Charing Cross Flowers Privacy Policy

Introduction

At Charing Cross Flowers, we are committed to protecting your privacy and handling your personal data transparently, in line with the requirements of the UK General Data Protection Regulation (GDPR) and other relevant privacy laws. This Privacy Policy describes how we collect, use, retain, and protect the personal data of our customers who place flower orders within Charing Cross and surrounding districts. It also outlines your rights regarding your personal information.

Scope of This Policy

This policy applies to all customers who order products and services from Charing Cross Flowers either via our website, telephone orders, or in person at our physical store, for delivery or collection in Charing Cross and adjacent areas. By placing an order or interacting with us, you agree to the collection and use of your personal data as described herein.

What Data We Collect

In order to fulfill orders and manage customer relationships, we may collect and process the following categories of personal data:

• Contact Information: Your name, delivery address, billing address, telephone number, and, where applicable, your email address.
• Order Information: Details of the products you order, including recipient details, delivery instructions, and any personalised messages provided by you.
• Payment Details: Information required to process your payment (such as cardholder name and transaction confirmation). Note: Payment card information is processed securely and we do not store your complete card details on our servers.
• Correspondence: Records of your interaction with us via telephone, in store, or written/electronic communication regarding your orders or our services.
• Technical Data: When using our website, we may collect limited technical data such as browser type, device type, and website usage statistics, which helps us enhance your experience and security.

Lawful Basis for Processing

We process your personal data based on several lawful bases under the GDPR:

• Contractual Necessity: Most of the information we process is necessary for performing our contract with you, such as processing orders, arranging deliveries, and handling payments.
• Legal Obligation: In certain cases we must retain or disclose information to comply with legal or regulatory duties, such as accounting and tax requirements.
• Legitimate Interests: We may use your information for legitimate business purposes, such as improving our products and services, fraud prevention, and ensuring our systems’ security. In such cases, we make sure your interests and fundamental rights do not override our legitimate interests.
• Consent: Where required, such as for sending you marketing communications, we rely on your explicit consent, which you can withdraw at any time.

How We Use Your Data

Your personal data is used only for the purpose it was collected for, such as:

• Processing and delivering your orders
• Managing payments, refunds, and billing queries
• Contacting you regarding your order or customer service matters
• Improving our services and customer experience
• Complying with legal and regulatory obligations
• Sending service-related updates and, with your permission, limited marketing communications

Data Retention

Charing Cross Flowers will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Typically, we retain customer and order information for up to six years from the date of your last transaction, unless a longer retention period is required or permitted by law.

Sharing Your Information: Processors and Third Parties

We may share your personal data with trusted third-party service providers (“processors”) who assist us in delivering our services. These include payment processing companies, delivery partners, IT and website support providers, and, where necessary, professional advisors (such as accountants). All external processors are required to comply with data protection regulations and are prohibited from using your data for any purpose other than the specific service they provide to us. We do not sell or rent your data to third parties.

When required by law, we may also share your information with governmental authorities or regulators.

How We Protect Your Information

Your privacy and the security of your data are paramount to us. We use appropriate organisational and technical measures to safeguard your personal data against accidental loss, unauthorised access, disclosure, alteration, or destruction. This includes secure payment gateways, restricted access controls, staff training, and regular review of our security policies and procedures.

Your Rights

Under the GDPR, you have specific rights regarding the data we hold about you:

• Right to Access: You can request a copy of the personal data we hold about you and information on how it is processed.
• Right to Rectification: If your personal data is inaccurate or incomplete, you can request correction or completion.
• Right to Erasure: You can request deletion of your personal data under certain circumstances (known as the ‘right to be forgotten’).
• Right to Restrict Processing: In specific situations, you may request us to restrict the processing of your data.
• Right to Object: You can object to the processing of your personal data (for example, for direct marketing purposes).
• Right to Data Portability: Where applicable, you may request the transfer of your data to another organisation.
• Right to Withdraw Consent: Where processing is based on your consent, you can withdraw it at any time.
• Right to Complain: If you believe your data protection rights have been breached, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service offerings. The most current version will always be available on request or at our place of business. We encourage you to review the policy periodically.

Contact Us

If you have any questions about this Privacy Policy, your data, or how we process it, please visit our store or contact us through our website channels. We aim to respond to all queries promptly and efficiently.

Thank you for trusting Charing Cross Flowers with your personal information. We are dedicated to ensuring your data is respected and protected at all times.