Florist Sipson Customer Privacy Policy

Introduction

At Florist Sipson, your privacy and data protection are very important to us. This Privacy Policy explains how we collect, use, store, and protect personal data in compliance with the General Data Protection Regulation (GDPR). Our policy applies to all customers placing orders with Florist Sipson in Sipson and surrounding districts. Please review this policy to understand your rights and our obligations when handling your information.

What Personal Data We Collect

In the course of processing flower orders and related services, Florist Sipson may collect the following categories of personal information:

  • Identity Information: Full name, title, and, if required, company name.
  • Contact Information: Delivery address, billing address, telephone number, and other contact details necessary to fulfill your order.
  • Order Information: Details of orders placed, preferences, delivery instructions, messages for recipients, and payment transaction references (not payment card details).
  • Usage Data: Browsing activity on our website, purchase history, and interactions with our services, where applicable.
  • Technical Data: IP address, browser type and version, time zone settings, and device information, collected through cookies or similar technologies where used.

Florist Sipson does not intentionally collect sensitive personal data (such as health or biometric information) unless explicitly provided for a specific order and with your consent.

Lawful Basis for Processing Personal Data

Under the GDPR, we must have a lawful basis to collect and use your personal information. The main grounds upon which we process your data are:

  • Contractual Necessity: Processing your data is essential to fulfill your flower order and deliver related products and services requested by you.
  • Legal Obligation: We are required to retain some order and transaction data to comply with tax, accounting, and other regulatory obligations.
  • Legitimate Interest: To improve our services, handle customer queries, prevent fraud, and maintain business operations, provided that our interests do not override your rights and freedoms.
  • Consent: For marketing communications or processing special categories of data, we will seek your explicit consent which you can withdraw at any time.

How We Use Your Data

Florist Sipson uses personal data only for the purposes for which it was collected or a compatible reason. These purposes include:

  • Accepting, processing, and delivering your flower and gift orders.
  • Contacting you about your order or account, including confirmations and delivery updates.
  • Improving customer service and tailoring our offerings.
  • Complying with legal and regulatory obligations.
  • Where permitted, sending you marketing communications (if you have opted in).
  • Securing our website and customer accounts against misuse or unauthorized access.

Data Retention Periods

We keep your personal data only as long as is necessary for the purposes described above, or to comply with legal, accounting, or reporting obligations. Typically, we retain customer and order data for up to 7 years from the date of your last transaction to meet legal requirements. If you have requested to receive marketing communications, your details will be retained for this purpose until you withdraw consent or unsubscribe. Data no longer necessary will be safely deleted or anonymized.

Data Processors and Third Party Access

Florist Sipson works with selected third-party service providers (data processors) to help deliver our products and services efficiently. These may include:

  • Payment processing providers (handling payment transactions securely, never storing your full payment details).
  • IT hosting, website, and technical support services.
  • Delivery couriers and logistics partners to ensure prompt fulfillment of your orders.
  • Professional advisers such as accountants or legal consultants, for compliance and audit obligations.

All processors are contractually obliged to fully comply with GDPR, only process your data as instructed by Florist Sipson, and use appropriate security safeguards. We do not sell or rent your personal data to third-party organizations for marketing purposes.

Your Rights Under GDPR

As a customer, you have important rights regarding your personal data, including:

  • Right to Access: You may request a copy of the personal data we hold about you.
  • Right to Rectification: You can ask us to correct or update any incomplete or inaccurate information.
  • Right to Erasure ("Right to be Forgotten"): You can request deletion of your data, subject to legal retention requirements.
  • Right to Restrict Processing: You can limit the use of your data under certain circumstances.
  • Right to Data Portability: You may ask for your data in a structured, machine-readable format to transfer to another provider.
  • Right to Object: You may object to processing based on legitimate interests or for marketing purposes at any time.
  • Right to Withdraw Consent: If processing is based on consent, you may withdraw your consent at any time without affecting prior processing.

To exercise any of these rights, please contact us using our website form, by post, or via the contact details provided when you placed your order.

Security of Your Information

Florist Sipson implements technical and organizational safeguards to ensure your personal data is kept secure, accurate, and confidential. This includes measures to protect against unauthorized access, data loss, or misuse. Only employees and processors with a business need will have access to your data, and all receive appropriate data privacy training.

Policy Updates

This Privacy Policy may be updated from time to time in line with changes to our practices or legal obligations. Any significant updates will be announced on our website or via direct communication, if appropriate. Please check regularly for the latest version.

Contact and Complaints

If you have any concerns or questions about our handling of your personal data, or wish to exercise your GDPR rights, please contact us using our website or by post. You also have the right to lodge a complaint with your local data protection authority if you believe your data rights have been violated.

This policy applies to all customers placing orders with Florist Sipson from Sipson and surrounding districts, and is effective as of the date published on our website.