Privacy Policy – How Barnet Flowers Protects Your Data

Introduction to Our Privacy Policy

At Barnet Flowers, we respect the privacy of all our customers. This Privacy Policy outlines how we collect, use, share, and protect your personal data when you place an order with us. It applies to customers purchasing flowers and related goods from Barnet Flowers across Barnet and surrounding districts. We are fully committed to complying with the General Data Protection Regulation (GDPR), ensuring that your personal data is handled lawfully, fairly, and transparently.

What Data We Collect

When you place an order with Barnet Flowers, we collect a range of personal information to process and fulfill your order. The types of data we collect include:

  • Contact Information: Name, delivery address, billing address, and telephone number.
  • Order Details: Information about the products and services you order, preferred delivery dates and times, and special instructions.
  • Payment Information: Payment method and transaction details. We do not store full credit or debit card numbers; these are handled through secure third-party payment processors.
  • Communication Records: Any emails or correspondence relating to your order, including feedback or complaints.
  • Technical Data: When you interact with our website, we may collect your IP address, browser type, device information, and cookie data to improve site performance and user experience.

Lawful Basis for Processing Your Data

Under the GDPR, Barnet Flowers processes your personal data on one or more of the following lawful bases:

  • Contractual Necessity: Data is required to enter into and fulfill the sales contract when you place an order, including confirming, processing, and delivering your flowers.
  • Legal Obligations: To comply with our legal and regulatory requirements, such as maintaining records for tax or accounting purposes.
  • Legitimate Interests: For purposes essential to our business operations, such as communicating with you about your order or service updates and ensuring the secure and efficient running of our website. We always balance these interests with your rights and freedoms.
  • Consent: Where you have specifically agreed to receive marketing communications or special offers from Barnet Flowers.

Data Retention Policy

Barnet Flowers only retains your personal data for as long as necessary to fulfill the purposes for which it was collected. We adhere to the following retention guidelines:

  • Order and Transaction Data: Retained for a period of seven years to satisfy accounting, tax, and auditing requirements.
  • Communication Records: Maintained for up to two years from the date of your last interaction with us.
  • Marketing Preferences: Held only while we have your consent, or until you opt out of communications.
  • Technical Data: Retained for a maximum of two years for analytical purposes.

After these periods, your personal data is securely deleted or anonymised so it is no longer identifiable.

Use of Data Processors

To operate effectively, Barnet Flowers engages selected third-party service providers (processors) who process your data on our behalf. These may include:

  • Payment service providers for secure processing of your payment.
  • Delivery agents and couriers to ensure your flowers reach the intended recipient.
  • IT and web hosting companies for maintaining the security and functionality of our website and systems.

We only use reputable processors who meet GDPR compliance requirements and we ensure they are contractually bound to protect your data and process it solely for the instructed purposes.

How We Protect Your Data

Barnet Flowers implements appropriate technical and organisational security measures to safeguard your personal information. This includes:

  • Secure socket layer (SSL) encryption on our website.
  • Regular security audits of our systems.
  • Training staff on data privacy and protection.
  • Strict internal access controls to ensure only authorised personnel can handle personal data.

Your Rights Under GDPR

As a customer of Barnet Flowers in Barnet and surrounding districts, you have the following rights regarding your personal data:

  • Access: You may request access to the personal data we hold about you.
  • Rectification: You can correct any inaccurate or incomplete information.
  • Erasure: You may request the deletion of your data where there is no valid reason for us to continue processing it.
  • Restriction: You have the right to request restriction of processing in certain circumstances.
  • Data Portability: You can request a copy of your data in a commonly used format.
  • Objection: You have the right to object to certain types of processing, such as direct marketing.
  • Withdrawal of Consent: If we process data based on your consent, you can withdraw it at any time.

To exercise any of these rights, you may contact us using the methods on our website or in writing. Upon verifying your identity, we will respond to your request within one month, in line with GDPR obligations.

Policy Applicability and Updates

This Privacy Policy applies to all customers ordering from Barnet Flowers within Barnet and the surrounding districts. It covers both our website and offline order processes. We may update this policy from time to time to reflect changes in the law, our services, or privacy best practices. Significant changes will be notified on our website. We recommend reviewing this policy regularly to stay informed about how your information is protected.

Contact and Complaints

If you have any questions or concerns about this Privacy Policy or how Barnet Flowers processes your personal data, please use the contact methods provided on our website. If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO).

Barnet Flowers – Committed to protecting your privacy with every order.