Information We Collect

When you reach out to us for corporate flower arrangements or gift services, we gather details you willingly share. This includes your name, business name, email address, phone number, delivery addresses, and specific floral requirements. We also collect payment details when you place orders, though these are handled securely by our payment partners.

For our corporate clients, we may also gather additional business details such as company registration information, preferred delivery schedules, and budget expectations. This enables us to deliver a tailored service that fits your business needs.

Our website automatically collects certain technical data when you visit. This includes your IP address, browser type, device information, and how you navigate our site. We use this data to improve site performance and to understand how clients discover our services.

How We Use Your Information

We mainly use your personal information to fulfill flower orders and deliver excellent customer service. This includes processing orders, arranging deliveries, sending order confirmations, and following up to ensure your satisfaction.

• Processing and fulfilling your flower orders and gift arrangements
• Communicating with you about order status and delivery schedules
• Providing customer support and responding to your inquiries
• Improving our services based on your feedback and preferences
• Sending relevant updates about our services (with your consent)
• Maintaining records for business and legal compliance purposes

We also use aggregated, non-personal information to understand market trends and improve our operations. For instance, we might analyze which types of arrangements are most popular during different seasons to better plan our inventory.

With your explicit consent, we may send information about seasonal offerings, special promotions, or new services that could be of interest to your business. You can opt out of these communications at any time by using the unsubscribe link in our emails or contacting us directly.

Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. Your data remains within our business ecosystem and is shared only when necessary to provide our services or to comply with legal obligations.

We collaborate with trusted service providers who assist us in delivering our services. This includes payment processors, delivery partners, and flower suppliers. These partners are contractually obligated to protect your information and use it solely for the services they offer to us.

We may disclose your information when required by United Kingdom law, court orders, or government regulations. This includes compliance with GST regulations, business licensing requirements, and other legal duties applicable to our operations in London and across United Kingdom.

Data Security and Protection

We take data security seriously and implement multiple layers of protection. Our systems use encryption for sensitive data transmission, secure servers for data storage, and regular security updates to guard against threats.

Physical security measures protect our office systems, and access to personal information is limited to employees who need it for their tasks. Our team receives ongoing training on privacy practices and data handling procedures.

Payment information is processed through secure, encrypted systems that meet industry standards. We do not store full credit card numbers on our systems—this data is handled by certified payment processors who specialize in secure financial transactions.

While we implement strong security measures, no system is completely risk-free. We continuously monitor and update our security practices to address evolving threats and maintain the highest protection standards possible.

Your Rights and Choices

You have several rights regarding your personal information. You can request to view what we hold about you, ask us to correct inaccurate information, or request deletion of your data when legally permissible.

• Access your personal information and understand how we use it
• Request corrections to inaccurate or outdated information
• Ask us to delete your personal information (subject to business and legal requirements)
• Opt out of marketing communications while continuing to receive service-related messages
• Request information about how your data has been shared
• File complaints about our privacy practices

We keep your information only as long as needed for business purposes and legal requirements. Order records are typically retained for accounting and warranty purposes, while marketing preferences are retained until you request their removal.

When we no longer require your information, we securely delete or anonymize it. Some data may be retained longer if required by United Kingdom business laws or for legitimate business interests like preventing fraud.

Cookies and Website Technology

Our website uses cookies to enhance your browsing experience and to assist us in understanding how visitors use our site. Cookies are small files stored on your device that remember preferences and enable certain features.

Essential cookies are necessary for our website to function properly—they enable basic features like navigation and access to secure areas. These cookies do not collect personally identifiable information and are automatically enabled when you use our site.

We use analytics cookies to understand how visitors interact with our site. This helps us identify popular content, optimize page performance, and improve user experience. This information is collected in aggregate form and does not identify individual users.

You can control cookie settings through your browser preferences. However, disabling certain cookies may affect some site features and your overall browsing experience.

Business Transfers and Changes

If GrovePaperPavilion undergoes major business changes such as mergers, acquisitions, or asset sales, your personal information may be transferred as part of the transaction. We would notify you of any such changes and ensure that your data remains protected under privacy standards consistent with this policy.

In the unlikely event we cease operations, we would ensure that your personal information is either securely transferred to a successor business (with appropriate privacy protections) or securely deleted in line with data protection best practices.

Updates to This Privacy Policy

We may periodically update this privacy policy to reflect changes in our practices, services, or legal requirements. When material changes occur, we will notify you by email or by posting a notice on our website before the changes take effect.

Minor updates for clarity or administrative adjustments may occur without prior notice. We encourage you to review this policy from time to time to stay informed about how we protect your privacy.

Children's Privacy

Our services are designed for businesses and adult consumers. We do not knowingly collect personal information from individuals under 18. If we become aware that we have collected information from someone under 18, we will promptly delete that data from our systems.

Parents or guardians who believe we may have collected information from their child can contact us using the details below, and we will address the matter promptly.

International Data Considerations

Our main operations are based in United Kingdom, and data is stored and processed within United Kingdom's jurisdiction. However, some of our service providers may process data internationally. When this happens, we ensure appropriate safeguards to protect your information in line with applicable privacy laws.

We comply with United Kingdom data protection laws and regulations, including those related to business operations, financial transactions, and handling customer data. Our practices align with evolving privacy standards in United Kingdom's digital economy.