Florist Hornsey Privacy Policy

Introduction

At Florist Hornsey, we are committed to protecting your personal data and respecting your privacy. This Privacy Policy outlines how we collect, use, store, and protect your information in accordance with the General Data Protection Regulation (GDPR). This policy applies to all customers placing Florist Hornsey orders from Hornsey and surrounding districts.

What Personal Data We Collect

When you place an order or interact with Florist Hornsey, we collect the following types of personal data:

  • Contact Details: Name, delivery address, billing address, and optional additional delivery instructions.
  • Order Information: Product selection, date and time of order, special card notes/messages.
  • Payment Data: Details necessary to process your payment (for example, the payment method selected and transaction information). We do not store full card details; these are processed securely by our payment processor.
  • Communication Data: Any correspondence you have with us (such as messages, feedback, or complaints).
  • Technical Data: Limited information about how you access our site (e.g., IP address, browser type, device information) collected via cookies, when applicable.

Lawful Basis for Processing

Florist Hornsey processes your data under the GDPR on the following lawful bases:

  • Contractual necessity: To fulfil our contract with you when you place an order, such as processing your order, arranging delivery, and managing payment.
  • Legal obligation: To meet legal and regulatory requirements, such as tax, accounting, or responding to official requests from authorities.
  • Legitimate interests: To improve the quality of our products and services, manage business operations effectively, and secure our platform against fraud or other threats. We only rely on legitimate interests when these do not override your data protection rights.
  • Consent: Where required, such as for certain types of marketing communications, we will ask for your consent. You can withdraw your consent at any time.

How We Use Your Data

Your personal data is used by Florist Hornsey to:

  • Process and fulfil your orders, including arranging delivery and providing customer service.
  • Communicate with you regarding your order status, delivery updates, or any queries.
  • Meet legal, regulatory, or tax obligations.
  • Respond to your inquiries, feedback, or complaints.
  • Improve business operations, such as analysing order trends or customer preferences, always in an anonymised or pseudonymised format where possible.
  • Protect against fraud, misuse of our services, and to ensure the security of customer data.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including for legal, accounting, or reporting requirements. The typical retention periods are as follows:

  • Order and Transaction Data: Retained for up to seven years to satisfy tax and audit obligations.
  • Communication Data: Retained for up to three years from the date of last contact, unless a longer period is required due to a dispute or legal requirement.
  • Technical Data: Retained for up to 12 months for website security, troubleshooting, and analytics.

When the applicable retention period expires, your personal data will be securely deleted or anonymised.

Processors and Data Sharing

To provide our services, we may share your personal data with trusted third parties who process data on our behalf ("processors"). These include:

  • Payment Processors: Processes your payment securely when you place an order.
  • Delivery Partners: Ensures accurate and timely delivery of your order to the specified address.
  • IT and Data Storage Providers: Hosts our ordering system and stores electronic data securely.
  • Professional Advisors: Accountants or legal professionals assisting with compliance and business operations.

All processors are strictly vetted and contractually required to protect your data in line with GDPR requirements. We do not sell your personal data to third parties. Data may be disclosed to comply with legal obligations or legitimate requests from regulatory authorities.

Your Rights Under GDPR

As a data subject, you have the following rights, subject to conditions and legal exemptions:

  • Right of Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can ask us to correct inaccurate or incomplete data.
  • Right to Erasure: You may request deletion of your data in certain circumstances ('right to be forgotten').
  • Right to Restriction: You can request that we limit the processing of your data.
  • Right to Data Portability: You have the right to receive your data in a structured, commonly used electronic format, and to transmit it to another controller where feasible.
  • Right to Object: You may object to certain processing activities, such as direct marketing or processing based on legitimate interest.
  • Right to Withdraw Consent: Where you have provided consent, you may withdraw it at any time. This will not affect processing already carried out based on your prior consent.

If you wish to exercise any of these rights, please contact us using the methods provided on our official communications. You may also have the right to lodge a complaint with the relevant supervisory authority.

Data Security

Florist Hornsey takes the security of your personal data seriously. We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, destruction, or disclosure. Data is encrypted where appropriate, regular security assessments are conducted, and staff are trained in data protection practices.

International Data Transfers

Your data is generally processed within the UK and European Economic Area (EEA). If it becomes necessary to transfer your data outside these regions, we ensure that adequate safeguards are in place to protect your privacy, in compliance with GDPR requirements.

Policy Updates

This Privacy Policy may be updated periodically in line with regulatory changes or operational needs. We encourage you to review the policy regularly to stay informed about how we protect your personal data.

Contact and Further Information

If you have any questions about this Privacy Policy or how we process your data at Florist Hornsey, please refer to the contact methods listed on our official website or available in our store. We are committed to addressing your concerns and ensuring that your data rights are respected.