For the purposes of this policy, Flowers Inc. defines the term “User” as an entity with which Flowers Inc. has an established relationship and the term “Visitor” and “you” or “your” to refer to an individual that visits our Site,contacts us, places an order with us or makes a purchase from us whether through our Site, by phone, in person or otherwise, and we refer to any such visit, contact, order placement or purchase as a “Visit”.
Any Personal Information stored with Flowers Inc. is treated as confidential. All Personal Information is stored securely and is accessed by authorized personnel only. Flowers Inc. implements and maintains appropriate technical, security and organisational measures to protect Personal Information against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure.
1. HOW WE COLLECT YOUR INFORMATION
- We collect your Personal information when you interact with us or when you Visit us.
- We collect information:
- when you create an account with us or place an order through the Site;
- when you place an order with us and during the order process (including for payment and order delivery);
- when you contact us directly via email, phone, post, or via walk in; and
- when you browse and use our Site (before and after you create an account with us).
2. INFORMATION THAT WE COLLECT FROM YOU
- As part of our commitment to the privacy of our customers and Visitors to our Site more generally, we want to be clear about the sorts of information we will collect from you.
- When you Visitus, you are asked to provide information about yourself including your name, billing address, recipient name, recipient shipping address, email address, phone number and payment information such as credit or debit card information.
- We may also collect information about your usage of the Site and information about you when you contact us or provide us with feedback, including via e-mail, letter or phone.
- We may collect technical information from your mobile device or computer, such as its operating system, the device and connection type and the IP address from which you are accessing our Site.
3. USE OF YOUR INFORMATION
- We will only process the data we collect about you if there is a reason for doing so, and if that reason is permitted under data protection law. We will have a lawful basis for processing your Personal information: if we need to process your Personal information in order to provide you with the service you have requested or to enter into a contract; we have your consent; we have a justifiable reason for processing your data; or we are under a legal obligation to do so.
- Where we need to in order to provide you with the service you have requested or to enter into a contract, we use your information:
We also process your data where we have a justifiable reason for doing so— for example personalisation of our service, including processing data to make it easier and faster for you to place orders. Where we are under a legal obligation to do so we may use your information to:
- to enable us to provide you with access to the relevant parts of the Site;
- to supply the goods you have requested;
- to enable us to collect payment from you; and
- to contact you where necessary concerning our goods or services, such as to resolve issues you may have with your order.
- create a record of your order(s);
- comply with any legal obligation or regulatory requirement to which we are subject.
5. RETENTION OF YOUR INFORMATION
- We will not retain your information for any longer than we think is necessary.
- Information that we collect will be retained for as long as needed to fulfil the purposes outlined in the ‘Use of my information’ section above, in line with our legitimate interest or for a period specifically required by applicable regulations or laws, such as retaining the information for regulatory reporting purposes.
- When determining the relevant retention periods, we will consider factors including:
Otherwise, we securely erase your information regularly where we no longer require your information for the purposes collected.
- our contractual obligations and rights in relation to the information involved;
- legal obligation(s) under applicable law to retain data for a certain period of time;
- statute of limitations under applicable law(s);
- (potential) disputes; and
- guidelines issued by relevant data protection authorities.
6. DISCLOSURE OF YOUR INFORMATION
- The information we collect about you will be transferred to and stored on our servers or on premises located within the EU. We are very careful and transparent about who else your information is shared with.
- Sharing your information with third parties, including any delivery providers we may have contractual agreements with.
- We may also share your information:
- if we are under a duty to disclose or share your information in order to comply with (and/or where we believe we are under a duty to comply with) any legal obligation or regulatory requirement. This includes exchanging information with other companies and other organisations for the purposes of fraud protection and prevention;
- in order to enforce our contractual terms with you and any other agreement;
- with such third parties as we reasonably consider necessary in order to prevent crime, e.g. the police.
- We adopt robust technologies and policies to ensure the Personal information we hold about you is suitably protected.
- We take steps to protect your information from unauthorised access and against unlawful processing, accidental loss, destruction and damage.
- Where you have chosen a password that allows you to access certain parts of the Site, you are responsible for keeping this password confidential. We advise you not to share your password with anyone.
- Unfortunately, the transmission of information via the internet is not completely secure. Although we will take steps to protect your information, we cannot guarantee the security of your data transmitted to the Sites; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security to try to prevent unauthorised access.
8. YOUR RIGHTS
- Under data protection law, you may have a number of rights concerning the data we hold about you. If you wish to exercise any of these rights, please contact our Data Protection Officer using the contact details set out above. For additional information on your rights please contact your data protection authority and see below.
- The right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this policy.
- The right of access. You have the right to obtain access to your information (if we’re processing it). This will enable you, for example, to check that we’re using your information in accordance with data protection law. If you wish to access the information we hold about you in this way, please get in touch (see Contact Details).
- The right to rectification. You are entitled to have your information corrected if it is inaccurate or incomplete. You can request that we rectify any errors in information that we hold by contacting us (see Contact Details).
- The right to erasure. This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of certain of the information that we hold about you by contacting us (see Contact Details).
- The right to restrict processing. You have rights to 'block' or 'suppress' further use of your information. When processing is restricted, we can still store your information, but will not use it further.
- The right to data portability. You have the right to obtain your Personal information in an accessible and transferrable format so that you can re-use it for your own purposes across different service providers. This is not a general right however and there are exceptions. To learn more please get in touch (see Contact Details).
- The right to lodge a complaint. You have the right to lodge a complaint about the way we handle or process your information with the national data protection authority.
- The right to withdraw consent. If you have given your consent to anything we do with your information (i.e. we rely on consent as a legal basis for processing your information), you have the right to withdraw that consent at any time. You can do this by contacting us (see Contact Details). Withdrawing consent will not however make unlawful our use of your information while consent had been apparent.
- The right to object to processing. You have the right to object to certain types of processing, including processing for direct marketing and profiling. You can object by contacting us (see Contact Details).
10. CONTACT DETAILS
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at firstname.lastname@example.org by mail using the details provided below:
Registered Office and Shop: 138
London, LND, SW7 4SF,
Registered in England under Company Number 02849050 (Demirose Limited, trading as Flowers Inc.)