Last updated: September 15, 2022
Please read this Policy carefully. This Policy is a legally binding contract between us and anyone who accesses or uses any of the Services (“you”). This Policy is incorporated into our Flowergist Terms of Service https://flowergist.com/terms-of-service (“Terms”). In the event of a conflict between this Policy and the Terms, the Terms will control.
If you do not want us to collect, use or share your Personal Information in the ways described in this Policy, please do not use the Services. By using the Services, you consent to the collection and use of your information (including Personal Information) by us as identified in this Policy.
If you have any questions about this Policy or wish to exercise your rights under this Policy or any applicable law, please email us at firstname.lastname@example.org.
- Personal Information We Collect
The information we learn from and about our professional service providers and customers helps us to personalize and continually improve your experience with us. This section describes what Personal Information we collect and the different ways we collect it. Please note that Personal Information does not include information that is publicly available information from government records or de-identified or aggregated consumer information.
Information We Collect from You
To use some of our Services, we ask you to provide certain Personal Information and require you to register for an account. While using the Services, we collect certain Personal Information including, but not limited to, your name, phone number, email address, gender, date of birth, address and current location data, as well as certain documentation, such as driver’s or business license and proof of insurance. Where applicable, we indicate whether you must provide us with your Personal Information in order to use the Services. If you do not provide the Business and/or Personal Information, you may not be able to benefit from the Services if that information is necessary to provide you with the applicable Services or if we are legally required to collect it.
When you register for an account, we may access and collect the Personal Information you provide, such as your name, company name, contact information (including your mailing and billing address), e-mail address, date of birth, phone number, username and password. We may also ask for additional Personal Information including your mobile phone number and your credit or debit card number or other financial account number. We will also collect and maintain information about all transactions associated with your account.
When you use some of our other Services, you may choose to provide certain information directly to us to request more information about our Services or for other reasons. We will collect, use, share and store this Personal Information consistent with this Policy.
Personal Information Automatically Collected
When you use our Services, our servers automatically record information that your browser or device sends whenever you visit a website or utilize an application. This information may include your IP address, the type of device you are using, the internet service provider or mobile carrier you are using, your device identifiers, your mobile telephone number, your geographic location and your activities within the Services, including the links you click, the pages or screens you view, your session time, the number of times you click a page/screen or use a feature of the Services, the date and time you click on a page or use a feature and the amount of time you spend on a page or using a feature.
Our Apps also use “cookie” technology to collect additional website usage data and improve our Services. A cookie is a small data file that we transfer to your computer’s hard disk. A session cookie enables certain features of the Apps and is deleted from your computer when you disconnect from or leave the Apps. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to our Apps. We may use both session and persistent cookies to better understand how you interact with our Services, to monitor aggregate usage by our users and web traffic routing on our Apps, and to improve our Services. You may also be able to configure your computer or mobile device to limit the collection of these “cookies,” but that limitation may also limit our ability to provide all the Services or functionalities of the Apps. For more information about cookies, including how to set your internet browser to reject cookies, please go to www.allaboutcookies.org.
We may also automatically record certain information from your device by using various types of technology, including “clear gifs” or “web beacons.” This automatically collected information may include your IP address or other device address or ID, web browser and/or device type, the web pages or sites that you visit just before or after you visit our Apps, the pages or other content you view or otherwise interact with on our Apps and the dates and times that you visit, access or use our Apps. We may also use these technologies to collection information regarding your interaction with email messages, such as whether you opened, clicked on or forwarded a message, to the extent permitted under applicable law.
Please note that we have not yet developed a response to browser “Do Not Track” signals, and do not change any of our data collection practices when we receive such signals. We will continue to evaluate potential responses to “Do Not Track” signals considering industry developments or legal changes.
Information Collected by Third Parties
We may collect your Personal Information from third-party business partners such as social media sites, ad networks and analytics providers. We may also collect your Personal Information from others that refer you to our Services including our clients who facilitate our ability to provide Services.
Our Services may contain links to other websites. The fact that we link to a website is not an endorsement, authorization, or representation of our affiliation with that third party. We do not exercise control over third-party websites. These other websites may place their own cookies or other files on your computer or mobile device, collect data or solicit Personal Information from you. Other sites follow different rules regarding the use or disclosure of the Personal Information you submit to them. We are not responsible for the content, privacy and security practices, and policies of third-party sites or services to which links or access are provided through our Services. We encourage you to read the privacy policies or statements of the other websites you visit.
- How We Use the Information We Collect
We may use your Personal Information for various purposes, including, but not limited to, the following:
We may use the Personal Information and other information we collect for non-marketing purposes including: (1) validating your identity; (2) sending you push notifications, text messages, or emails to provide you with alerts and updates about your account and the Services; (3) determining and sharing with third parties your current geographical location, in each case solely as necessary to facilitate the Services; (4) processing your transactions; (5) conducting statistical or demographic analysis; (6) complying with legal and regulatory requirements; (7) customizing your experience with the Services; (8) protecting and defending Flowergist and its affiliates against legal actions or claims; (9) preventing fraud; (10) debt collection; (11) satisfying contractual obligations; (12) cooperating with law enforcement or other government agencies for purposes of investigations, national security, public safety or matters of public importance when we believe that disclosure of Personal Information is necessary or appropriate to protect the public interest; and (13) for other business purposes permitted under applicable law.
We may also use information in the aggregate to understand how our users as a group use the Services. Flowergist will not collect additional categories of Personal Information or use the Personal Information we collect for materially different, unrelated, or incompatible purposes without providing you notice.
We will process your Personal Information for the purposes listed above on the basis of one or more of the following:
- the processing is necessary for the performance of a contract or for entering into a contract with you. Please note that where this is the case, we may not be able to perform or enter into a contract with you unless you provide your personal data;
- the processing is necessary to comply with a legal obligation;
- you have given your consent (where we rely on this legal basis, we will always seek to obtain your consent separately as and when necessary); and/or
- we have a legitimate interest in the processing activity that you would normally expect from an organization.
III. Who We Share Personal Information With
Except as provided herein, we will not trade, rent, share, or sell your Personal Information to third parties. For business purposes, we may share certain Personal Information we receive from and about you, and about your transactions with us, with our affiliates and certain third parties. Doing so allows us to provide the Services you request. We may also share your Personal Information with the following third parties:
Third-Party Service Providers
Your Personal Information may be shared with or collected by third-party service providers who provide us with services, including, but not limited to data hosting or processing and credit card processing. We require these third-party service providers to exercise reasonable care to protect your Personal Information and restrict their use of your Personal Information to the purposes for which it was provided to them. We do not share your Personal Information with any third-party providers for the purpose of marketing to you.
We may provide anonymized information to third parties. Any anonymized information we provide to third parties is not considered Personal Information and is not subject to the terms of this Policy.
Sale of our Business; Bankruptcy
Compliance with Laws and Law Enforcement
Flowergist cooperates with government and law enforcement officials or private parties to enforce and comply with the law. To the extent permitted under applicable law, we may disclose any information about you, including, but not limited to, your Personal Information, to government or law enforcement officials or private parties as we believe is necessary or appropriate to investigate, respond to, and defend against legal claims, for legal process (including subpoenas), to protect the property and rights of Flowergist or a third party, to protect Flowergist against liability, for the safety of the public or any person, to prevent or stop any illegal, unethical, fraudulent, abusive, or legally actionable activity, to protect the security or integrity of the Services and any equipment used to make the Services available, or to comply with applicable law.
- Collection/Processing of Payment Card Information
If you use our Services, you may be asked to provide payment information, including, but not limited to, payment card information. We will not ask you, and you are not permitted, to provide any payment card information via email, text, or other electronic means (excluding through the dedicated forms on (or exposed through) the Apps). Any payment card information you properly provide to us is used exclusively to process payments for Services and related products and services you receive or provide, as applicable. Under no circumstances do we collect or keep payment card information on our servers.
Flowergist is committed to protecting the security of the Personal Information you provide to us and that we collect about you. We maintain commercially reasonable safeguards to maintain the security and privacy of Personal Information we collect. Nevertheless, when disclosing Personal Information, you should remain mindful that there is an inherent risk in the use of email and the internet. Your information may be intercepted without your consent, collected illegally and used by others. We cannot guarantee the security of any information you disclose online, and you do so at your own risk.
- Underage Persons
The Services are for use by persons who are at least 18 years of age. If you are younger than 18, you may not access, attempt to access, or use the Services unless you obtain parental consent. We do not knowingly collect or allow the collection of Personal Information via the Services from persons underage, pursuant to applicable law and regulations, without parental consent. If we learn that we have collected the Personal Information of someone under the age of 18 without parental consent, we will take appropriate steps to delete this information. If you are a parent or guardian of someone under the age of 18 and discover that your child has submitted Personal Information without your consent, you may contact us using the contact information provided above in the “Contact Us” section and ask us to remove your child’s Personal Information from our systems.
VII. California Residents
California requires operators of websites or similar services to make certain disclosures to users who reside in California regarding their rights, specifically:
Shine the Light
For clarity, we will not trade, rent, share or sell your Personal Information to third parties unless you ask or authorize us to do so. However, if we disclose Personal Information that is primarily used for personal, family, or household purposes of a California user to a third party for said third party’s direct marketing purposes, we will identify such third party along with the type of personal data disclosed, upon your request. For further clarification, please refer to the “Contact Us” section above. Under California law, businesses are only required to respond to a user’s request once during any calendar year.
Do Not Track
Some browsers give individuals the ability to communicate that they wish not to be tracked while browsing on the Internet. California law requires that we disclose to users how we treat do-not-track requests. The Internet industry has not yet agreed on a definition of what “Do Not Track” means, how compliance with “Do Not Track” would be measured or evaluated, or a common approach to responding to a “Do Not Track” signal. We have not yet developed features that would recognize or respond to browser initiated Do Not Track signals in response to California law. In the meantime, there are technical means to prevent some of the tracking. See the “Personal Data Rights” section below.
Personal Data Rights
California consumers have the right to request access to their personal data, additional details about our information practices and deletion of their personal information (subject to certain exceptions). California consumers also have the right to opt out of sales of Personal Information, if applicable. We describe how California consumers can exercise their rights under the CCPA below. Please note that you may designate an authorized agent to exercise these rights on your behalf by providing written materials demonstrating that you have granted the authorized agent power of attorney. Please note that if an authorized agent submits a request on your behalf, we may need to contact you to verify your identity and protect the security of your personal information. We will not fulfill your CCPA request unless you have provided sufficient information for us to reasonably verify you are the consumer about whom we collected personal information. We will not discriminate against you if you choose to exercise your rights under the CCPA and we will not deny you goods or services, charge you a different price, or provide you with a lesser quality of goods or services if you exercise any of your CCPA Rights.
- RIGHTS TO KNOW – You may request, no more than twice in a 12-month period, access to the specific pieces of personal data we have collected about you in the last 12 months. You may also request additional details about our information practices, including the categories of personal information we have collected about you, the sources of such collection, the categories of personal information we share for a legitimate business or commercial purposes, and the categories of third parties with whom we share your personal information. You may make these requests by contacting us using the contact information provided above in the “Contact Us” section. After submitting your request, please monitor your email for a verification email. We are required by law to verify your identity prior to granting access to your data in order to protect your privacy and security.
- CHANGES TO PERSONAL INFORMATION – If you believe the personal information we maintain about you is inaccurate, you may change this information by referencing the features available in the Apps. You may also request that we edit the information by contacting us as indicated in the Contact Us section of this Policy. Please note that changes to your personal information may require us to reevaluate your eligibility for participation in the Services.
- COPIES OF PERSONAL INFORMATION – You may request, no more than twice in a 12-month period, transportable copies of your personal information that we have collected about you in the last 12 months. You may make these requests by contacting us using the contact information provided below in the “Contact Information” section. After submitting your request, please monitor your email for a verification email. We are required by law to verify your identity prior to granting access to your data in order to protect your privacy and security.
- DELETION -You may request that we delete the personal information we have collected about you. Please note that we may retain certain information as required or permitted by applicable law. You may make these requests by contacting us using the contact information provided below in the “Contact Information” section. After submitting your request, please monitor your email for a verification email. We are required by law to verify your identity prior to granting access to your data in order to protect your privacy and security.
VIII. European Economic Area (“EEA”) Residents
As used herein, “Personal Information” is deemed equivalent to “personal data” as used in the GDPR.
The GDPR grants individuals who are in the European Union and European Economic Area certain rights, including:
- the right to access your Personal Information
- the right to rectify your Personal Information
- the right to request erasure of your Personal Information, under certain conditions
- the right to restrict processing of your Personal Information, under certain conditions
- the right to object to processing of your Personal Information, under certain conditions
- the right to data portability
- the right to withdraw consent at any time
- the right to lodge a complaint with a supervisory authority.
If you would like to exercise any of the above GDPR rights with respect to your Personal Information, please submit a written request using the information provided in the “Contact Us” section above. Our privacy team will examine your request and respond to you in a timely matter.
Please note that we may still use any aggregated and de-identified Personal Information that does not identify any individual and may also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
- Storage of Data/International Data Transfers
We use commercially reasonable efforts to securely store your Personal Information, and we store your information no longer than necessary for the purposes we collect your Personal Information.
We are a United States-based company and by accessing the Services, you grant us expressed consent to transfer your Personal Information to United States servers. If you do not wish for us to transfer your Personal Information to the United States, you must immediately cease any use of the Apps or Services and please contact us using the information in the “Contact Us” section above.
This Policy sets out the privacy principles we follow with respect to transfers of Personal Information from the EEA to the United States, including Personal Information we receive from individuals residing in the EEA who visit our Site and/or who may use of our Services or otherwise interact with us.
- Changes to this Policy
We may revise this Policy from time to time in our sole discretion. We will notify you of any material revisions by placing notice of the revised Policy on our website or any place through which you access the Services. Your continued access or use of the Services following any amendments to the Policy constitutes your acceptance of the Policy as amended. It is your sole responsibility to monitor our website for changes to the Policy.