Flower Delivery Hook Privacy Policy for Customers

Introduction

This Privacy Policy outlines how Flower Delivery Hook collects, uses, processes, and retains your personal information when you place an order with us in Hook and the surrounding districts. We are committed to respecting your privacy and protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and relevant UK data protection laws. Please read this policy carefully to understand your rights and how we process your information.

Scope of this Policy

This Privacy Policy applies to all customers placing orders through Flower Delivery Hook, regardless of whether orders are placed online, over the phone, or in person, provided they are for delivery within Hook and neighbouring areas.

What Data We Collect

When you place an order or interact with Flower Delivery Hook, we may collect and process the following categories of personal data:

  • Identity Data: Your full name, title, and (if provided) company name.
  • Contact Data: Delivery address, billing address, recipient’s name and address (if different from yours), and any provided phone numbers.
  • Order Data: Details of the products and services ordered, order notes, instructions, and transaction history.
  • Payment Data: Payment method and transaction details (note: payment card details are processed securely by our payment processors and not retained by us).
  • Technical Data: IP address, browser type and version, device identifiers, and information regarding how you use our website (collected via cookies or similar technologies).
  • Communication Data: Emails, messages, or information provided when you contact customer support or provide feedback.

Lawful Basis for Processing

Under GDPR, we must have a lawful basis to collect and process your information. The main grounds we rely upon are:

  • Contractual Necessity: Processing your data is necessary to fulfil your order, provide delivery services, and manage your account.
  • Legal Obligation: To comply with laws regarding sales records, tax, and accounting.
  • Legitimate Interests: To maintain our customer service quality, resolve disputes, and improve our operations – provided these do not override your rights.
  • Consent: In cases where we ask for your explicit consent (such as for marketing communications), you may withdraw this at any time.

How We Use Your Data

We process your personal information for the following purposes:

  • To receive and process your orders, arrange deliveries, and contact you or your order recipients regarding fulfilment.
  • To manage payments and refunds.
  • To communicate with you, respond to your queries, and provide customer support.
  • To comply with legal obligations, including record-keeping and tax compliance.
  • To protect our business from fraud and ensure the security of our services.
  • To improve the quality and functionality of our website and services.
  • To send you service-related notifications; with your consent, to send marketing communications.

Personal Data Retention

Flower Delivery Hook will retain your personal data only as long as necessary for the purposes outlined in this policy or as required by law. We typically keep order and transaction records for up to six years to meet tax and accounting obligations. Data collected for marketing purposes is retained until you withdraw your consent or request deletion. We regularly review our data holdings and delete or anonymise information no longer required.

Data Processors and Sharing

We may share your data with trusted third-party service providers who act as data processors under GDPR. They support us in operations such as payment processing, delivery logistics, email services, technical infrastructure, and secure data storage. All processors are contractually bound to only process your data as instructed and to maintain GDPR-compliant security measures.

We do not sell or trade your personal data. We may disclose information if required by law, to enforce our terms, or to protect our business and customers.

International Data Transfers

If any of our processors or technical providers are based outside the UK or European Economic Area (EEA), we ensure appropriate safeguards are in place (such as standard contractual clauses or adequacy decisions) to protect your information in line with GDPR requirements.

Your Data Subject Rights

You have rights under GDPR in relation to your personal data, including:

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Ask us to correct any incorrect or incomplete data we hold.
  • Right to Erasure: Request deletion of your personal data (subject to certain legal obligations).
  • Right to Restrict Processing: Ask us to restrict how we process your data under certain circumstances.
  • Right to Data Portability: Receive your data in a structured format or transfer it to another provider.
  • Right to Object: Object to certain processing activities, such as direct marketing.
  • Right to Withdraw Consent: Where processing is based on your consent, you may withdraw at any time.
  • Right to Lodge a Complaint: You may complain to your local data protection authority if you feel your data rights have been violated.

To exercise any of these rights, please contact us using the details provided on our website or physical store, or via the contact methods specified at the time of transaction.

Data Security

We implement suitable technical and organisational measures to safeguard your personal data from loss, misuse, unauthorised access, disclosure, or destruction. Measures include secure servers, encryption, access controls, staff training, and periodic risk assessments. While we take every reasonable step to protect your data, please note that no method of transmission over the internet is completely secure.

Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect the personal data of children. If you believe a child has provided us with personal information, please contact us to ensure its deletion.

Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes in practices or legal requirements. We encourage you to periodically review this Policy for the latest information on our privacy practices.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please reach out to us using the contact details provided on our website or at our physical shop.