0131 2877909
Sign In|Register
Nat's Funeral Flowers
Get Quote

Privacy Policy

How we protect and handle your personal information

Last Updated: 24 June 2025

1. Introduction

At Nat's Funeral Flowers, we understand that you are entrusting us with personal information during a difficult time. This privacy policy explains how we collect, use, and protect your information with the utmost care and respect, in accordance with UK data protection law.

Data Controller Details:

  • Business: Nat's Funeral Flowers (Sole Trader)
  • Proprietor: Natalie Gore
  • Website: http://cheltenhamfuneralflowers.co.uk/
  • Email: [privacy@natsfuneralflowers.co.uk]
  • Phone: 0131 2877909
  • Address: [Business Address], Cheltenham, Gloucestershire
  • ICO Registration: [Your ICO Registration Number if applicable]

2. Information We Collect

Customer Information:

  • Your name, address, email, and telephone number
  • Delivery addresses within Cheltenham and Gloucestershire
  • Special delivery instructions and venue contact details
  • Relationship to deceased (optional but helpful for service coordination)

Deceased Person Information:

  • Name of the deceased (not covered by UK GDPR as per Recital 27, but handled with equal care and confidentiality)
  • Funeral service details (date, time, venue)
  • Funeral director details (essential for coordination)

Order Information:

  • Flower arrangement specifications and preferences
  • Religious or cultural requirements (processed with your explicit consent as special category data)
  • Written design plans and pricing details
  • Venue-specific requirements or restrictions

Payment Information:

  • Payment card details (processed securely via Stripe - we do not store full card details)
  • Billing address and transaction references

Technical Information:

  • IP address and browser information (via Google Analytics when implemented)
  • Cookie data (see our Cookie Policy)
  • Delivery confirmation data including photos where taken

3. Legal Basis for Processing

We process your personal data under the following legal bases:

Contract Performance (Article 6(1)(b) UK GDPR):

  • Processing your order and arranging delivery
  • Communicating about your order
  • Payment processing

Legitimate Interests (Article 6(1)(f) UK GDPR):

  • Fraud prevention and security
  • Business administration and record-keeping
  • Service improvements (following careful assessment)

Consent (Article 6(1)(a) UK GDPR):

  • Marketing communications and follow-up emails
  • Processing religious/cultural preferences
  • Non-essential cookies and analytics

Legal Obligations (Article 6(1)(c) UK GDPR):

  • Financial record-keeping for tax purposes
  • Compliance with legal requests

4. Special Category Data

Religious or cultural preferences constitute special category data. We only process this information with your explicit consent for the specific purpose of ensuring your flower arrangements respect your traditions and beliefs. You may withdraw this consent at any time.

5. How We Use Your Information

Order Fulfillment:

  • Creating bespoke funeral flower arrangements
  • Coordinating delivery to funeral venues
  • Communicating about your order status

Customer Service:

  • Responding to enquiries and concerns
  • Handling any issues with arrangements
  • Maintaining service quality

Legal and Administrative:

  • Maintaining financial records
  • Preventing fraud
  • Complying with legal obligations

Marketing (Only with Consent):

  • Sending follow-up communications
  • Informing you about our services
  • Anniversary reminders (if requested)

6. Data Sharing

We share your information only as necessary:

Service Providers:

  • Stripe - for secure payment processing (Stripe Privacy Policy)
  • Delivery partners - limited to necessary delivery information
  • Google - for website analytics (planned, with your consent)

Legal Requirements:

  • Law enforcement or regulatory authorities when legally required
  • To protect our rights or safety

We never sell your personal information or share it for others' marketing purposes.

7. International Transfers

Some of our service providers (such as Stripe and Google) may process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place, including:

  • UK government adequacy decisions
  • Standard contractual clauses
  • Your explicit consent where required

8. Data Retention

We retain your information for the following periods:

  • Customer and order data: 3 years from last interaction
  • Payment records: 6 years (as required by UK tax law)
  • Marketing preferences: Until consent withdrawn or 2 years of no contact
  • Service correspondence: 3 years

After these periods, we securely delete or anonymise your data.

9. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate information
  • Erase your data ("right to be forgotten")
  • Restrict processing in certain circumstances
  • Data portability for information provided by consent or contract
  • Object to processing based on legitimate interests
  • Withdraw consent at any time (without affecting prior processing)

To exercise any of these rights, please contact us using the details above. We will respond within one month.

10. Data Security

We implement appropriate technical and organisational measures to protect your information, including:

  • Secure data encryption
  • Limited access controls
  • Regular security reviews
  • Secure disposal procedures
  • Staff training on data protection

11. Marketing Communications

Consent-Based Marketing:

We will only send marketing communications with your explicit consent, including:

  • Anniversary reminders for memorial services
  • Seasonal flower arrangement updates
  • Special offers for funeral services

Bereavement Sensitivity:

  • All communications handled with appropriate sensitivity
  • Anniversary reminders only sent if specifically requested
  • Option to pause communications during difficult periods
  • Easy opt-out available at any time

Your Control:

You can:

  • Opt out at any time via unsubscribe links in emails
  • Contact us directly to update preferences
  • Manage cookie preferences on our website
  • Request temporary communication suspension
  • Specify anniversary preferences separately from general marketing

Data Protection:

  • No sharing of bereavement-related information for marketing purposes
  • Marketing databases kept separate from operational funeral data
  • Special protection for sensitive anniversary dates

12. Children's Privacy

Our services are not directed at children under 16. If we become aware of processing children's data, we will seek parental consent or delete the information.

13. Changes to This Policy

We may update this policy to reflect changes in law or our practices. We will notify you of significant changes via our website or email (where we have your consent to do so).

14. Complaints

If you have concerns about our data processing:

  1. Please contact us first - we aim to resolve issues promptly
  2. You have the right to lodge a complaint with the Information Commissioner's Office:
  • Website: ico.org.uk
  • Phone: 0303 123 1113
  • Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

15. Contact Us

For any privacy queries or to exercise your rights:

  • Email: [privacy@natsfuneralflowers.co.uk]
  • Phone: 0131 2877909
  • Post: Data Protection, Nat's Funeral Flowers, [Address]