Eastcote Florist GDPR Privacy Policy

Introduction

At Eastcote Florist, we prioritise your privacy and are committed to complying with the UK General Data Protection Regulation (GDPR). This Privacy Policy explains how Eastcote Florist collects, uses, retains, and safeguards your personal data when you place orders with us as a customer in Eastcote and surrounding districts. Our goal is to offer transparency regarding your information and ensure you understand your privacy rights.

Scope of This Policy

This Privacy Policy applies to all customers who place orders with Eastcote Florist, whether you make purchases directly at our physical location, via telephone, or through our online ordering system. The policy covers orders fulfilled for delivery or collection originating from Eastcote and nearby areas.

What Data We Collect

When you place an order or interact with Eastcote Florist, we may collect and process the following types of personal data:

  • Contact Information: Your full name, delivery address, billing address (if different), and telephone number.
  • Order Details: Content of your order, delivery instructions, messages for recipients, preferred delivery time, and payment information (processed securely via payment processors — we do not store your card information ourselves).
  • Communication Records: Records of your correspondence or enquiries made by phone, in person, or through our website.
  • Website Usage Information: IP address, device type, and browsing activity if you interact with our digital ordering platform, collected via cookies and analytical tools.

Lawful Basis for Processing

Under the GDPR, we must have a lawful basis to collect and use your personal data. For Eastcote Florist customers, the following lawful bases apply:

  • Contractual Necessity: The majority of the data we collect is necessary to fulfil your order and provide the products and services you request.
  • Legal Obligation: Certain information, such as transaction records, must be retained to comply with legal and financial reporting requirements.
  • Legitimate Interests: We may use your information to improve our services and for internal administrative purposes. If we do so, we ensure these interests do not override your data rights.
  • Consent: In some cases, such as sending marketing messages, we will seek your explicit consent. You may withdraw consent at any time.

How We Use Your Data

Eastcote Florist collects, stores, and uses your data strictly for the following purposes:

  • To process and securely fulfil your orders.
  • To provide customer service and respond to your enquiries.
  • If requested by you, to include personal messages or special instructions with orders.
  • To manage payments and verify your identity when necessary.
  • To comply with regulatory requirements and legal obligations.
  • With your optional consent, to send marketing or promotional information about Eastcote Florist services.

Retention of Personal Data

We only keep your personal data for as long as necessary for the purposes described above. Specifically:

  • Order and transaction data will be retained for a minimum of six years to fulfil legal obligations such as VAT and tax record-keeping.
  • Contact details used solely for customer service or one-off orders may be deleted three years after your last interaction, unless longer retention is legally required.
  • If you have opted-in to marketing communications, your consent will be refreshed or reviewed at least every three years.

After these retention periods, your personal data will either be securely deleted or anonymised for statistical analysis.

Processors and Third-Party Disclosure

Eastcote Florist uses third-party partners and service providers (processors) to assist with certain functions such as payment processing, website hosting, and order delivery logistics. All such processors are contractually required to comply with GDPR, process your data securely, and act solely on our instructions. We do not sell or rent your data to third parties. Personal data is only shared where necessary to process your order or where required by law.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against loss, misuse, or unauthorised access. This includes limited access controls, secure payment processing channels, and regular reviews of our data handling procedures.

Your Rights Under GDPR

You have the following rights regarding your personal data held by Eastcote Florist:

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Ask us to correct any incomplete or inaccurate data.
  • Right to Erasure: Request deletion of your data in certain circumstances, providing no overriding legal grounds exist.
  • Right to Restriction: Request that we restrict the processing of your information in certain situations.
  • Right to Data Portability: Receive personal data in a structured, commonly used format for transfer to another provider.
  • Right to Object: Object to the processing of your data where justified by a legitimate interest or direct marketing.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw this at any time without affecting the lawfulness of prior processing.

If you wish to exercise any of these rights, please contact us via our usual customer service channels. We will respond to all legitimate requests within one month, unless the request is particularly complex in which case we will keep you informed of any delay.

Changes to This Privacy Policy

We may review and update this Privacy Policy from time to time to reflect changes in legal requirements or our processing practices. The revised policy will always be posted in our store and on our website with the effective date. We encourage you to review it periodically.

Contact and Complaints

If you have questions about this Privacy Policy or about how Eastcote Florist uses your personal data, please contact us via our customer service team during store opening hours. Should you wish to escalate concerns, you also have the right to file a complaint with the UK Information Commissioner's Office (ICO).

This Privacy Policy was last updated in June 2024 and applies to all orders placed by customers from Eastcote and surrounding districts.