise any of these rights, please contact us using the contact form or methods available on our website or in-store.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in practices, legal requirements, or for other operational reasons. Please check this page regularly for updates. Significant changes will be communicated clearly via our website or when you place an order.

Contacting Florist Ilford About Privacy

If you have questions, concerns, or wish to exercise your rights regarding your personal data, please reach out to us using the contact channels provided on our website or by visiting our store. We are committed to helping protect your privacy and will respond promptly to your requests.