Privacy policy

FloristFlow is operated for florists in the UK. For data protection queries contact hello@floristflow.co.uk or use our contact form.

Account data (name, email, business name), order and customer records you enter, shop content, support messages, payment metadata from Stripe, and technical logs (IP address, browser type) for security and reliability.

To provide the dashboard, shop, orders, email notifications, billing, support tickets, and to improve the product. We do not sell your customer lists to third parties.

Contract (running your account), legitimate interests (security, product improvement), and consent where required (for example marketing emails you opt into).

We use trusted providers including Supabase (database and auth), Vercel (hosting), Stripe (payments), and Resend (transactional email). Each operates under appropriate data agreements.

We keep account and order data while your subscription is active and for a reasonable period after closure for legal and accounting needs. You may request deletion subject to obligations we have to retain certain records.

You may request access, correction, deletion, restriction, or portability of your personal data, and object to certain processing. Contact us to exercise these rights.

When you use FloristFlow for shop orders, you are the data controller for your customers. You are responsible for your own privacy notices and lawful bases for processing their data.