Flower Delivery Luton Privacy Policy

Introduction

At Flower Delivery Luton, we are committed to safeguarding the privacy and security of our customers’ personal information. This Privacy Policy sets out how we collect, use, store, and protect your data when you place orders with Flower Delivery Luton from Luton and surrounding districts. Our practices comply with the General Data Protection Regulation (GDPR) and other relevant privacy laws.

Scope of this Policy

This Privacy Policy applies to all individuals who place an order with Flower Delivery Luton, whether online, by phone, or in person, and who are based in Luton or any of the neighbouring districts. By ordering from us, you acknowledge the practices described in this policy.

What Data We Collect

When you engage with Flower Delivery Luton, we may collect the following types of personal data:

  • Contact Details: Your full name, address, and contact information (such as delivery address and phone number where applicable)
  • Order Information: Details relating to your purchases, delivery instructions, and order history
  • Payment Details: Payment information necessary to process your order (such as payment method and transaction records). Note: credit/debit card payments are processed securely via our payment processor and we do not store card numbers in our systems.
  • Correspondence: Any communications between you and Flower Delivery Luton, including queries, feedback, or complaints
  • Website Use Data: When you use our website, information such as IP address, browser type, and browsing patterns may be automatically collected through cookies or similar technologies. This helps us to improve our services and the user experience.

Lawful Basis for Data Processing

Under the GDPR, we are required to identify a lawful basis for processing your personal data. Flower Delivery Luton collects and processes your data using the following bases:

  • Contractual Necessity: Most of the information we collect from you is required to fulfil our contract with you. This includes processing your order, delivering your flowers, and handling payments.
  • Legitimate Interests: We may use your data to manage and improve our services, respond to enquiries, or undertake direct marketing, providing such interests are not overridden by your privacy rights.
  • Consent: In certain cases, such as sending marketing messages, we will rely on your explicit consent, which you can withdraw at any time.
  • Legal Obligations: We may also process your personal data to comply with applicable laws and regulatory requirements.

How We Use Your Information

Your personal data is used strictly for the purposes for which it was collected, including:

  • Processing and fulfilling your flower orders
  • Communicating with you regarding your order, delivery updates, or customer service
  • Improving our products and services based on feedback and analysis
  • Sending you information on promotions, offers, or updates (if you have opted in)
  • Complying with our legal and regulatory obligations

Data Retention

Flower Delivery Luton retains your personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements. Typically, we will keep transaction and order data for up to six years to comply with tax and legal regulations. After this period, your data will be securely deleted or anonymised. If you withdraw your consent or request erasure earlier, we will remove your data unless we are required to retain it for legal reasons.

Processors and Third Parties

We may share your information with trusted third-party service providers who act as data processors on our behalf. These providers adhere to GDPR requirements and help us deliver our products and services efficiently. Examples include:

  • Payment processors (for secure handling of credit/debit card payments)
  • Delivery and logistics partners who carry out local flower deliveries on our behalf
  • IT service providers who maintain our website and systems

These processors are only permitted to use your information in accordance with our instructions and may not use it for their own purposes. We do not sell or rent your personal data to any third parties for marketing or other commercial purposes.

Data Security

Your personal data is protected using industry-standard security measures, including secure servers, restricted access to data, encryption where appropriate, and robust internal processes. We continually review and enhance our data protection measures to ensure your information remains safe.

Your Rights

Under the GDPR, you have a number of important rights regarding the personal data we hold about you:

  • Right to Access: You may request a copy of your personal data that we hold.
  • Right to Rectification: You may ask us to correct any inaccurate or incomplete information.
  • Right to Erasure: You may request deletion of your personal data under certain circumstances.
  • Right to Restriction: You may ask us to limit processing of your personal data in certain cases.
  • Right to Data Portability: You may request that we provide your data to you, or another controller, in a commonly used, structured format.
  • Right to Object: You may object to processing where we rely on legitimate interests or for direct marketing.
  • Right to Withdraw Consent: Where processing is based on your consent, you can withdraw this consent at any time.

If you wish to exercise any of these rights, please contact us using the information provided on our website or in your order confirmation. We will respond to all requests within the timeframes set out by GDPR.

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our business operations, legal requirements, or data protection best practices. Changes will be published on our website and become effective immediately upon posting. Please check back regularly to stay informed of any updates.

Contact and Complaints

If you have any questions about this Privacy Policy or our data protection practices, please consult the contact section on our website. If you are dissatisfied with how your data has been handled, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) or your local data protection authority.