Haringey Flowers Privacy Policy

Introduction

At Haringey Flowers, we take the privacy and security of your personal information very seriously. This Privacy Policy explains how we collect, use, store, and protect your information when you place an order with Haringey Flowers, serving Haringey and surrounding districts. This policy applies to all of our customers, whether you place orders in person, over the phone, or via our website or other ordering methods.

What Data We Collect

In the course of fulfilling your orders and providing excellent service, we may collect and process the following types of personal data:

  • Contact Information: Your name, address (including delivery address), and contact details such as phone number.
  • Order Details: Product selections, card messages, delivery instructions, and purchase history.
  • Payment Details: Payment method and limited payment information (such as the last four digits of a card), though payment processing is handled by third parties.
  • Communications: Any correspondence with our customer service (such as queries, feedback, or complaints).
  • Technical Data: For online orders, we may collect IP addresses and browser types to improve our website and safeguard against fraud.

Lawful Basis for Processing Your Data

Haringey Flowers processes your personal data in accordance with the UK General Data Protection Regulation (GDPR). The legal bases for processing your information are as follows:

  • Performance of a Contract: Most of the personal data we collect is necessary to process and deliver your order, and provide customer service relating to your purchase.
  • Legal Obligation: We may process and retain certain data as required by law, such as retaining invoicing records for tax purposes.
  • Legitimate Interests: We may use your information for internal operations, analytics, and service improvements where such interests do not override your rights and freedoms.
  • Consent: In limited cases, such as marketing or promotional offers, we will seek your explicit consent to process your data. You have the right to withdraw your consent at any time.

How We Use Your Data

Your data is used exclusively for the following purposes:

  • To process and fulfil your orders.
  • To communicate with you about your order, delivery updates, and any queries you may have.
  • To improve our goods and services through internal record keeping and analytics.
  • To comply with legal and regulatory requirements.
  • If you have given consent, to provide information about offers or promotions that may be of interest.

Data Retention

We will retain your personal information only for as long as is necessary for the purposes described in this policy or as required by law. Generally, order records and related customer data are kept for a period of up to seven years to comply with business and tax regulations. Afterwards, personal data is securely deleted or anonymised so that you can no longer be identified.

Our Use of Processors and Third Parties

To provide our services, we may use trusted third-party processors as part of normal business operations. These may include:

  • Payment processors who securely handle your card or payment information. We do not store your full payment details ourselves.
  • Delivery and courier partners to ensure your flowers arrive as ordered.
  • IT service providers to maintain and safeguard our ordering systems and data storage.
  • Professional advisors (such as accountants) where required for legal compliance.

All third-party processors are carefully selected and required to act only on our instructions, protect your data consistent with this Policy, and adhere to relevant data protection laws. We never sell your personal information or share your details with unrelated third parties for their own marketing purposes.

Your Rights

Under the GDPR, you have important rights over your personal data held by Haringey Flowers. These include:

  • Right to Access: You can request details of the personal data we hold about you.
  • Right to Rectification: You are entitled to have any incorrect or incomplete data corrected.
  • Right to Erasure: You can ask us to delete your personal information in certain circumstances, such as where it is no longer needed.
  • Right to Restrict Processing: You have the right to restrict the way we process your data under certain conditions.
  • Right to Data Portability: Where applicable, you can ask for your data to be transferred to another service provider.
  • Right to Object: You have the right to object to processing, especially for direct marketing or where processing is based on legitimate interests.
  • Right to Withdraw Consent: Where processing is based on your consent, you may withdraw this at any time.

To exercise any of these rights, please contact us using the contact options provided on our website or in-store. We aim to respond to all requests within one month. Please note, some rights may be limited where we have overriding legal obligations or legitimate business reasons.

How We Protect Your Data

We are committed to keeping your data secure. We implement technical and organisational measures to safeguard your information, such as encryption, secure storage, access controls, and staff training. In the unlikely event of a data breach, we will notify you and relevant authorities as required by law.

Policy Updates

This Privacy Policy is subject to review and may be updated from time to time to reflect changes in our procedures, legal requirements, or data protection practices. The latest version will always be available in our store and on our website. We encourage you to check it regularly so you remain informed about how we protect your privacy.

Contact Us

If you have any questions about this Privacy Policy or how your information is handled, please get in touch with us through the contact details provided via our website or in-store. We are always happy to address your concerns regarding your data privacy.