Florist Old Oak Common Privacy Policy

Our Commitment to Your Privacy

At Florist Old Oak Common, protecting the privacy and security of our customers is of the utmost importance. This Privacy Policy explains how we handle the personal data of all individuals placing orders with Florist Old Oak Common from Old Oak Common and the surrounding districts. We comply fully with the UK General Data Protection Regulation (GDPR) and other applicable data protection laws. This policy informs you about the data we collect, our lawful basis for processing, our data retention practices, how we collaborate with data processors, and your key rights as a customer.

What Data We Collect

When you place an order with Florist Old Oak Common, or interact with us directly, we may collect the following categories of personal data:

  • Identification details: Name, title.
  • Contact information: Delivery address, billing address, phone number (if provided), and other necessary address details.
  • Order details: Items ordered, order history, delivery instructions, messages to recipient, and preferences.
  • Payment information: Payment transaction data (please note payment card details are processed securely by our third-party payment providers and not stored by us).
  • Demographic data: Such as postcode or location for delivery purposes.
  • Correspondence: Any communications you have with us regarding orders or questions.
  • Website usage data: Information on how you use our website, including device, browser, IP address, and browsing activity—collected via cookies and analytics tools (where consented).

We do not collect special categories of personal data (sensitive data) unless it is provided voluntarily in a message to recipients, in which case we treat it with the highest confidentiality.

Lawful Basis for Processing Your Data

Under the GDPR, we must have a lawful basis for processing your personal data. Florist Old Oak Common collects and processes your data on the following legal bases:

  • Contractual necessity: Most of our data collection is necessary to enter into or perform a contract with you, for example, to process and deliver your flower orders.
  • Legal obligation: In some cases, we are required to retain transactional and billing information to comply with tax, financial, or regulatory obligations.
  • Legitimate interests: We may process your data to improve our products and services, prevent fraud, ensure the security of our IT systems, or communicate relevant offers related to your purchase—balancing this with your privacy rights and interests.
  • Consent: Where required (such as for optional marketing communications or analytics), we will obtain your explicit consent, which you may withdraw at any time.

How We Use Your Personal Data

Your personal data enables us to:

  • Process and deliver your orders
  • Communicate with you about your orders and respond to your enquiries
  • Provide related customer service and support
  • Comply with our legal and regulatory obligations
  • Improve our products, services, and website experience
  • Carry out internal record keeping
  • Send you service updates or, with your consent, marketing notifications relevant to Florist Old Oak Common

Data Retention

We only retain your personal data for as long as is necessary to fulfil the purposes we collected it for, including for the purpose of satisfying any legal, accounting, or reporting requirements. The retention periods are as follows:

  • Order and contract data: Retained for up to 7 years to comply with tax, accounting, and legal requirements.
  • Customer correspondence and support enquiries: Retained for up to 2 years after the resolution of the enquiry.
  • Marketing data: Retained until you withdraw consent or opt out of communications.
  • Website analytics data: Retained for analytical purposes for no longer than 26 months, unless consent is withdrawn sooner.

When the retention period expires, we securely delete or anonymise your personal data, unless we must keep it for longer due to legal obligations.

Sharing Your Data and Data Processors

We take great care to ensure that your personal data is only shared when necessary and always in accordance with GDPR requirements. We may share your data with trusted third-party service providers (data processors), for example:

  • Payment processors (to manage and process payments)
  • IT and website hosting providers (to operate our website and data storage)
  • Delivery partners or couriers (to deliver your orders)
  • Professional advisers (such as accountants or legal services, where required)

All third-party processors are contractually required to handle data with confidentiality and comply with data protection laws. We do not sell or trade your personal information to any other organisation. If required by law, we may also share information with government agencies or regulators.

Your Rights Under GDPR

Under GDPR, you have several important rights in relation to your personal data. Specifically, as a Florist Old Oak Common customer, you have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your data where there is no lawful reason for us to continue processing it, subject to legal requirements.
  • Restriction: Request restriction of processing in certain circumstances.
  • Objection: Object to processing carried out based on legitimate interests.
  • Portability: Receive your data in a commonly used, machine-readable format and transmit it to another data controller.
  • Withdraw consent: Where we rely on consent (e.g. for marketing), you may withdraw this at any time.

If you wish to exercise any of these rights or have concerns about how we handle your data, please contact us using the details provided on our website. We will respond in accordance with GDPR timelines and requirements. If you remain dissatisfied, you are entitled to lodge a complaint with the UK's Information Commissioner's Office (ICO).

International Transfers

We do not routinely transfer personal data outside the UK or the European Economic Area (EEA). If this changes in future, we will ensure appropriate safeguards are in place in accordance with GDPR standards.

Updates to This Policy

We may update this Privacy Policy to reflect changes in our practices or relevant regulations. Any changes will be clearly indicated on our website, and where appropriate, notified to you directly. We encourage you to review this policy regularly.

Contacting Florist Old Oak Common

For any questions about this Privacy Policy or how we handle your data, please use our contact details as displayed on our website. Our team is committed to upholding your privacy rights and addressing any concerns as promptly as possible.