Woodside Park Florist Privacy Policy

Introduction

This Privacy Policy explains how Woodside Park Florist collects, uses, stores, and protects your personal data. It applies to all customers placing orders with Woodside Park Florist in Woodside Park and the surrounding districts. We are committed to complying with the General Data Protection Regulation (GDPR) and safeguarding your privacy when you interact with us, whether in person, by telephone, or through our website.

What Personal Data We Collect

When you interact with Woodside Park Florist, we collect different types of personal data depending on the nature of your interaction:

  • Contact Information: This includes your name, delivery address, billing address, and telephone number.
  • Order Details: Information relating to your chosen flowers, products, messages for recipients, and any delivery instructions.
  • Payment Information: While we may take note of the payment method used, we do not store debit or credit card numbers; payments are processed securely via our payment partners.
  • Communication Data: Details about your enquiries, feedback, or correspondence with us.
  • Technical Data: If you use our website, we may collect your IP address, browser type, and cookies to enhance your browsing experience.

Lawful Basis for Processing Your Data

Under the GDPR, we must have a lawful basis to collect and use your personal data. The main grounds on which we process your data are:

  • Contractual Necessity: To process and deliver your order, including confirming your order, communicating with you about it, and organising delivery.
  • Legal Obligation: To comply with legal and regulatory requirements, such as tax and record-keeping obligations.
  • Legitimate Interests: To improve our services, handle customer enquiries, and send you information about similar products or services (provided you have not opted out).
  • Consent: Where we send marketing communications by email or text, we will only do so with your explicit consent, which you may withdraw at any time.

How We Use Your Personal Data

Your data is used only for specified, explicit purposes, including:

  • Processing and fulfilling flower orders
  • Arranging delivery to the recipient address in Woodside Park and surrounding areas
  • Maintaining internal records, such as sales and accounting information
  • Responding to your queries, complaints, or requests
  • Improving our services based on your feedback and purchase history
  • Sending you updates about your order and, if you consent, about our latest products or special offers

Data Retention

Woodside Park Florist retains your personal data only for as long as necessary to fulfil the purposes it was collected for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

- Order and delivery information: Retained for up to seven years for legal and fiscal purposes.
- Marketing information: Retained until you withdraw your consent or choose to unsubscribe.
- Enquiries and correspondence: Retained for up to two years from the last contact for reference.

Data is securely deleted or anonymised after these periods.

Processors and Third Parties

We use trusted third-party service providers to help us deliver our services. These data processors handle personal data on our behalf under strict contractual obligations in accordance with the GDPR. They may include:

  • Payment processing providers (for secure handling of card transactions)
  • Delivery and courier companies (to deliver your order)
  • IT service providers (for website and data hosting, support, and security)

We do not sell your personal data to third parties. If we need to share your data with other external parties for a specific purpose, we will inform you and ensure all necessary safeguards are in place.

International Data Transfers

Your data is principally held inside the United Kingdom or European Economic Area (EEA). If we ever need to transfer data outside the EEA (for example, if a service provider’s servers are located internationally), we will ensure appropriate safeguards are in place as required by the GDPR, such as relying on adequacy decisions or standard contractual clauses.

Your Rights Under GDPR

The GDPR provides you with several rights relating to your personal data:

  • Right of Access: You can request confirmation of what personal data we hold about you and obtain a copy.
  • Right to Rectification: You can ask us to correct or update inaccurate or incomplete personal data.
  • Right to Erasure: In certain circumstances, you can request we delete your personal data ("right to be forgotten").
  • Right to Restriction: You may request we restrict processing of your personal data in certain situations.
  • Right to Data Portability: You can request to receive your data in a structured, commonly used format, and where feasible, have it transferred to another provider.
  • Right to Object: You can object to how we use your data, especially for direct marketing.
  • Right to Withdraw Consent: Where you have provided consent, you can withdraw it at any time.
  • Right to Lodge a Complaint: You may raise concerns with a supervisory authority if you believe your data is being mishandled.

How We Protect Your Data

Woodside Park Florist uses appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage. Access to your data is restricted to those staff and service providers who need it to fulfil your order or provide our services.

Policy Updates

This Privacy Policy may be updated to ensure ongoing compliance and transparency. Updates are effective as soon as posted. We recommend reviewing this page regularly. Significant changes will be communicated to you where appropriate.

Contact Details and Enquiries

If you would like to exercise any of your rights or have questions about this policy or how your personal data is handled, please contact us using the details provided on our website or in store.