Privacy Policy for Flowers Becontree Heath Customers

Introduction

This Privacy Policy outlines how Flowers Becontree Heath collects, stores, manages, and protects the personal information of customers in Becontree Heath and surrounding districts who place orders with us. We are deeply committed to ensuring your privacy and data protection, complying fully with the General Data Protection Regulation (GDPR) and relevant UK data protection laws.

By ordering products or services from Flowers Becontree Heath, you acknowledge and consent to the practices described in this policy.

Scope of This Policy

This policy applies to all individuals who place orders for flowers or related services using Flowers Becontree Heath, whether online, over the phone, or in person, as long as the order originates from Becontree Heath or its neighbouring districts. It covers all customer interactions involving the collection of personal information for the purpose of processing and fulfilling orders or managing customer relationships.

What Data We Collect

We collect only the information necessary to process and fulfill your order, provide you with our services, and comply with legal obligations. The types of data we may collect include:

• Contact Information: such as your name, delivery address, billing address, phone number, and, if relevant, recipient's name and address.
• Order Details: details of the products and services you order, delivery instructions, card messages, and special requests.
• Payment Information: payment method, partial card details (where essential), and transaction history. We do not store full credit/debit card numbers; payments are processed by our secure payment providers.
• Communication Records: emails, order confirmation messages, inquiries, and feedback.
• Technical Data: occasionally, information about your device and usage, such as IP address and browser type, when ordering via our website for security and analytics purposes.

Lawful Basis for Processing

Under the GDPR, we are required to have a valid lawful basis for processing your personal data. For Flowers Becontree Heath customers, our lawful bases include:

• Contractual Necessity: We process your data primarily to fulfil the order contract between you and Flowers Becontree Heath. Without your data, we cannot deliver your order or provide customer service.
• Legal Obligation: We may retain and process certain data to fulfil our legal responsibilities, such as accounting and tax regulations.
• Legitimate Interests: We may use your data for our legitimate business interests, such as service improvement, responding to customer queries, and preventing fraud, provided this does not override your rights and interests.
• Consent: Where required, such as for direct marketing by email, we will seek your clear consent, which you may withdraw at any time.

How We Use Your Data

Your information is only used for the specified purposes, including:

• Processing and managing your orders
• Arranging delivery of products and services
• Communication regarding your orders or any inquiries
• Ensuring payment and resolving issues with transactions
• Improvements to our services and customer experience
• Legal compliance and bookkeeping

Data Processors and Sharing

We may share your personal data with trusted third-party service providers (processors) when necessary. These may include:

• Delivery agents or couriers who transport flowers and gifts to your specified address
• Payment processing partners who manage secure transactions
• IT and website support providers involved in maintaining infrastructure
• Professional advisors, where required by law (e.g. auditors, accountants)

All processors are contractually bound to handle your data securely, only for agreed purposes, and in strict compliance with GDPR requirements. We do not sell or trade your personal data, nor do we transfer your information outside the UK or European Economic Area unless adequate safeguards are in place.

Data Retention

We only keep your personal information for as long as necessary to fulfil the purposes for which it was collected, including fulfilling your orders and meeting legal, accounting, or reporting requirements. Our retention periods are as follows:

• Order and transaction records: up to 7 years (for accounting and tax purposes)
• Customer communication records: up to 2 years from the last interaction
• Marketing and consent records: until you withdraw consent, after which data will be deleted within 30 days

Once your data is no longer required, it will be securely deleted or anonymised.

User Rights Under GDPR

You have several rights under the GDPR regarding the personal data we hold about you. These include:

• Right of Access: You can ask for details of the personal data we hold about you and how it is used.
• Right to Rectification: You may request correction of any inaccurate or incomplete data.
• Right to Erasure: You have the right to request deletion of your personal data, subject to any overriding legal obligations.
• Right to Restrict Processing: You may request we limit the use of your data in certain circumstances.
• Right to Data Portability: You can request a copy of your data in a commonly used electronic format.
• Right to Object: You may object to our processing of your data where our lawful basis is legitimate interests or direct marketing.
• Right to Withdraw Consent: Where we rely on your consent, you can withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us using our official contact channels, and we will respond in accordance with legal requirements.

Keeping Your Data Secure

The security of your personal data is very important to us. We implement appropriate technical and organisational measures to safeguard your data against loss, theft, misuse, unauthorised access, disclosure, or destruction. Our security arrangements are reviewed regularly to ensure ongoing protection.

Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. Any significant changes will be communicated clearly to our customers. The current version is always available upon request and applies to all data held at the time.

Contacting Flowers Becontree Heath

If you have questions, concerns, or requests regarding your personal data or this Privacy Policy, please contact us via our official customer service channels. We are committed to helping you understand and control how your data is used, in full accordance with your rights under UK and EU data protection laws.