Millwall Florist Privacy Policy Statement

Introduction

This Privacy Policy explains how Millwall Florist collects, uses, retains, and protects your personal data, in accordance with the General Data Protection Regulation (GDPR). It applies to all customers placing orders with Millwall Florist within Millwall and the surrounding districts. By using our services and placing orders, you acknowledge and agree to the practices outlined in this policy.

What Personal Data We Collect

Millwall Florist collects certain information to provide you with our floral products and related services. The types of personal data we collect include:

  • Identification Data: Name, title, and contact details (such as address, location, phone number, if provided by you), and recipient details for delivery.
  • Order Information: Product selections, payment method details (we do not store full card numbers or security codes), delivery instructions, and order history.
  • Correspondence: Email communications, queries, complaints, or feedback you provide to us.
  • Technical Data: IP address, browser type, and cookies (only where necessary for site operation and functionality).

Lawful Bases for Processing Your Data

We only process your personal data when we have a valid legal basis to do so. The lawful grounds we rely on include:

  • Contractual Necessity: To process your order and provide you with our products and delivery services.
  • Legal Obligation: To comply with any applicable laws and accounting requirements.
  • Legitimate Interests: To improve our service, handle customer care, respond to contact, or send follow-up communications relevant to your order (excluding direct marketing without consent).
  • Consent: For marketing communications, where applicable, which you can withdraw at any time.

How We Use Your Information

Millwall Florist uses your data for the following purposes:

  • To process and fulfill your floral orders, including delivery to the intended recipient.
  • To communicate order confirmations, status updates, or respond to requests or queries.
  • To maintain our financial records for accounting and legal compliance.
  • To improve our products and customer experience.
  • To investigate and prevent potential fraud or misuse of our services.

How Long We Retain Your Data

We retain personal data only for as long as necessary for the purposes it was collected, including satisfying any legal, accounting, or reporting obligations. Generally:

  • Order and Delivery Data: Retained for up to 7 years to comply with tax and contractual requirements.
  • Customer Service Correspondence: Retained for up to 3 years after completion of the query or complaint.
  • Marketing Data: Retained until you unsubscribe or withdraw consent.

After these retention periods, data will be deleted or anonymised except where legal obligations require further retention.

Sharing Your Data and Use of Processors

To fulfill our services, we may share your data with selected third parties and processors who support our operations, including:

  • Payment processors for securely handling payments.
  • Delivery companies and couriers for fulfilling deliveries.
  • IT and system support providers who ensure functionality and security of our website and order processing systems.

All external processors are contractually committed to handling your data securely, only in accordance with our instructions, and not for their own purposes.

We do not sell your data or transfer it outside the United Kingdom or European Economic Area without appropriate safeguards.

Your Rights Under GDPR

As a customer, you have several rights concerning your personal data, including:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right of Rectification: Request correction of any inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your data in certain circumstances.
  • Right to Restrict Processing: Ask us to suspend processing of your data under certain conditions.
  • Right to Data Portability: Receive your data in a structured, commonly-used, machine-readable format.
  • Right to Object: Object to processing based on our legitimate interests (including profiling), or to direct marketing at any time.
  • Right to Withdraw Consent: Where processing relies on your consent, you may withdraw this at any time.

To exercise these rights, please contact us through our published contact channels. We will respond to your request in line with legal deadlines and requirements. You may also have the right to lodge a complaint with a supervisory authority if you are dissatisfied with how your data has been handled.

Data Security

We implement appropriate technical and organisational measures to protect your data against loss, misuse, or unauthorised access. This includes secure storage practices, restricted access, and regular review of our data-handling procedures. Where we use third-party processors, we ensure they have equivalent security standards.

Policy Updates

This Privacy Policy may be updated occasionally in accordance with changes to our processes or legal requirements. The latest version will always be available for review prior to placing your order. We encourage customers to review the policy periodically.

Contact and Concerns

If you have questions or concerns about this Privacy Policy or how your personal data is processed by Millwall Florist, please contact us using the details published on our website or official correspondence channels. We are committed to addressing your concerns and ensuring your data privacy rights are respected.

Scope of the Policy

This Privacy Policy applies exclusively to customers placing orders with Millwall Florist within Millwall and surrounding districts, including all related communications, transactions, and deliveries.