Privacy Policy for Becontree Heath Florist Customers

Introduction

Becontree Heath Florist is committed to safeguarding the personal data of our customers. This Privacy Policy explains how we collect, use, store, and protect your information in accordance with the General Data Protection Regulation (GDPR). This policy applies to all customers ordering from Becontree Heath Florist, whether residing in Becontree Heath or in nearby districts, via any of our ordering channels.

What Data We Collect

We collect and process various types of personal data to fulfill your floral orders and provide customer service. The categories of data we may collect include:

  • Contact Information – Name, delivery address, billing address, telephone number
  • Order Details – Product selections, date and time of order, recipient’s name and address
  • Payment Information – Payment card details (processed via secure third-party vendors), invoice details
  • Communication Records – Notes of phone or written correspondence regarding your order
  • User Preferences – Special requests, gift messages, and delivery instructions
  • Technical Information – Your IP address, device information, and usage data when accessing our website

Lawful Basis for Data Processing

Our collection and processing of your personal data is supported by the following lawful bases under GDPR:

  • Performance of a Contract – Data is processed to enable us to fulfill your floral order, deliver products, and manage payment transactions.
  • Legal Obligation – We process data to meet legal and financial record-keeping requirements.
  • Legitimate Interests – Processing is necessary for running and improving our business, handling queries, and preventing fraud (where these interests are not overridden by your rights and freedoms).
  • Consent – In cases where we use your data for direct marketing or promotional purposes, we will only do so after obtaining your explicit consent, which you may withdraw at any time.

How We Use Your Information

Your personal data is used for the following purposes:

  • Processing and managing your floral orders
  • Organizing efficient and accurate delivery of flowers and gifts
  • Handling payments, refunds, and invoicing matters
  • Responding to customer enquiries or complaints
  • Improving our services and understanding customer preferences
  • Sending service-related notifications
  • Complying with legal and regulatory obligations

Data Retention

We retain your personal data only as long as necessary to fulfill the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements. Typically, we will retain order and invoicing data for up to 7 years to meet financial and taxation obligations. Correspondence and order details may be kept for up to 3 years following order completion to assist with after-sales care and any potential disputes. After expiration of our retention periods, your data will be securely deleted or anonymised.

Data Processors and Third Parties

To provide our services, we may share your data with trusted third parties who act as our data processors. These include:

  • Payment Service Providers – To securely process transactions, we use external payment gateways. These providers process your payment data solely for this purpose and are subject to their own strict data protection obligations.
  • Delivery Partners – For fulfilling orders outside Becontree Heath, we may share recipient and delivery information with affiliated florists or delivery companies.
  • IT Service Providers – Our website and electronic communications are maintained by service providers who may have access to technical data for maintenance and support purposes.

All third-party processors are rigorously vetted to ensure GDPR compliance, and we maintain contracts with them to ensure data security and confidentiality. Personal data is not transferred outside the UK or EEA unless adequate protections are in place.

Your Data Protection Rights

Under the GDPR, you have a number of important rights with respect to your personal data. These rights include:

  • Right of Access – You may request access to the personal data we hold about you.
  • Right to Rectification – You may ask us to correct or update inaccurate or incomplete information.
  • Right to Erasure ("Right to be Forgotten") – You may request the deletion of your personal data under certain circumstances.
  • Right to Restrict Processing – You may request that we restrict processing of your data in some situations.
  • Right to Data Portability – You can request a copy of your information in a structured, commonly used format.
  • Right to Object – You may object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent – Where you have provided consent, you have the right to withdraw it at any time.

To exercise any of these rights, or for more information, please contact us using the available customer service channels noted on our website or in your order confirmation communications.

Security of Your Personal Data

We implement a range of technical and organisational measures to ensure the security, integrity, and confidentiality of your personal data. These measures include secure storage, access controls, and encryption where appropriate. While we take every precaution to safeguard your data, please be aware that no online transmission is ever completely secure.

Policy Updates

This Privacy Policy may be updated periodically to reflect changes in data protection laws or our business practices. Customers will be notified of any significant changes affecting their rights or how their data is processed at the time of their next order or via our website.

Contact and Complaints

If you have any concerns or questions about this Policy or your personal data, please contact our customer service team via the details provided on our website. If you remain unsatisfied, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) or the relevant supervisory authority.