Lee Florist Privacy Policy

Privacy Policy – Our Commitment to Your Data

Lee Florist values your privacy and is committed to safeguarding the personal data you entrust to us. This Privacy Policy explains how we collect, use, store, and protect your information in accordance with the UK General Data Protection Regulation (GDPR). It applies to all customers placing orders with Lee Florist from Lee and the surrounding districts.

What Information We Collect

When you place an order with Lee Florist, we may collect and process the following categories of personal information:

  • Contact Information: Name, delivery address, billing address (if different), and phone number.
  • Order Details: Details of products ordered, delivery instructions, messages for recipients, and the recipient's contact information.
  • Payment Information: Details necessary to process payments, such as credit/debit card information (note that payments are securely processed via third-party payment providers, and we do not store full card details).
  • Communication Records: Correspondence with us, including order confirmations, queries, or complaints.
  • Technical Information: IP address, browser type and device, and logs related to the usage of our website or online ordering system.

Lawful Basis for Data Processing

We process your personal data in accordance with the principles of GDPR, relying on the following lawful bases:

  • Contractual Necessity: Most of the information we collect is necessary for us to fulfil our contract with you, such as processing your order, arranging delivery, and handling payment.
  • Legal Obligation: We may be required to retain certain information for tax or accounting purposes as required by UK law.
  • Legitimate Interests: We may use your data to enhance our products or services, communicate important updates about your orders, or for fraud prevention, provided these interests do not override your rights and freedoms.
  • Your Consent: With your explicit consent, we may send marketing communications or process information in ways not covered by the other lawful bases. You have the right to withdraw your consent at any time.

How We Use Your Data

Your personal data is used primarily to process and deliver your orders and to communicate with you about your purchases. Additionally, we may use your information to:

  • Provide customer service and support.
  • Administer our business operations, including accounting and record-keeping.
  • Ensure website functionality and security.
  • Comply with applicable laws and regulatory requirements.
  • Send you updates, offers, or marketing materials with your consent.

How Long We Retain Your Data

We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected. Specifically:

  • Order and transaction information is typically retained for a minimum of six years to comply with applicable tax and accounting regulations.
  • Communication records may be retained for up to two years to help us resolve inquiries or complaints.
  • Marketing preferences are stored until you update or remove your preferences.

After these periods, your data will be securely deleted or anonymised so that it can no longer be associated with you.

Data Sharing and Processors

We share your personal information with trusted third-party service providers who perform functions on our behalf. These processors may include:

  • Payment processing companies to handle transactions securely.
  • Delivery partners or couriers to ensure your flowers reach their destination.
  • IT and system administration providers to maintain and support our ordering systems.
  • Professional advisors, such as accountants or legal consultants.

All processors are contractually obliged to safeguard your data, use it only for specified purposes, and comply with the relevant data protection laws. We do not sell or rent your personal information to any third parties.

Your Rights Under GDPR

As a data subject, you have the following rights regarding your personal data:

  • Right of Access: Ask us for a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of any inaccurate or incomplete personal data.
  • Right to Erasure: Ask for deletion of your data when it is no longer necessary for the purpose it was collected, or where you withdraw consent and no other legal basis applies.
  • Right to Restrict Processing: Request that we restrict the processing of your personal data under certain circumstances.
  • Right to Data Portability: Receive your personal data in a commonly used, machine-readable format, or request that we transmit it directly to another data controller.
  • Right to Object: Object to processing of your personal data in specific circumstances, such as for direct marketing.
  • Right to Withdraw Consent: Where your consent is the lawful basis, you may withdraw it at any time.

If you wish to exercise any of these rights, or have questions or concerns about our data practices, please contact us through the available communication channels on our website or in-store.

Data Security Measures

Lee Florist implements appropriate technical and organisational measures to protect your personal data against loss, misuse, unauthorised access, disclosure, alteration, or destruction. This includes secure payment gateways, encrypted systems, restricted access to your information, and regular staff training.

Policy Updates

We may periodically update this Privacy Policy to reflect changes in our services or to comply with legal requirements. The latest version will always be available on our website and in-store. We encourage you to review it regularly.

Scope of This Policy

This Privacy Policy applies to all customers who place orders with Lee Florist from Lee and the surrounding districts. Continued use of our services indicates your acceptance of the terms outlined above.