Emerson Park Florist Privacy Policy

Scope of this Privacy Policy

This Privacy Policy explains how Emerson Park Florist collects, processes, stores, and protects your personal data in compliance with the General Data Protection Regulation (GDPR). It applies to all customers placing orders with Emerson Park Florist from Emerson Park and surrounding districts. We are dedicated to handling your personal information with care and transparency.

What Data We Collect

When you interact with Emerson Park Florist—including placing orders, making enquiries, or using our services—we may collect and process the following categories of personal data:

  • Identity Data: Your full name, title, and where relevant, recipient names.
  • Contact Data: Address, delivery address, postcode, phone number, and other contact details provided in the course of ordering.
  • Order Data: Details of your orders, preferences, messages to recipients, and occasion type (e.g., birthday, sympathy).
  • Payment Data: Payment details required for purchases (processed securely via third-party payment providers; we do not store card numbers).
  • Communication Data: Any correspondence with us, feedback, or queries.
  • Technical Data: Device identifiers, browser type, and IP address (collected by our website processors for functionality and analytics purposes).

Our Lawful Basis for Processing

GDPR requires that we have a legitimate and legal reason for processing your personal data. Emerson Park Florist relies on the following lawful bases:

  • Contractual Necessity: Processing your data is necessary to fulfil your order and deliver floristry services as part of our contract with you.
  • Legitimate Interests: We may process data to improve our services, for fraud prevention, and for the day-to-day running of our business, as long as our interests are not overridden by your rights.
  • Legal Obligations: We may need to retain certain data for tax, accounting, and compliance purposes as required by law.
  • Consent: In circumstances where you explicitly provide consent, such as subscribing to marketing materials (if available), we process your data accordingly. You are free to withdraw consent at any time.

How We Use Your Data

The personal data we collect is used for various purposes, including:

  • Processing your orders and delivering products and services.
  • Communicating with you about orders or responding to your queries.
  • Improving our customer service and website functionality.
  • Fulfilling our legal obligations, such as record-keeping for accounting and tax.
  • Protecting against fraud and ensuring the security of our systems.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, including satisfying any legal, accounting, or reporting requirements. Typically, customer and order information is held for up to seven years to comply with tax and legal obligations. After this period, data is securely deleted or anonymised. If you request data deletion and we are not legally required to retain it, your data will be erased accordingly.

Data Processors and Third Parties

To provide our services effectively, we may share your personal data with external companies acting as processors on our behalf. These include:

  • Payment processors that securely handle your payment transactions.
  • Website hosting providers and technology partners supporting our website and IT infrastructure.
  • Couriers or delivery partners who require details for order fulfillment.
  • Accountancy and auditing firms for compliance with financial regulations.

All third-party processors are carefully selected to ensure they meet GDPR compliance standards and only process your data on our instructions, under strict confidentiality.

International Data Transfers

Emerson Park Florist strives to ensure that your data is stored within the United Kingdom or European Economic Area (EEA). If it is necessary to transfer your data outside of these regions (for example, if a technical processor is located elsewhere), we ensure appropriate safeguards are in place to protect your privacy in accordance with GDPR.

Your Rights under GDPR

GDPR grants you several rights regarding your personal data. As our customer, you have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Ask us to amend or correct inaccurate or incomplete personal data.
  • Erasure: Request deletion of your personal data where there is no lawful reason for us to continue processing it.
  • Restriction: Ask us to restrict the processing of your data in certain circumstances.
  • Objection: Object to certain forms of data processing, such as direct marketing.
  • Data Portability: Request transfer of your personal data to you or another service provider in a structured, commonly used format.
  • Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time.
  • Lodge a Complaint: You have the right to file a complaint with the Information Commissioner's Office (ICO) if you believe your data rights have been infringed.

How We Protect Your Data

Emerson Park Florist applies strict technical and organisational measures to safeguard your personal data against loss, misuse, unauthorised access, disclosure, alteration, or destruction. These measures include secure digital storage, encryption, and staff training in data protection best practices.

Updates to this Privacy Policy

We regularly review this Privacy Policy to ensure continued compliance with the law and alignment with our data handling practices. Customers will be notified of any significant updates. Please check this page periodically for changes.

Contact and Further Information

If you have any questions regarding this Privacy Policy or wish to exercise your GDPR rights, please contact us by post or by visiting our shop in Emerson Park. We are committed to upholding your privacy and ensuring your experience with Emerson Park Florist is secure and transparent.