Flowers Chelmsford Privacy Policy

Introduction

Welcome to the Privacy Policy for Flowers Chelmsford. We are committed to respecting and protecting your personal data and privacy. This policy outlines how we collect, use, and store your information when you place orders with Flowers Chelmsford, whether you are located in Chelmsford or the surrounding districts. Our aim is to be transparent and to comply fully with the UK General Data Protection Regulation (GDPR).

Scope of This Policy

This Privacy Policy applies to all individuals and customers who place orders for products and services with Flowers Chelmsford in Chelmsford and neighbouring areas. It covers any personal information you provide to us in the process of making enquiries, placing orders, processing payments, or otherwise interacting with our business.

What Data We Collect

We collect a variety of information in order to provide our services effectively, process your orders, and comply with legal obligations. The data we collect may include:

  • Personal Identification Data: such as your name, address, phone number, and billing/delivery addresses.
  • Order and Transaction Data: details of your purchases, itemised orders, payment method (note: payment card details are processed securely by third-party processors and are never stored on our servers), and delivery information.
  • Communication Data: includes your correspondence with us (for example, emails, messages via our website, or call records), as well as your preferences relating to marketing or order notifications.
  • Technical Data: such as IP address, browser type, and device information (collected through website usage analytics or for fraud prevention).

Lawful Basis for Processing Your Data

GDPR regulations require that all personal data processing have a statutory legal basis. Flowers Chelmsford processes personal data under the following grounds:

  • Performance of a Contract: Collecting and using your data is necessary to process and fulfil your order, provide customer support, and handle deliveries.
  • Legal Obligations: We may be required to retain records for tax, accounting, or other regulatory purposes.
  • Legitimate Interests: We may process certain data for purposes such as improving our services or preventing fraud, provided these interests do not override your rights and freedoms.
  • Consent: For direct marketing or promotional communications, we will only use your data if you have given clear consent, which you can withdraw at any time.

How We Use Your Information

We use your personal data to:

  • Process orders, take payment, and arrange delivery
  • Communicate with you about order updates, enquiries, or after-sales support
  • Comply with legal obligations and auditing requirements
  • Maintain security and prevent fraudulent activities
  • Send you marketing communications, where you have opted in
  • Analyse customer trends and website usage to improve our products and services

How Long We Keep Your Data (Data Retention)

We store your personal data only for as long as is necessary to fulfil the purposes outlined in this policy, meet our legal obligations, and resolve disputes. Typically, data related to your transactions and orders will be kept for a minimum of six years to comply with UK tax and accounting rules. After this period, your data will be securely deleted or anonymised, unless a longer retention period is required due to legal matters.

Third Parties and Data Processors

To provide our services, we work with several trusted third parties (data processors), including:

  • Payment Providers: Securely process your card payments, ensuring all sensitive information is encrypted and handled according to industry standards.
  • Website Hosting and IT Support Providers: Host our website and manage technical security.
  • Delivery Partners: Coordinate local and regional deliveries.
  • Marketing Tools: If you have opted in to receive updates or promotions, we may use carefully vetted marketing platforms to communicate with you.

All processors are required to comply with GDPR requirements, process your data only on our instructions, and treat your data confidentially and securely.

Your Data Protection Rights

Under GDPR, you have a number of important rights regarding your personal data. These include:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You have the right to have inaccurate or incomplete data corrected.
  • Right to Erasure: You can ask us to delete your data in certain circumstances ("right to be forgotten").
  • Right to Restrict Processing: You may request a halt to processing in certain situations.
  • Right to Data Portability: Subject to certain conditions, you can request that your personal data be transferred to you or to another service provider.
  • Right to Object: You have the right to object to processing based on legitimate interests, or to direct marketing.
  • Right to Withdraw Consent: Where processing is based on your consent, you can withdraw it at any time.

To exercise these rights, please contact us using the contact form on our website or through your preferred communication method. We will respond to your request within one month.

Data Security

Flowers Chelmsford implements a range of security measures to protect your personal data from unauthorised access, loss, or misuse. These measures include secure server environments, encryption, and access controls. While we strive to use commercially acceptable means to protect your data, no transmission over the internet can be guaranteed as 100% secure.

Changes to This Privacy Policy

We may update this policy from time to time to reflect changes in our business processes, legal requirements, or best practices. Any significant changes will be communicated to customers, and the most recent version will always be available on our website for your review. We recommend that you revisit this page periodically.

Contact and Complaints

If you have questions, concerns, or complaints about how your personal data is handled, please reach out to us through the methods available on our website. You also have the right to lodge a complaint with the UK Information Commissioner's Office if you believe your data protection rights have not been upheld.