Privacy Policy for Hampton Hill Florist Orders

Introduction and Scope of Policy

This Privacy Policy outlines how Hampton Hill Florist collects, uses, shares, and protects your personal data when you place an order with us, either online, by phone, or in person. This policy is compliant with the General Data Protection Regulation (GDPR) and is designed to clarify your rights and our responsibilities regarding personal data. It applies to all customers placing orders with Hampton Hill Florist from Hampton Hill and the surrounding districts.

What Personal Data We Collect

We collect only the information necessary to process your floral orders, provide our services, and comply with relevant laws. This includes:

  • Identity Data: Full name
  • Contact Data: Address (billing and delivery), phone number, and, if provided, email address
  • Order Details: Information about your selected floral arrangements and messages for delivery
  • Payment Data: Transaction details (note: we do not store full payment card numbers, but payments are processed through secure third-party payment processors)
  • Communication Data: Any correspondence with our team regarding your order

Lawful Basis for Processing Your Data

Our lawful bases for processing your personal data under Article 6 of the GDPR are as follows:

  • Contractual Necessity: We require your personal data to process and deliver your order, communicate with you about your purchase, and fulfill our contract with you.
  • Legal Obligation: In some cases, we are required to keep transaction records to comply with applicable accounting and tax laws.
  • Legitimate Interests: We may use your contact details to request feedback or notify you of service changes directly related to your order, where this does not override your fundamental rights.
  • Consent: Where we seek to use your data for marketing purposes, we will request your explicit consent, which you may withdraw at any time.

How Your Data Is Used

The purposes for which we use your personal data include:

  • Processing and fulfilling your floral order, including arranging delivery
  • Communicating with you regarding your order or any changes
  • Handling queries, complaints, or after-sales service
  • Meeting legal and regulatory obligations
  • Improving our services based on customer feedback and internal analysis

Data Retention Policy

We only keep your personal data for as long as is necessary to fulfill the purposes for which it was collected, including any legal, accounting, or reporting requirements. Usually, this means:

  • Order records are retained for up to 7 years to comply with legal and tax obligations.
  • Basic contact details used for communication are kept for up to 12 months after your order is completed, unless you request deletion sooner.
  • Data held for marketing purposes is only retained while you have opted in and will be promptly deleted upon your withdrawal of consent.

Data Processors and Third Parties

To provide our services efficiently and securely, we engage with trusted third parties who act as data processors on our behalf. These may include:

  • Payment Processors: Securely handle payment transactions and do not store your card information in our systems.
  • Delivery Partners: Receive necessary recipient names and addresses for successful flower delivery.
  • IT and System Support Providers: Support our website, order system, and data security measures.

All processors are contractually obliged to safeguard your data and act only on our instructions. We do not sell your data to any third parties. Data may be shared with regulatory authorities if required by law.

Your GDPR Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right to Access: You can request a copy of your personal data that we hold.
  • Right to Rectification: You may ask us to correct any inaccurate or incomplete information.
  • Right to Erasure: Under certain circumstances, you may request deletion of your data.
  • Right to Restriction: You can request limited use of your personal data in specific situations.
  • Right to Data Portability: You may request transfer of your data to you or another provider in a machine-readable format.
  • Right to Object: You can object to how we process your data in certain cases, such as direct marketing.
  • Right to Withdraw Consent: Where we rely on your consent to process data (for marketing), you may withdraw it at any time.

To exercise any of your rights, please contact our team and specify your request. We will respond as required by law.

Data Security Measures

We are committed to safeguarding your personal data. We implement appropriate technical and organizational measures to prevent unauthorized access, loss, misuse, or alteration of your information. Only authorized personnel and partners have access to your data strictly as necessary to perform their duties.

Policy Updates and Complaints

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The latest version will always be available at point of order and on request. If you have any concerns about how your data is processed or wish to lodge a complaint, you may contact Hampton Hill Florist. If your concern is not resolved, you may also lodge a complaint with the relevant supervisory authority.

Summary

At Hampton Hill Florist, we value your privacy and are committed to protecting your personal data under GDPR. This policy explains how and why we collect information about you, how it is used and protected, and what rights you have. Please review this policy regularly to stay informed of any updates relevant to you as a valued customer in Hampton Hill and surrounding districts.