Flowers Honor Oak Privacy Policy

Introduction

This Privacy Policy describes how Flowers Honor Oak ('we', 'us', 'our') collects, processes, stores, and protects your personal data when you place an order with us. It applies to all customers placing orders with Flowers Honor Oak from Honor Oak and the surrounding districts. We are committed to safeguarding your privacy and ensuring compliance with the General Data Protection Regulation (GDPR).

What Data We Collect

We collect various types of personal data to fulfill your orders and provide our services. The data we collect includes:

  • Identity Data: Your name and, when provided, the recipient's name.
  • Contact Data: Delivery address, billing address, and telephone numbers you provide.
  • Order Data: Details of products you order, special delivery instructions, and order history.
  • Payment Data: Transaction information (payment method, payment status) processed through our secure payment processors. We do not store card numbers or full payment details.
  • Communication Data: Correspondence between you and us, including feedback, queries, and service requests.
  • Technical Data: Basic device and usage information such as browser type, device type, IP address, and cookie preferences collected when you visit our website.

We only collect information that is necessary for the purposes described in this policy.

Lawful Basis for Processing

We process your personal data in accordance with the GDPR and on the following lawful bases:

  • Contractual Necessity: To fulfill and manage your order, including processing payment, arranging delivery, and providing customer support.
  • Legitimate Interests: To improve our services, manage our relationship with you, and prevent fraudulent transactions. We always consider your rights and the impact on your privacy before relying on these interests.
  • Legal Obligations: To comply with applicable laws, such as tax or accounting requirements.
  • Consent: For activities such as direct marketing (where required), we will only use your data if you have given explicit consent. You can withdraw your consent at any time.

How We Use Your Data

Your data is used exclusively for the purposes of:

  • Processing and delivering your flower orders.
  • Communicating with you regarding your order or customer service queries.
  • Improving and personalizing your shopping experience.
  • Carrying out administrative tasks and record keeping.
  • Complying with legal, regulatory, and contractual obligations.

Data Retention

We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  • Order and transaction records: Retained for up to seven years to comply with tax and financial regulations.
  • Customer queries and emails: Retained for 24 months after resolution for internal quality assurance and training.
  • Direct marketing consents: Maintained until you withdraw consent or for a maximum of three years of inactivity.
  • Technical cookies: Stored per your browser or device configuration (refer to our Cookie Policy for more information).

Once data is no longer required, it is securely deleted or anonymized.

Processors and Third Parties

We use trusted service providers ("processors") to help us deliver our services. These include payment processors, delivery companies, website hosting providers, and IT support providers. All such processors are contractually required to safeguard your data, process it only upon our instructions, and comply with applicable data protection laws.

We do not sell, rent, or trade your personal data to any third party. Your data is never used for third-party advertising purposes.

Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right to Access: You can request details of the personal data we hold about you.
  • Right to Rectification: You can ask us to correct any inaccurate or incomplete data.
  • Right to Erasure: You can request deletion of your data where there is no legal reason for its continued processing.
  • Right to Restrict Processing: In certain circumstances, you can ask us to suspend processing of your data.
  • Right to Data Portability: You can request your data to be transferred to you or another service provider in a commonly used format.
  • Right to Object: You can object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: If processing is based on consent, you can withdraw this at any time.
  • Right to Lodge a Complaint: You have the right to raise a concern with your local data protection authority if you believe your data is being misused.

To exercise any of these rights, please contact us using the methods provided on our website or in your order confirmation documents.

Data Security

We implement appropriate technical and organizational security measures to protect your personal information from accidental loss, misuse, unauthorized access, alteration, or disclosure. Our staff and third-party processors handle your data confidentially and in accordance with the requirements of the GDPR.

Children's Privacy

Our services are not intended for children under the age of 16. We do not knowingly collect data from minors. If we become aware that personal data has been collected from a child without appropriate consent, we will take steps to promptly delete that data.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We encourage you to review this policy periodically. If significant changes are made, we will notify customers through appropriate means.

Contact and Further Information

If you have questions about this Privacy Policy, your data, or you wish to exercise your GDPR rights, please contact us using the contact methods listed on our website. We are committed to resolving any concerns promptly and transparently.