Flower Delivery Kenton Privacy Policy

Introduction

This Privacy Policy explains how Flower Delivery Kenton (“we”, “us”, or “our”) collects, uses, and protects your personal data in accordance with the General Data Protection Regulation (GDPR). It applies to all customers placing Flower Delivery Kenton orders from Kenton and surrounding districts. Protecting your privacy and your rights is our priority, and this policy aims to provide transparency regarding your personal data handled by us.

What Data We Collect

When you place an order with Flower Delivery Kenton, we collect and process information necessary to provide our services, fulfill orders, and comply with legal obligations. The types of data we may collect include:

  • Personal Identification Data: Name, delivery address, billing address
  • Contact Details: Telephone number, postal address
  • Order and Transaction Data: Details of the flowers and products you order, payment method and status (we do not store full card numbers or CVVs)
  • Delivery Details: Recipient name, address, and any personalised messages included
  • Communication Data: Any communications you send to us, such as inquiries, complaints or feedback
  • Technical Data: IP address, browser type, operating system, usage data on our website (collected via cookies or similar technologies as permitted by law)

Lawful Basis for Processing Personal Data

Under GDPR, we must have a lawful ground for processing your personal data. Flower Delivery Kenton relies on the following bases:

  • Contractual Necessity: Processing your data to fulfill your orders and deliver flowers as requested
  • Legal Obligation: Fulfilling tax, accounting, and other legal requirements
  • Legitimate Interests: Improving our services, responding to your requests, and maintaining the security of our website
  • Consent: For certain optional marketing communications or the use of non-essential cookies where required, which you can withdraw at any time

How We Use Your Data

We use your personal data only for legitimate purposes, which may include:

  • Processing and fulfilling your flower delivery orders
  • Managing payments and completing financial transactions
  • Providing customer support and responding to communications
  • Improving our products, services, and website experiences
  • Complying with legal, accounting, and regulatory requirements
  • Sending optional promotional or service communications where you have given consent

Data Retention

We retain your personal data only as long as necessary for the purposes for which it was collected, including fulfilling orders, legal and accounting obligations, handling customer service inquiries, or as required by law. Generally:

  • Order and payment data are retained for at least six years to comply with tax and accounting requirements
  • Contact details and communications may be retained for up to two years after your last interaction to resolve inquiries or service issues
  • Technical data is typically retained for no longer than one year, unless essential for security or legal reasons

We review our retention periods regularly and securely erase or anonymise personal data when no longer needed.

Data Sharing and Processors

We only share your personal data with trusted third-party service providers as necessary to deliver our services, act on your behalf, or meet legal requirements. Categories of third parties may include:

  • Payment processors for secure payment transactions
  • Delivery partners and couriers involved in fulfilling your flower orders
  • IT service providers involved in data hosting, website maintenance, and security
  • Professional advisers such as accountants or legal consultants if required

All third-party processors are required under contract to protect your data according to GDPR standards and must not use your personal information for their own purposes. We do not sell, rent, or trade your personal information to third parties.

Data Security

Your privacy is paramount to us. We implement appropriate organisational and technical measures to protect your personal data from accidental or unlawful access, loss, misuse, disclosure, or destruction. These measures include encryption, secure servers, restricted access, and regular security reviews.

Your Rights Under GDPR

As a data subject under the GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of personal data we hold about you
  • Right to Rectification: Ask us to correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data when no longer necessary
  • Right to Restrict Processing: Ask us to suspend processing of your data in certain circumstances
  • Right to Data Portability: Request transfer of your data to another provider
  • Right to Object: Object to processing based on legitimate interests or direct marketing
  • Withdraw Consent: Withdraw your consent at any time where consent is relied upon
  • Automated Decision Making: The right not to be subject to decisions based solely on automated processing

How to Exercise Your Rights

If you wish to exercise any of your rights, or have questions about how we handle your personal data, please contact us using our standard communication channels. We will respond as required by law and confirm your identity before fulfilling requests to protect your privacy.

Changes to This Privacy Policy

We reserve the right to update this Privacy Policy from time to time. Any changes will take effect when posted on our website. We recommend you check this page regularly to stay informed about how your data is handled.

Effective Date and Scope

This policy is effective as of 1 June 2024 and covers all customers of Flower Delivery Kenton who place orders from Kenton and its surrounding districts.