Flowers Chiswick Data Privacy Statement

Our Commitment to Your Privacy

Your privacy is extremely important to Flowers Chiswick. We are dedicated to protecting your personal data in line with the UK General Data Protection Regulation (GDPR). This Privacy Policy explains what information we collect, our lawful basis for processing it, how we store and protect it, our use of data processors, and your rights under GDPR. This policy applies to all customers placing orders with Flowers Chiswick from Chiswick and the surrounding districts.

What Personal Data We Collect

When you interact with Flowers Chiswick, we may collect the following types of personal data:

  • Identity Data: This includes your name and, if provided, the recipient’s name.
  • Contact Data: Residential or delivery addresses, phone numbers, and, if applicable, email addresses for order confirmation and communication.
  • Order Information: Details about the products ordered, messages on cards, delivery instructions, and transaction history.
  • Payment Data: Payment method, payment confirmation, and billing information (processed securely via third-party payment providers; we do not store full card details).
  • Technical Data: When visiting our website, limited technical data such as IP address, browser type, and devices used may be collected for website security and improvement.

Lawful Bases for Data Processing

Under the GDPR, we must have a lawful basis for processing your personal data. Flowers Chiswick relies on the following bases:

  • Performance of a Contract: When you place an order, we must process your data to fulfill your order and deliver your flowers.
  • Legal Obligation: Certain information may be retained to comply with tax, accounting, and other legal requirements.
  • Legitimate Interests: We may use your data to enhance our service, prevent fraud, or improve website functionality, provided this does not override your rights.
  • Consent: Where required (for example, for optional marketing messages), we will seek your explicit consent and you may withdraw it at any time.

How We Use Your Data

Your personal data is used solely for the following purposes:

  • Processing, fulfilling, and delivering your flower orders along with any message cards or instructions.
  • Communicating order status, responding to queries, and providing customer support.
  • Maintaining business records in accordance with UK law.
  • Improving and securing our website and services.
  • If you have provided consent, sending marketing offers or updates about our services (opt-out available at any time).

Data Retention

Your personal data will only be retained for as long as necessary to fulfill the purposes for which it was collected. For order processing, we retain details typically for a period of six years in accordance with legal and accounting obligations. Where data is processed based on consent (such as for marketing), it is kept until you withdraw consent or request erasure. Once data is no longer required, it will be securely deleted or anonymised.

Data Sharing and Processors

Flowers Chiswick will never sell your personal data. We may share necessary information with trusted data processors who help us fulfill your order, such as:

  • Payment Service Providers: To securely process your payments (e.g., card processors).
  • Delivery Couriers: For successful delivery of your orders to the specified Chiswick and surrounding area addresses.
  • IT Service Providers: Who maintain, host, or back up our website and order management systems.

All such third parties are required to process your data in accordance with GDPR and are bound by confidentiality obligations. Data is never transferred outside the UK or European Economic Area unless adequate safeguards are in place.

User Rights Under GDPR

As a data subject, you have the following rights under GDPR regarding your personal data:

  • The right to access – You can request details of the data we hold about you at any time.
  • The right to rectification – You have the right to ask us to correct or complete any inaccurate or incomplete information we have about you.
  • The right to erasure ("the right to be forgotten") – You can request the deletion of your personal data under certain circumstances.
  • The right to restrict processing – You may request that we limit the way we use your data.
  • The right to data portability – You can ask for your information in a portable format.
  • The right to object – You may object to certain types of processing, such as direct marketing.
  • Rights regarding automated decision making and profiling – You have the right not to be subject to solely automated decisions.

To exercise any of these rights, please contact us through the communication channels provided at the point of sale, on our website, or via our business premises in Chiswick. We will respond to all legitimate requests as soon as possible and always within one month.

Data Security

We are committed to keeping your data secure. Flowers Chiswick uses suitable technical and organisational measures to protect your data from loss, misuse, unauthorised access, disclosure, alteration, or destruction. We regularly review our processes and systems to ensure your data is safe.

Policy Updates

This Privacy Policy is reviewed regularly, and may be updated to reflect changes in legislation or operational practices. Please check for updates before placing an order. Continued use of our services after changes means you accept the policy as amended.

Contact and Concerns

If you have any concerns or complaints about how your data is handled, or wish to exercise your rights, please contact us via the means outlined above. If you remain dissatisfied with our response, you may also contact the Information Commissioner's Office (ICO) in the UK.