top of page

Privacy Policy

Blooms by Beam

Last updated: [September 2025]

 

Introduction

Welcome to Blooms by Beam (“we,” “our,” “us”) respect your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, and safeguard your information when you visit www.bloomsbybeam.com, place an order, or interact with us.

Blooms by Beam is a UK-based business, and as such, we are subject to the General Data Protection Regulation (GDPR). For the purpose of the GDPR, the data controller is Blooms By Beam, and you can contact us at hello@bloomsbybeam.com.

The Information We Collect

We collect and process the following types of personal data:

  • Identity and Contact Data: This includes your name, billing address, shipping address, email address, and telephone number. We collect this when you make a purchase, create an account, or contact us.

  • Transaction Data: This includes details about payments to and from you and other details of products you have purchased from us. Note: We do not store your credit card details. Payment is processed by a third-party provider like [e.g., Wix Payments, PayPal, Apple Pay, Google Pay].

  • Technical Data: This includes your IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.

  • Usage Data: This includes information about how you use our website, products, and services.

  • Marketing and Communications Data: This includes your preferences in receiving marketing from us and our third parties and your communication preferences.

 

How We Collect Your Information

We collect data through the following methods:

  • Direct interactions: You may give us your Identity, Contact, and Financial Data by filling in forms or by corresponding with us by post, phone, email, or otherwise. This includes personal data you provide when you:

    • purchase our products;

    • create an account on our website;

    • subscribe to our newsletter;

    • request marketing to be sent to you;

    • enter a competition, promotion, or survey; or

    • give us feedback.

  • Automated technologies or interactions: As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies and other similar technologies. Please see our [Cookie Policy] for more details.

  • Third parties or publicly available sources: We may receive personal data about you from various third parties, such as analytics providers (e.g., Google Analytics) and payment service providers (e.g. Wix Payments, PayPal, Apple Pay, Google Pay).

 

How We Use Your Information

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • To process and fulfil your order, including taking payment, and delivering your products. This is necessary for the performance of a contract with you.

  • To manage your relationship with us, which includes notifying you about changes to our terms or privacy policy. This is necessary for compliance with a legal obligation.

  • To enable you to participate in a prize draw, competition, or complete a survey. This is necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business).

  • To send you marketing communications, where you have provided your consent. You have the right to withdraw this consent at any time by contacting us or clicking the unsubscribe link in the email.

  • To improve our website, products, and services based on usage data and analytics. This is necessary for our legitimate interests (to develop our business and to inform our marketing strategy).

 

Lawful Basis for Processing

Under the GDPR, we must have a lawful basis for processing your personal data. We rely on the following:

  • Performance of a contract: This is the basis for processing your data to fulfil your order and provide customer support.

  • Legitimate interests: We use this basis for purposes like improving our services, preventing fraud, and conducting analytics, as long as your interests and fundamental rights do not override those interests.

  • Consent: We rely on your consent for sending you marketing emails. You have the right to withdraw this consent at any time.

  • Compliance with a legal obligation: We may process your personal data to comply with legal or regulatory obligations, such as for tax purposes.

 

Data Sharing and Disclosure

We may need to share your personal data with third parties for the purposes set out above. These include:

  • Service Providers: Third parties who provide services to us, such as payment processing ([e.g., Wix Payments, PayPal, Apple Pay, Google Pay]) delivery services ([e.g., Royal Mail, ParcelForce]), and IT and system administration.

  • Analytics Providers: Services like Google Analytics to help us understand how people use our website.

  • Law Enforcement: We may be required to share your information with law enforcement or government authorities to comply with a legal obligation.

 

All third parties are required to respect the security of your personal data and treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

 

International Transfers

Some of our third-party service providers may be based outside the European Economic Area (EEA). If we transfer your personal data outside the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • The country has been deemed to provide an adequate level of protection for personal data by the European Commission.

  • We use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.

  • Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the EU and the US.

 

Data Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know.

 

Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Your Legal Rights (Under GDPR)

Under certain circumstances, you have the following rights in relation to your personal data:

  • The right to be informed: You have the right to be informed about how we collect and use your personal data.

  • The right of access: You have the right to request a copy of the personal data we hold about you.

  • The right to rectification: You have the right to request that we correct any inaccurate or incomplete data we hold about you.

  • The right to erasure ('right to be forgotten'): You can ask us to delete your personal data in certain situations.

  • The right to restrict processing: You have the right to ask us to suspend the processing of your personal data in certain circumstances.

  • The right to data portability: You have the right to request a copy of your personal data in a structured, commonly used, machine-readable format to transfer it to another service.

  • The right to object: You have the right to object to the processing of your personal data for direct marketing purposes.

  • The right to withdraw consent: Where we are relying on consent to process your data, you can withdraw that consent at any time.

 

To exercise any of these rights, please contact us at hello@bloomsbybeam.com We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be posted on our website. Please check back regularly to stay informed about how we are protecting your data.

Contact Us

If you have any questions about this Privacy Policy or our data protection practices, please contact us by email at hello@bloomsbybeam.com

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

bottom of page