Last updated: 15/01/2026
The Secret Garden Flowers by Caroline
Website: https://thesecretgardenfbc.co.uk/
Email: thesecretgardenfbc@gmail.com
1. Who We Are
The Secret Garden Flowers by Caroline (“we”, “us”, “our”) is a UK-based floral business.
We are the data controller for the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
If you have any questions about this Privacy Policy or how we handle your personal data, please contact:
Email: thesecretgardenfbc@gmail.com
2. What Personal Data We Collect
We collect and process the following personal data:
Information You Provide via Our Contact Form:
- First Name
- Last Name
- Email Address
- Phone Number
Information Collected When You Make a Payment:
- Name
- Email address
- Billing details
- Payment information
Payments are processed securely via Stripe. We do not store your full card details.
Automatically Collected Information:
Depending on your website hosting and analytics setup, we may collect:
- IP address
- Browser type
- Device information
- Pages visited
(If you use analytics tools such as Google Analytics, this should be stated explicitly.)
3. How We Use Your Information
We use your personal data to:
- Respond to enquiries submitted via our contact form
- Process orders and payments
- Communicate with you about your order
- Provide customer support
- Maintain business records
- Comply with legal obligations
We do not sell your personal data.
4. Legal Basis for Processing
Under UK GDPR, we rely on the following lawful bases:
- Contract – to process and fulfil your order
- Legitimate interests – to respond to enquiries and manage our business
- Legal obligation – to comply with tax and accounting requirements
- Consent – where required (for example, marketing communications)
5. Payment Processing (Stripe)
We use Stripe to process payments securely. Stripe acts as a data processor and handles your payment information in accordance with their own privacy policy:
We do not store or have access to your full card details.
6. Data Sharing
We may share your personal data with:
- Stripe (payment processing)
- Website hosting providers
- Professional advisers (e.g. accountants, legal advisers)
- Government authorities where legally required
All third parties are required to respect the security of your personal data.
7. Data Retention
We retain personal data only as long as necessary:
- Customer order information: up to 6 years (for tax purposes)
- Enquiry information: typically up to 12 months unless it becomes a customer relationship
8. Your Rights
Under UK data protection law, you have the right to:
- Access your personal data
- Request correction of inaccurate data
- Request erasure of your data
- Restrict processing
- Object to processing
- Data portability
- Withdraw consent (where processing is based on consent)
To exercise any of these rights, please email:
thesecretgardenfbc@gmail.com
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
https://ico.org.uk/
9. Data Security
We take appropriate technical and organisational measures to protect your personal data from unauthorised access, loss, misuse, or alteration.
10. Cookies
Our website may use cookies to improve user experience and analyse website traffic. You can manage cookies through your browser settings.
(If you use a cookie banner or specific analytics tools, these should be listed here.)
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Any updates will be posted on this page with a revised “Last updated” date.