Privacy Policy

Last updated: Loading date...

1. Information We Collect

We gather information that helps us cultivate a personalized experience and efficiently deliver our floral services. This information falls into several categories:

1.1 Personal Information

When you place an order, create an account, or submit a contact form, we may collect:

• Name and contact details (email address, phone number, delivery address)
• Payment information (processed securely through our payment processors)
• Delivery preferences and special instructions
• Gift message content (for gift orders)

1.2 Technical Information

Our digital garden automatically collects certain information when you visit:

• IP address and device information
• Browser type and settings
• Operating system
• Pages visited and interaction patterns
• Referring websites or sources

1.3 Communications

We retain records of our correspondence including:

• Email communications
• Live chat logs
• Customer service interactions
• Feedback and survey responses

2. How We Use Your Information

We use your information with the same care and intention we bring to our floral arrangements, ensuring each purpose is necessary and beneficial:

2.1 Core Service Delivery

• Processing and fulfilling your floral orders
• Managing accounts and maintaining customer records
• Providing customer support and addressing inquiries
• Facilitating deliveries and coordinating with our delivery partners

2.2 Experience Enhancement

• Personalizing your shopping experience based on preferences and past purchases
• Remembering your selections for a smoother journey through our digital garden
• Analyzing website performance and user patterns to improve our interface
• Developing new products and services aligned with customer interests

2.3 Communications

• Sending transactional emails about your orders
• Providing order updates and delivery confirmations
• Sharing newsletters and promotional content (with your consent)
• Requesting feedback to improve our botanical offerings

3. Legal Basis for Processing

We process your personal data in accordance with the UK GDPR and applicable data protection laws, relying on the following legal bases:

• Contractual Necessity: Processing necessary to fulfill our contractual obligations when you place an order for floral arrangements or services.
• Legitimate Interests: Processing that serves our legitimate business interests while respecting your rights and preferences.
• Consent: Processing based on your freely given, specific, informed, and unambiguous consent, such as for marketing communications.
• Legal Obligation: Processing required to comply with legal obligations, such as maintaining business records for tax purposes.

4. Data Sharing and Third Parties

We share your information with the care and discretion of a skilled florist selecting premium blooms, ensuring data is only shared when necessary and with appropriate safeguards:

4.1 Service Providers

We work with trusted partners who help us deliver our services:

• Payment processors for secure transaction handling
• Delivery services to fulfill your floral orders
• Email service providers for communications
• Cloud storage and hosting providers
• Analytics providers to help improve our website

4.2 Legal Requirements

We may disclose your information when legally required:

• In response to lawful requests by public authorities
• To comply with legal obligations or court orders
• To protect our rights, property, or safety
• In connection with the sale or transfer of business assets

5. Data Security

We implement comprehensive security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction:

• Encryption: We use SSL/TLS encryption to protect data transmitted through our website.
• Access Controls: We restrict access to personal information to authorized personnel only.
• Regular Audits: We conduct security assessments and vulnerability scans.
• Secure Infrastructure: We utilize secure servers and storage systems with appropriate safeguards.
• Staff Training: Our team is trained in data protection practices and responsibilities.

While we implement these protective measures, no system can guarantee 100% security. We continuously evaluate and enhance our security protocols to adapt to evolving threats and technologies.

6. Your Rights

Under data protection laws, you have significant rights regarding your personal information:

• Right to Access: You can request copies of your personal data we hold.
• Right to Rectification: You can ask us to correct inaccurate or incomplete information.
• Right to Erasure: In certain circumstances, you can ask us to delete your data.
• Right to Restriction: You can request we limit how we use your data.
• Right to Data Portability: You can request a copy of your data in a machine-readable format.
• Right to Object: You can object to our processing, particularly for marketing.
• Rights Related to Automated Decision-making: You have rights regarding automated decision-making and profiling.

To exercise these rights, please contact us at info@chrexphim.world. We will respond to your request within one month.

7. Cookies and Tracking

Our website uses cookies and similar technologies to enhance your browsing experience:

7.1 Types of Cookies

• Essential Cookies: Required for website functionality.
• Preference Cookies: Remember your settings and preferences.
• Analytics Cookies: Help us understand how visitors interact with our site.
• Marketing Cookies: Used to deliver relevant advertisements and track their effectiveness.

7.2 Managing Cookies

You can control cookie preferences through:

• Our cookie consent banner when you first visit the site
• Your browser settings to refuse or delete cookies
• Individual opt-out mechanisms provided by analytics and advertising services

For detailed information about the specific cookies we use and how to manage them, please see our Cookies Policy.

8. International Data Transfers

As a UK-based floral boutique, we primarily process data within the United Kingdom. However, some of our service providers may process data internationally. When transferring data outside the UK or European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the UK or European Commission
• Adequacy decisions recognizing equivalent data protection standards
• Binding corporate rules for transfers within a corporate group
• Derogations for specific situations as permitted by law

9. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, please contact us, and we will promptly delete the information.

10. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting a prominent notice on our website or sending you a direct communication. We encourage you to review this policy regularly to stay informed about how we protect your information.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Chrexphim
9 Willow Close
Bristol BS8 1HB
United Kingdom

Email: info@chrexphim.world
Phone: +44 117 965 3021

We are committed to addressing your inquiries and resolving any concerns about our data practices in a timely and transparent manner.

12. Data Protection Authority

If you are concerned about how we handle your personal data and are unsatisfied with our response to your concerns, you have the right to complain to the Information Commissioner's Office (ICO), the UK's data protection authority:

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF
United Kingdom