Kentish Town Flowers Privacy Policy

Introduction

At Kentish Town Flowers, protecting your personal information is of utmost importance. This Privacy Policy explains how we collect, use, store, and protect your data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and relevant UK data protection laws. This policy applies to all customers who place orders with Kentish Town Flowers within Kentish Town and the surrounding districts. Please read this policy carefully to understand your rights and how we handle your personal data.

What Data We Collect

When you place an order with Kentish Town Flowers, we collect and process personal data necessary for the provision of our services. The data we collect includes, but is not limited to:

  • Contact Information: Your name, delivery address, billing address, and contact details, such as telephone number (if provided).
  • Order Details: Information about your purchases, including the recipient's name, delivery instructions, card messages, and order preferences.
  • Payment Information: Transaction details (handled securely by payment processors), payment status and receipts. Kentish Town Flowers does not retain full payment card details after the transaction is processed.
  • Correspondence: Records of any communications, feedback, or queries you may have with our team regarding your order.
  • Technical Data: IP address, device type, and limited browser data may be collected through your interaction with our website for security and analytical purposes.

Lawful Basis for Processing Your Data

We will only process your personal data where we have a legal basis to do so under GDPR, which will typically fall into one or more of the following categories:

  • Contractual Necessity: We collect and process your data to fulfill the contract with you when you place an order. This includes processing your payment, delivering your order, and managing your customer account.
  • Legitimate Interests: We may process your data for legitimate business purposes, including improving our services and communicating with you regarding your order, provided that these interests do not override your data protection rights.
  • Legal Obligations: In some cases, we are required to process and retain your data to comply with applicable laws or regulatory requirements.
  • Consent: Where required by law, we may seek your explicit consent to process your personal data, for example, for marketing activities. You may withdraw your consent at any time.

How We Use Your Personal Data

Kentish Town Flowers uses your personal information for the following purposes:

  • Processing and delivering your flower orders.
  • Communicating with you about your order, including updates, changes, or delivery issues.
  • Managing any issues, complaints, or queries relating to your order.
  • Maintaining our business records for accounting, tax, and legal purposes.
  • Improving our products, services, and customer experience.

Retention of Your Data

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. Generally, we retain order-related data for seven years to meet legal and tax obligations. After this period, data that is no longer required will be securely deleted or anonymised.

Data Processors and Third Parties

We may share your personal data with trusted third-party processors who assist us in providing our services. These processors include:

  • Payment Processors: Securely handle your payment transactions and comply with all data protection and security requirements.
  • IT and Hosting Providers: Host our website and securely process your orders online.
  • Delivery Partners: When necessary, to ensure the fulfilment of your flower delivery.

All processors act under our strict instruction and are prohibited from using your data for their own purposes. We require all third parties to respect the security of your personal data and to process it in accordance with the law.

Data Security

Kentish Town Flowers takes appropriate technical and organisational measures to protect your data against accidental loss, misuse, unauthorised access, disclosure, alteration, or destruction. Access to personal data is limited to employees, agents, and contractors who need it for legitimate business purposes, and are subject to confidentiality obligations. All data transfers with processors are conducted securely.

Your Data Protection Rights

As a data subject under GDPR, you have the following rights regarding your personal data:

  • Right of Access: To request a copy of the personal data we hold about you.
  • Right to Rectification: To request correction of any inaccuracies in your data.
  • Right to Erasure: To request deletion of your personal data, subject to legal requirements.
  • Right to Restrict Processing: To request that we restrict the processing of your data in certain circumstances.
  • Right to Object: To object to processing where we are relying on legitimate interests or undertaking direct marketing.
  • Right to Data Portability: To request your data be transferred to you or another data controller in a structured, commonly used, machine-readable format.
  • Right to Withdraw Consent: If we process data based on your consent, you have the right to withdraw this at any time.

To exercise any of these rights, contact us through our customer service channels. We will respond promptly and in accordance with applicable data protection laws.

Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data without parental consent, please notify us so we can take appropriate actions.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. The latest version will always be available via our website. Any significant changes will be notified to you through appropriate means.

Contact and Further Information

If you have any questions about this Privacy Policy or your data, or wish to exercise your rights, please reach out to us via our available contact channels. We are committed to protecting your privacy and handling your data responsibly at all times.