Flower Delivery Reading GDPR Privacy Policy

Privacy Policy for Flower Delivery Reading

This Privacy Policy outlines the ways in which Flower Delivery Reading ("we", "us", "our") collects, uses, stores, and processes personal data in connection with our flower delivery services in Reading and surrounding districts. We are committed to safeguarding your privacy and adhering to the principles of the General Data Protection Regulation (GDPR). This policy applies to all customers who place flower delivery orders with us in Reading and its neighbouring areas.

1. Personal Data We Collect

When you place an order or interact with Flower Delivery Reading, we may collect and process various categories of personal data, including:

  • Contact Details: Name, billing address, delivery address, telephone number
  • Order Information: Items ordered, delivery preferences, order notes or messages
  • Payment Information: Partial payment card details (only as necessary to process your payment; we do not store full card details)
  • Communication Data: Email content, communications with customer service
  • Technical Data: IP address, browser type, device identifiers, and cookies (when using our website)

2. Lawful Basis for Processing Data

We process your personal data under the following GDPR lawful bases:

  • Contractual Necessity: To fulfil your order and deliver flowers to you or your recipient;
  • Legitimate Interests: To improve our services, manage our relationship with you, prevent fraud, and handle queries or complaints;
  • Legal Obligations: To satisfy accounting, tax, and other legal requirements;
  • Consent: For specific purposes such as marketing, where you have expressly given consent.

3. Purposes of Data Use

We use your personal data to:

  • Process and deliver flower orders within Reading and surrounding districts, including sending order confirmations and delivery updates;
  • Contact you regarding your order or in response to an enquiry;
  • Facilitate secure payments and prevent fraudulent activities;
  • Comply with our legal and regulatory obligations;
  • Improve and personalise your experience with our services;
  • Send marketing communications, if you have given your explicit consent.

4. Data Retention

Your personal data is retained only for as long as necessary for the purposes described in this policy, or as required by law. Typically, we keep order and customer account information for a period of up to 6 years, in line with tax and accounting regulations. Where consent has been given for marketing, your contact information is retained until you withdraw your consent or request erasure.

5. Data Processors and Third Parties

We may share necessary personal information with trusted third-party service providers strictly for the purpose of fulfilling your flower delivery order or supporting our business operations. Categories of third parties include:

  • Payment processors to securely handle your transactions;
  • Local florists or delivery couriers to deliver your order;
  • IT service providers, such as website hosting and security services;
  • Regulatory authorities, where required by law.

Each processor is carefully selected to meet GDPR requirements, and we seek to ensure that they process your data in line with our instructions and only for the specified purposes.

6. Data Security

We implement appropriate technical and organisational measures to safeguard your personal data from unauthorised access, loss, or misuse. These measures include data encryption, restricted access controls, and regular system monitoring. However, no online service can guarantee absolute security, so we ask you to play your part by using secure passwords and notifying us immediately of any suspected breaches.

7. International Data Transfers

Your personal data is generally stored and processed within the United Kingdom or European Economic Area (EEA). Should we ever need to transfer your data outside these regions, we will ensure that appropriate safeguards are in place, such as Standard Contractual Clauses or equivalent legal mechanisms, to maintain the security and privacy of your information in accordance with GDPR.

8. Your Rights Under GDPR

You have specific rights under the GDPR regarding your personal data:

  • Right of Access: You can request a copy of your personal data and information on how it is processed.
  • Right to Rectification: You can ask us to correct inaccurate or incomplete data.
  • Right to Erasure: You may request deletion of your data where there is no longer a valid reason for us to maintain it.
  • Right to Restrict Processing: You may ask us to restrict how we process your information in certain circumstances.
  • Right to Object: You may object to certain types of processing, including direct marketing.
  • Right to Data Portability: You can request your information be transferred to another provider in a structured, commonly used, and machine-readable format.
  • Withdrawal of Consent: Where we process information based on your consent, you can withdraw consent at any time.

To exercise these rights or if you have questions about your data, please contact us using the details provided on our website or as part of your order confirmation.

9. Updates to this Privacy Policy

We reserve the right to update this policy at any time to reflect changes in our practices or legal obligations. We encourage customers to review this Privacy Policy regularly when using our services. Changes will take effect once published on our website or communicated to customers as necessary.

10. Contact and Complaints

If you have questions, concerns, or complaints regarding your personal data or this Privacy Policy, please reach out using the contact details made available on our website. If you are dissatisfied with our response, you can also raise complaints with the UK Information Commissioner’s Office (ICO).

Thank you for trusting Flower Delivery Reading with your information. We are committed to respecting and protecting your privacy throughout your dealings with us.