“Customer” means any individual who browses, inquires about or purchases products or services listed on our Website or a Retailer Site.
“Personal Data” means information that alone or when in combination with other information may be used to identify, contact, or locate you, such as name, address, email address, IP address, login credentials, profile information, or phone number. Personal Data or PII excludes information that has been aggregated and/or anonymized so that it does not allow a third party to easily identify a specific individual (“non-PII”).
“You” or “you” refers to Retailers or Customers as indicated by context, or, if not specified, to both of these groups.
When you use the Services, we automatically collect and store certain information about your computer or mobile device and your activities. This information includes:
Technical information about your computer or mobile device (e.g., type of device, web browser or operating system, IP address and internet service provider) to analyze trends, administer the site, prevent fraud, track visitor movement in the aggregate, and gather broad demographic information.
“Web Beacons” (also known as “clear gifs” and “pixel tags”) are small transparent graphic images that are often used in conjunction with Cookies in order to further personalize the Services for our users and to collect a limited set of information about our visitors including geographical location, length and extent of usage, and whether visitors have registered for any of the Services. We may also use Web Beacons in email communications in order to understand the behavior of our customers, such as whether an email has been opened or acted upon.Information You Provide Directly to Us Customers
When you access or use our Website or a Retailer Site, you may be asked to provide Personal Data in the course of purchasing or preparing to purchase flowers or other products offered on those respective sites. Such Personal Data may include some or all of the following:
We use your email address for both “administrative” (e.g., confirming your registration) and, with your consent, “promotional” (e.g., newsletters, new listings, special discounts, event notifications, special third-party offers) purposes. Email messages we send to you may contain code that enables our database to track your usage of the e-mails, including whether the email was opened and what links (if any) were clicked. You may opt-out of receiving promotional emails and other promotional communications from us at any time via the opt-out links provided in such communications, or by e-mailing firstname.lastname@example.org with your specific request.Use for Research
In addition to the uses outlined above, by using the Services, you agree to allow us to anonymously use the information from you and your interaction with the Services to continue our research into event patterns and general trends, so that we may continue to improve the Services for users and the general public.Financial information
We may use your financial information or authorized payment method to process payment for any purchases, subscriptions or sales made on the Services, to protect against or identify possible fraudulent transactions, and otherwise as needed to manage our business. We transmit your financial information to our third party payment processors. We do not collect or store your payment information on our own servers.Sharing Your Information
The information we collect is used to improve the content and the quality of the Services, and without your consent we will not otherwise share your Personal Data to/with any other party(s) for commercial purposes, except to provide the Services, when we have your permission, or under the following circumstances:Public Information
Public information is any information you share with a public audience, as well as information in your Public Profile, or content you share on another public forum or on public comments. Public information is available to anyone on or off our Services and can be seen or accessed through online search engines, APIs, and offline media. If you publicly post information on the Services, that information will also be public.Service Providers
We may share your information with our third-party service providers that support various aspects of our business operations (e.g., analytics providers, security and technology providers, and payment processors).Business Transfers
We may transfer your information to another company in connection with a merger, corporate restructuring, sale of any or all of our assets, or in the event of bankruptcy.Aggregate Data
We may combine non-PII we collect with additional non-PII collected from other sources. We also may share aggregated, non-PII with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis.Your Rights and Choices
Where applicable law requires (and subject to any relevant exceptions under law), you may have the right to access, update, change or delete Personal Data.
You can request a copy of, update, change or delete your Personal Data either by contacting us at email@example.com to request the required changes. You can exercise your other rights by contacting us at firstname.lastname@example.org.
If you are a Customer who has purchased flowers or other products from a Retailer, that Retailer may have Personal Data about you. You must contact that Retailer to exercise your rights with respect to any information they hold about you.
Retailers are responsible for what they do with any Personal Data they collect, directly or through our Services, about their Customers. Retailers are solely responsible for complying with any laws and regulations that apply to the collection and use of Customers’ information, including Personal Data that Retailers collect about Customers from us or by using functionality provided through any of our Services.
FOF Franchise Corp. is not liable for any Retailer’s relationship with their Customers or for such Retailer’s collection and use of a Customer’s Personal Data.
The Services may contain links to other websites. If you choose to click on a third party link, you will be directed to that third party’s website. The fact that we link to a website is not an endorsement, authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third party websites. These other websites may place their own Cookies or other files on your computer, collect data or solicit Personal Data from you. Other websites follow different rules regarding the use or disclosure of the Personal Data you submit to them. We encourage you to read the privacy policies or statements of the other websites you visit.
Only individuals over the age of 18 are eligible to use our Services. However, we pay particular attention to children’s privacy. Our Services are not directed to children under the age of 13 and we do not knowingly collect, maintain or use Personal Data from children under the age of 13. If you learn that your child has provided us with Personal Data, you may alert us at email@example.com. Should we learn that a child under 13 has provided us with Personal Data, we will delete that information from our database.
Unauthorized entry or use, hardware or software failure, the inherent insecurity of the Internet and other factors, may compromise the security of your Personal Data at any time. Nevertheless, we strive to safeguard Personal Data to ensure that information is kept private and secure at all times. We maintain administrative, technical and physical safeguards that are intended to appropriately protect against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse and any other unlawful form of processing of the Personal Data in our possession. We employ security measures such as using firewalls to protect against intruders, building redundancies throughout our network and testing for and protecting against network vulnerabilities.
The precise periods for which we keep your Personal Data vary depending on the nature of the information and why we need it. Factors we consider in determining these periods include the minimum required retention period prescribed by law or recommended as best practice, the period during which a claim can be made with respect to an agreement or other matter, whether the Personal Data has been aggregated or pseudonymized, and other relevant criteria.
We conduct our data transfers in accordance with the European General Data Protection Regulation (the “GDPR”). Specifically, we conduct data transfers subject to the following standards:Privacy Shield
We transfer Personal Data to companies that have certified their compliance with the EU-U.S. or Swiss-U.S. Privacy Shield Frameworks (each individually and jointly, the “Privacy Shield”).Standard data protection clauses
We may transfer Personal Data to recipients that have entered into a European Commission approved contract for the transfer of personal data outside the European Economic Area.Other means
We may transfer Personal Data to recipients that offer adequate levels of data protection as evidenced by: (a) location in a country or membership in an organization that the European Commission or other appropriate supervisory authority has confirmed, by decision, offers an adequate level of data protection, (b) certification through an approved certification mechanism pursuant to Article 42 of the GDPR, (c) adherence to binding corporate rules adopted pursuant to Article 47 of the GDPR, or (d) any other mechanism that may demonstrate such adequacy under the GDPR.