Privacy Policy for Kings Cross Florist
Introduction
Your privacy and the protection of your personal information are important to Kings Cross Florist. This Privacy Policy explains what personal data we collect from customers placing orders with Kings Cross Florist in Kings Cross and its surrounding districts, how we use that data, the lawful basis for processing, our data retention practices, details of data processors, and your rights regarding your personal information under the General Data Protection Regulation (GDPR).
Scope of This Policy
This Privacy Policy applies to anyone placing an order with Kings Cross Florist, whether online, over the phone, or in person. It covers customers located within Kings Cross and the surrounding districts whom we serve directly.
What Personal Data We Collect
To provide our services, we collect and process the following categories of personal data:
- Contact Information: Your name, delivery address, billing address, and other relevant addresses you provide for delivery or invoicing purposes.
- Order Information: Details of the products or services you order, special instructions for the order, and any gift messages included.
- Recipient Information: Name, delivery address, and contact details of the person receiving flowers or gifts.
- Payment Information: Transaction details relevant to your purchase. Please note that Kings Cross Florist does not store full banking or card details; payments are processed via third-party payment processors who adhere to strict security standards.
- Communication Data: Records of correspondence, feedback, and any other communication with Kings Cross Florist.
Lawful Basis for Processing Personal Data
Kings Cross Florist processes your personal data in accordance with the following lawful bases as defined by the GDPR:
- Contractual Necessity: Processing your data is essential to perform our contract with you, including taking and fulfilling orders, addressing queries, and providing customer support.
- Legal Obligations: We may process your data as required by law, such as for tax or regulatory compliance.
- Legitimate Interests: We may process data to improve our services, enhance the customer experience, protect our business from fraud, or resolve customer disputes. In these cases, we ensure that our interests do not override your rights and freedoms.
- Consent: Where you have provided specific consent (for example, receiving marketing communications), you may withdraw consent at any time.
Data Retention
Your personal data will not be retained for longer than is necessary to fulfill the purposes outlined in this Policy or as required by applicable law. Generally, order and contact information is held for a period of up to seven years for accounting and legal purposes. After this retention period, your personal information will be securely deleted or anonymised so you can no longer be identified from it.
Data Processors and Data Sharing
Kings Cross Florist works with selected third-party data processors who perform services on our behalf. These processors may include payment gateways, order management and delivery partners, and secure IT service providers. All processors are thoroughly vetted and operate under strict contractual obligations to protect your personal data in line with GDPR requirements.
We do not sell or rent your personal information to any third parties. Personal data is shared only as necessary:
- With Service Providers: This includes payment processors, delivery companies, and technical support providers that need the information to execute specific business functions.
- With Legal Authorities: Where required by law, your data may be shared with regulatory or law enforcement organizations.
International Data Transfers
Generally, your personal data is stored and processed within the United Kingdom and the European Economic Area. Should your data need to be transferred outside the EEA, we ensure all necessary safeguards and contractual commitments (such as Standard Contractual Clauses) are in place to guarantee adequate protection of your data.
Your Rights Under GDPR
As a customer whose data is processed by Kings Cross Florist, you have the following rights:
- Right of Access: You can request a copy of your personal data processed by Kings Cross Florist.
- Right to Rectification: You can correct or update inaccurate or incomplete information about you.
- Right to Erasure (Right to be Forgotten): You can ask us to delete your personal data when it is no longer necessary for the purposes for which it was collected, or you withdraw your consent.
- Right to Restriction: You may request that we restrict processing of your data in certain circumstances.
- Right to Data Portability: You may request a copy of your data in a structured, commonly used format for transfer to another provider.
- Right to Object: You may object to processing where we rely on legitimate interests or direct marketing as our basis for processing.
- Right to Withdraw Consent: Where processing is based on your consent, you may withdraw this at any time.
If you wish to exercise any of these rights, you may contact us using the details provided at the end of this Policy.
How We Protect Your Data
Kings Cross Florist is committed to maintaining the security and confidentiality of your personal information. We put in place technical and organizational measures including secure servers, encryption, staff training, and regular policy reviews to prevent unauthorized access, loss, or misuse of your data.
Changes to This Privacy Policy
From time to time, we may update this Privacy Policy to reflect changes in our data processing practices or legal requirements. Updated versions will be made available to you, and significant changes will be brought to your attention where appropriate.
Contacting Kings Cross Florist
If you have any questions about this Privacy Policy, your personal data, or how to exercise your GDPR rights, please contact us using the details provided on our website. We are committed to responding to your queries and upholding your privacy rights.
