Aldgate Flowers Privacy Policy: Protecting Your Information

Introduction to Our Privacy Policy

This Privacy Policy outlines how Aldgate Flowers collects, uses, stores, and protects your personal information in compliance with the General Data Protection Regulation (GDPR). The policy applies to all customers who place orders with Aldgate Flowers in Aldgate and the surrounding districts. We are committed to upholding your privacy and ensuring the transparency and security of your personal data at every stage of our service.

What Personal Data We Collect

When you place an order with Aldgate Flowers, we collect and process a range of personal data that you provide to us or that is generated as part of your transaction. The data we may collect includes:

  • Identification Data: Name and surname
  • Contact Details: Delivery address, billing address, telephone number
  • Email Address: For order confirmations and communication
  • Order Details: Products ordered, preferences, special instructions
  • Payment Information: Transaction details (note: payment card details are only processed through secure payment providers and are not stored by us)
  • Correspondence: Records of your communications with us, including queries, complaints, or feedback

We do not collect or process sensitive personal data (such as health, religious, or biometric data) unless required to fulfill a specific request and with your explicit consent.

Lawful Basis for Processing Your Data

Under the GDPR, Aldgate Flowers processes personal data only where we have a lawful basis to do so. The primary purposes and bases for our data processing are:

  • Performance of a Contract: We require your personal data in order to fulfill your order, deliver flowers, process payment, and provide customer service.
  • Legal Obligation: We may need to process and retain certain information to comply with legal and tax requirements.
  • Legitimate Interests: To improve our services, respond to feedback, prevent fraud, and ensure the security of our systems, we may process certain data on the basis of our legitimate business interests, provided these are not overridden by your rights and freedoms.
  • Consent: Where required, for example for marketing communications, we will seek your explicit consent, which you may withdraw at any time.

How We Use Your Personal Data

We use your personal data solely for the purposes for which it was collected, including:

  • Processing and fulfilling your flower orders
  • Communicating order confirmations and delivery updates
  • Responding to your inquiries or feedback
  • Improving the quality of our products and services
  • Complying with legal obligations and resolving disputes
  • Sending you offers or updates with your consent

Data Retention Periods

We retain your personal data for only as long as necessary to fulfill the purposes for which it was collected, or as required by law. Typically, this means:

  • Order and transaction data is retained for a minimum of six years to comply with financial and legal requirements
  • Customer account information is retained while your account remains active or as long as needed to provide customer service support
  • Records of correspondence and feedback are kept for up to two years following your last interaction
  • Marketing consents are reviewed regularly, and you can request removal at any time

When retention is no longer necessary, your data is securely deleted or anonymized.

Sharing and Transfer of Personal Data

We only share your personal data with trusted third-party service providers (data processors) who perform services on our behalf, including payment processing, IT hosting, and delivery logistics. These providers are contractually bound to safeguard your data and are only permitted to use it as instructed by Aldgate Flowers.

We do not sell, rent, or trade your personal data to any third parties for their own marketing purposes.

Your data is stored within the United Kingdom or the European Economic Area (EEA). If data transfers outside these areas are necessary, we ensure appropriate safeguards are in place as required by GDPR.

Your Rights Under GDPR

As a customer, you have a range of rights under the GDPR in relation to your personal data:

  • Right of Access: You may request access to your personal data and information about how it is processed.
  • Right to Rectification: You can request corrections to any inaccurate or incomplete data.
  • Right to Erasure: You may ask for your data to be deleted ("right to be forgotten") under certain circumstances.
  • Right to Restrict Processing: You may request that we restrict the processing of your data in specific situations.
  • Right to Data Portability: You have the right to request a copy of your data in a structured, commonly-used format.
  • Right to Object: You can object to the processing of your personal data based on legitimate interests or for direct marketing.
  • Right to Withdraw Consent: Where processing is based on your consent, you can withdraw your consent at any time.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with the data protection authority if you believe your rights are not being respected.

Data Security

We employ robust technical and organizational measures to safeguard your personal data against unauthorized access, loss, alteration, or disclosure. We regularly review our security practices, train staff in data protection, and ensure that data processors adhere to strict confidentiality agreements.

Updates to this Privacy Policy

From time to time, we may update this Privacy Policy to reflect changes in our practices, legal obligations, or to improve clarity. We encourage you to review the policy periodically, as any significant updates will be communicated where appropriate.

Contacting Aldgate Flowers About Your Privacy

If you have any questions or concerns about this Privacy Policy or how your personal data is handled, you can contact us using the contact information provided on our website. We are committed to responding promptly and transparently to all privacy-related inquiries.