Velvet Vine | Bespoke Floral Design & Workshops in Chelsea, London

Velvet Vine Privacy Policy

Welcome to Velvet Vine. We are committed to protecting your privacy and handling your personal data in an open and transparent manner. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you interact with our online platform, purchase our products, or engage with our services.

1. Who We Are

Velvet Vine is a retail floristry and floral design company providing bespoke floral arrangements for events, daily fresh flower deliveries, plant and botanical giftware, wedding floral services, corporate floral subscriptions, flower arranging workshops, dried flower art, floral installations, and seasonal decor. Our registered address is: 14 Regent's Court, King's Road, Unit 3A, Chelsea, London, SW3 5BQ, United Kingdom.

2. Information We Collect

We collect various types of information to provide and improve our services to you:

Personal Identifiable Information (PII): This includes your name, delivery address, billing address, email address, phone number, and payment information (processed securely via third-party payment processors). We collect this when you place an order, register for an account, subscribe to our newsletter, reserve a workshop spot, or request information about our bespoke services.
Order and Transaction Details: Information related to your purchases, including products and services bought, date and time of transactions, and delivery preferences.
Communication Data: Records of your communications with us, including emails, online chat messages, and inquiries related to our products and services.
Marketing and Communication Preferences: Your preferences in receiving marketing from us and our third parties and your communication preferences.
Technical Data: Internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our online platform.
Usage Data: Information about how you use our online platform, products, and services.
Cookie Data: Information gathered from cookies and similar tracking technologies as detailed in our Cookie Policy.

3. How We Use Your Information

We use the collected information for various purposes, primarily to operate and improve our services, including:

To fulfil orders and deliver services: Processing your purchases, including floral arrangements, giftware, workshop bookings, and bespoke event services.
To manage your account: Administering your registration, providing customer support, and managing your preferences.
To communicate with you: Sending order confirmations, delivery updates, responses to inquiries, and information about our products, services, and promotions that may be of interest to you, based on your preferences.
For marketing purposes: To send you newsletters, special offers, and information about new products or workshops, where you have consented to receive such communications.
To improve our online platform and services: Analyzing usage data to understand user preferences, troubleshoot issues, and enhance the user experience and functionality of our online presence and offerings.
For legal compliance and security: To comply with legal obligations, prevent fraud, and ensure the security of our services and customers.

4. Legal Basis for Processing (GDPR)

We will only use your personal data when the law allows us to. Our legal bases for processing include:

Contractual Necessity: To fulfil a contract with you or take steps at your request before entering into a contract (e.g., processing your floral orders).
Consent: Where you have given clear consent for us to process your personal data for a specific purpose (e.g., sending marketing communications). You can withdraw your consent at any time.
Legitimate Interests: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (e.g., improving our services, preventing fraud, network security).
Legal Obligation: Where processing is necessary for compliance with a legal obligation that we are subject to (e.g., tax records).

5. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

Service Providers: Third-party vendors who provide services on our behalf, such as payment processing, delivery services, IT and system administration, data analytics, and marketing services. These providers are obligated to protect your data and only use it for the purposes we specify.
Legal and Regulatory Authorities: When required by law or in response to valid requests by public authorities (e.g., a court order or government agency).
Business Transfers: In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

We do not sell your personal data to third parties.

6. International Data Transfers

Some of our service providers may be located outside of the European Economic Area (EEA). Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.

7. Data Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

For example, by law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.

9. Your Legal Rights (GDPR)

Under certain circumstances, you have rights under data protection laws in relation to your personal data:

Request access to your personal data (commonly known as a "data subject access request").
Request correction of the personal data that we hold about you.
Request erasure of your personal data.
Object to processing of your personal data.
Request restriction of processing of your personal data.
Request transfer of your personal data to you or to a third party.
Withdraw consent at any time where we are relying on consent to process your personal data.
Right to lodge a complaint with your supervisory authority (the Information Commissioner's Office in the UK, ico.org.uk).

If you wish to exercise any of the rights set out above, please contact us at our physical address: 14 Regent's Court, King's Road, Unit 3A, Chelsea, London, SW3 5BQ, United Kingdom.

10. Third-Party Links

Our online platform may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our online platform, we encourage you to read the privacy policy of every website you visit.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any significant changes by posting the new Privacy Policy on our online platform and updating the "last updated" date.

12. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Velvet Vine

14 Regent's Court,

King's Road, Unit 3A,

Chelsea, London, SW3 5BQ,

United Kingdom.