My Lady Garden Flowers

Legal

Privacy Policy

Last updated: 28 May 2026

1. Introduction

My Lady Garden Flowers (“we”, “our”, “us”) is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your personal data when you visit our website or place an order.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. For any questions about this policy, contact us at hello@myladygardenflowers.com.

2. What Data We Collect

We may collect the following types of personal data:

  • Contact information — your name, email address, phone number, and delivery address when you place an order or enquire.
  • Order details — the products you order, delivery preferences, and any custom messages.
  • Payment information — we do not store your payment card details. Payments are processed securely by our third-party payment processor.
  • Website usage — anonymised analytics data including pages visited, time on site, and referring source (via Plausible Analytics, which does not use cookies or track individuals).
  • Communication data — records of emails, contact form submissions, and any other correspondence.

3. How We Use Your Data

We use your personal data for the following purposes:

  • To process and fulfil your flower orders.
  • To communicate with you about your order, delivery, and any issues.
  • To respond to your enquiries and provide customer support.
  • To send you order confirmations and delivery updates.
  • To improve our website and services through anonymised analytics.
  • To comply with legal obligations (tax records, fraud prevention).

We will never sell, rent, or share your personal data with third parties for marketing purposes.

4. Legal Basis for Processing

Under UK GDPR, we process your data on the following lawful bases:

  • Contract — processing necessary to fulfil your order.
  • Legitimate interest — responding to enquiries, improving our services.
  • Consent — where you have explicitly agreed (e.g., optional email newsletter).
  • Legal obligation — retaining records for HMRC and legal compliance.

5. Data Retention

We retain your personal data only for as long as necessary:

  • Order records: 7 years (HMRC requirement).
  • Enquiry emails: 2 years from last correspondence.
  • Newsletter subscriptions: until you unsubscribe.
  • Website analytics: 26 months (anonymised).

6. Your Rights

Under UK data protection law, you have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — ask us to correct any inaccurate data.
  • Erasure — request deletion of your personal data (where legally permissible).
  • Restriction — request we limit how we process your data.
  • Portability — receive your data in a structured, machine-readable format.
  • Objection — object to processing based on legitimate interests.

To exercise any of these rights, email hello@myladygardenflowers.com. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

7. Cookies

Our website uses minimal cookies. We do not use advertising trackers, social media pixels, or third-party analytics cookies. See our Cookie Policy for full details.

8. Third-Party Services

We use the following trusted third parties to operate our service:

  • Payment processor — for secure card transactions (PCI-DSS compliant).
  • Plausible Analytics — privacy-friendly, cookie-free website analytics.
  • Email provider — for delivering order confirmations and (optional) newsletters.

9. Changes to This Policy

We may update this policy from time to time. The latest version will always be available on this page. Significant changes will be highlighted on our website.

10. Contact

For privacy-related enquiries, contact our Data Protection Officer:

Email: hello@myladygardenflowers.com
Address: My Lady Garden Flowers, London, UK