Surbiton Florist Privacy Policy – Your Data Rights and Our Responsibilities

Introduction

This Privacy Policy explains how Surbiton Florist complies with data protection regulations, including the General Data Protection Regulation (GDPR), regarding the collection, use, and protection of your personal data. This policy applies to all customers placing orders with Surbiton Florist in Surbiton and surrounding districts. Please read this policy carefully to understand how your information is handled.

What Data We Collect

When you place an order or interact with Surbiton Florist, we collect personal information necessary to process your request. Depending on your interaction, the information we gather may include:

  • Identification data: Full name, title
  • Contact information: Delivery and billing addresses, telephone numbers
  • Email address: To send order confirmations and communication
  • Order details: Product selections, delivery instructions, personalized messages
  • Payment data: Transactional details provided to our payment processors (we do not store full payment card numbers)
  • Technical information: IP address, browser type, and cookies (when browsing our website)

Lawful Basis for Processing Your Data

Surbiton Florist only processes your personal data when permitted by law. According to the GDPR, our core lawful bases for processing include:

  • Contractual necessity: Much of the data we collect is necessary to fulfill your order or provide the services you request.
  • Legal obligation: We may process your data to comply with legal or regulatory requirements, such as tax or accounting rules.
  • Legitimate interests: We may process limited data to maintain business operations, improve our services, and respond to queries or complaints, ensuring your rights and interests are always considered.
  • Consent: When legally required (such as for direct marketing), we will ask for your consent before using your data, which you may withdraw at any time.

Purpose of Data Processing

We use your data for the following purposes:

  • Accepting and processing your floral orders
  • Arranging deliveries to specified addresses
  • Providing customer support and responding to inquiries
  • Confirming orders and notifying you of delivery or collection status
  • Maintaining business records and managing financial transactions
  • Improving our products, services, and website functionality
  • Complying with legal or regulatory requirements

Data Processors and Third Parties

In some instances, your data may be shared with trusted third parties or data processors who provide essential services, including:

  • Secure payment providers for processing transactions
  • Delivery and courier companies to fulfill your orders
  • IT system providers for managing our digital systems and website
  • Professional advisers, such as accountants or legal consultants

All processors and third parties are vetted, and contracts require them to handle your data securely, only as necessary to provide the requested services, and in compliance with GDPR.

International Data Transfers

We primarily store your data within the United Kingdom or European Economic Area (EEA). If any data is transferred outside these areas, we ensure that appropriate safeguards are in place, including using standard contractual clauses as approved by relevant authorities.

Data Retention

Surbiton Florist retains your personal data only as long as necessary to fulfill the purpose for which it was collected, including delivering your order, handling customer service requests, and meeting legal, accounting, or regulatory requirements. Typically:

  • Order details and contact information are retained for up to seven years to comply with tax and financial regulations.
  • Website analytics data is retained for up to two years.
  • Marketing preferences are retained until you withdraw consent or request deletion.

After the applicable retention period, your data is securely deleted or anonymized.

How We Protect Your Data

We implement technical and organizational measures to secure your personal data against loss, misuse, unauthorized access, disclosure, alteration, or destruction. These measures include secure servers, encryption, restricted access, regular staff training, and ongoing security reviews.

Your Rights Under the GDPR

As a customer of Surbiton Florist, you have the right to:

  • Access: Obtain confirmation as to whether we process your data and receive a copy of the information held about you.
  • Rectification: Request correction of any inaccurate or incomplete personal data.
  • Erasure: Ask for your personal data to be deleted under certain conditions (the "right to be forgotten").
  • Restriction: Request limitation of processing if you contest accuracy, legality, or need your data for legal claims.
  • Objection: Object to processing, especially for direct marketing or processing based on legitimate interests.
  • Data portability: Request to receive your data in a structured, commonly used, and machine-readable format.
  • Withdraw consent: Withdraw your consent at any time where processing is based on consent.

To exercise your rights, please contact us using the methods outlined on our website or in our business premises. We will respond to your request promptly and in accordance with regulatory timeframes.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes to our practices, updates in the law, or improvements in our services. Any updates will be published on our website, and where required, changes will be communicated directly to you.

Complaints and Further Information

If you have concerns about your data or this Privacy Policy, you have the right to contact Surbiton Florist directly. You also have the right to lodge a complaint with the Information Commissioner's Office or your local data protection authority if you believe your rights have been infringed.

This Privacy Policy is effective from the date of publication and covers the processing of all personal data from customers in Surbiton and surrounding districts who place orders with Surbiton Florist.