Privacy Policy for Flower Delivery Oxford Customers

Introduction

This Privacy Policy outlines how Flower Delivery Oxford collects, uses, stores, and protects your personal data when you place an order with us. This policy applies to all customers placing orders for flower delivery within Oxford and the surrounding districts. We understand the importance of your privacy and are committed to safeguarding your personal data in compliance with the General Data Protection Regulation (GDPR) and the UK Data Protection Act.

What Data We Collect

To process your flower order and provide our services efficiently, Flower Delivery Oxford collects the following personal data:

  • Contact Information: Your full name, delivery address, billing address, and phone number.
  • Email Address: For order confirmations, delivery updates, and customer service purposes.
  • Order Details: Details about your purchase, including order contents, recipient name, and any personalized messages.
  • Payment Information: Payment card details (processed securely by third-party payment processors), transaction references, and payment status.
  • Technical Information: IP address, device information, browser type, and access times collected via our website’s analytics for security and service improvement.

Lawful Basis for Processing Data

The GDPR requires us to have a lawful basis for processing your personal data. Flower Delivery Oxford relies on the following bases:

  • Contractual Necessity: Most data is collected and processed because it is necessary for fulfilling your order and providing you with our services.
  • Legal Obligations: We may process your data to comply with applicable laws, such as tax and accounting regulations.
  • Legitimate Interests: We may use your data for legitimate business purposes, such as improving our services, fraud prevention, and ensuring the security of our systems, provided these interests do not override your personal rights.
  • Consent: In specific cases, such as sending marketing communications, we rely on your explicit consent, which you may withdraw at any time.

How We Use Your Data

We use the personal data collected from customers for the following purposes:

  • Processing and fulfilling your order, including confirming order details and arranging delivery.
  • Communicating with you about your order status or any issues arising during fulfillment.
  • Managing payment processing and fraud prevention.
  • Responding to customer service queries and requests.
  • Improving and personalizing our services based on aggregated analytics.
  • Meeting legal and regulatory requirements.

Data Retention

Flower Delivery Oxford retains your personal data only for as long as necessary to fulfill the purposes for which it was collected, as outlined in this Privacy Policy. This means:

  • Order and transaction data will typically be held for a period of six (6) years to comply with tax and accounting obligations.
  • Contact and customer service data will be kept for up to two (2) years after your last interaction with us unless a longer retention is required by law or you request deletion sooner, subject to contractual and legal constraints.
  • Technical and analytics data is generally retained in an aggregated or anonymized format unless required for security or compliance purposes.

Data Processors

To provide our services, Flower Delivery Oxford engages trusted third-party service providers ("processors") who process personal data on our behalf, including:

  • Payment service providers – to securely process card payments.
  • Website hosting companies – for secure storage and management of website and order information.
  • Delivery partners – to ensure correct and timely delivery of orders.
  • IT and security service providers – to help safeguard your data and support our technical infrastructure.

All data processors are contractually obligated to process your data only as directed by Flower Delivery Oxford and to maintain appropriate security measures in line with GDPR requirements. We do not sell your personal data to any third parties.

How We Protect Your Data

Flower Delivery Oxford takes data security seriously. We use appropriate organizational and technical measures to safeguard your information, including encrypted storage, secure data transfer protocols (such as SSL/TLS), access controls, and regular security reviews. Only authorized personnel and processors with a legitimate need to access your data are permitted to do so.

Your Rights Under the GDPR

As a customer within Oxford or the surrounding districts, you have the following rights regarding your personal data under the GDPR:

  • Right of Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request correction of any inaccurate or incomplete data we hold.
  • Right to Erasure (‘Right to be Forgotten’): You may request deletion of your personal data where there is no lawful reason for us to continue processing it.
  • Right to Restrict Processing: You may request that we restrict the processing of your personal data in certain circumstances.
  • Right to Data Portability: Where applicable, you can request your data be transferred to another organization or to you.
  • Right to Object: You can object to certain types of processing, such as direct marketing, at any time.
  • Right to Withdraw Consent: Where we rely on your consent, you can withdraw it at any time without affecting the lawfulness of previous processing.
  • Right to Lodge a Complaint: If you believe your data protection rights have been breached, you may lodge a complaint directly with the Information Commissioner’s Office (ICO) or your local supervisory authority.

Policy Applicability and Updates

This Privacy Policy applies to all individuals placing orders with Flower Delivery Oxford for delivery within Oxford and the surrounding districts. From time to time, we may update this Privacy Policy to reflect changes in our practices, legal requirements, or other operational needs. Any updates will become effective upon publication on our website. We encourage all customers to review this policy periodically for the latest information on our privacy practices.

Contacting Us

If you have questions about this Privacy Policy, your personal data, or wish to exercise your rights, please reach out to us through the available contact forms on our website or by post. We are committed to resolving any privacy concerns promptly and transparently.