Privacy Policy (28 September 2021)

1.  What does this Privacy Policy cover?
 

At Interflora, your privacy is very important to us and we want to assure you that we take the confidentiality and security of your personal data very seriously.  Interflora refers to Interflora British Unit, a company registered in England.
 

This privacy policy covers personal data collected  by us through the Websites at the domain names www.interflora.co.uk, www.interflora.ie, www.flyingflowers.co.uk and www.efloraservices.co.uk, www.floristrytradeclub.co.uk as well as any of our consumer apps (e.g. voice ordering apps), mobile websites, and other related subdomain websites and services (collectively, the “Websites”). The term Websites also covers the collection of personal data through direct mail or coupon campaigns, telephone sales or through social media channels.
 

In some cases, access to our Websites may be subject to a third party's Privacy Policy and Cookie Policy. Relevant third party Privacy Policy and Cookie Policy can be found here:

https://www.wix.com/about/cookie-policy

https://www.wix.com/about/privacy

 

This privacy policy explains the following key topics listed below, as well as many other topics:

What personal data we collect and how we collect it

Personal data you provide when you purchase from us

Personal data obtained when you use our Websites

Personal data obtained if you contact us

How we use the personal data we collect from you

 

To fulfil your order

For customer care

For marketing 

For internal business purposes 

Our lawful basis for processing your personal data

2.  What personal data do we collect?

We collect personal data from you whenever you interact with our Websites, including when you make purchases, when you browse our Websites, when you use our services or when you sign up to receive any of our services, including applying to become one of our florists and when you purchase from our chosen third party providers. When providing personal data to us through a form, we indicate which personal data is optional. Please note that, when collection of personal data is required or necessary either as needed for us to fulfil your order, process your application to become one of our florists, to subscribe to and or purchase from our Interflora Floristry Trade Club or based on legal obligation and you elect not to provide the personal data, we may not be able to accept or fulfil your order/application.

The types of personal data that we will collect, store, maintain or process includes the following. We provide further details regarding the use of the personal data in Clause 8.

Personal data you provide when you purchase from us

  • Your contact details you provide when placing your order, including name, title, billing address, telephone numbers and email address

  • Details associated with the products you order

  • When you make a purchase, your payment card details (in accordance with payment card industry standards)

  • Your communication and marketing preferences including delivery updates and notifications 

  • Information about your business that you provide to us in order to help tailor our content to your needs
     

Personal data you provide when you use the Website and when you apply to join our Floristry Trade Club

  • The contact details you provide when applying to become one of our florists, which includes your details, shop contact details and owner/proprietor contact details which includes phone numbers (mobile and landline), any email addresses, VAT number, national insurance number

  • The contact details you provide when applying to join our Floristry Trade Club which includes your address details and other contact details include phone numbers (mobile and landline) and any email addresses
     

Additional Personal Data obtained when you use our Websites
 

  • Details of your online browsing activities on our Websites such as the pages visited and the parts of the Websites used

  • Details of the type of device used to access our Websites, your device IP address, and your device location


Additional Personal Data obtained through contact with us

  • Details of your interaction with emails that we send you including links that you click and emails that you open

  • If contact occurs between us, we will keep a record of that correspondence, including your name and contact data, and details of your customer care issues or other concerns and our responses (including any recorded telephone calls)

 

Our Websites are not intended for use by persons under the age of 18 and our terms and conditions require that a person be 18 or older when placing an order with us or one of our suppliers. If you believe we have collected personal data from a person under the age of 18, please notify us at the information provided in Clause 14.

3.  How we use the personal data we collect from you?

We will use your personal data for the following purposes:

 

To fulfil your order:

  • To process your order

  • To process payment including payment authorisation via payment card, cheque or other third party payment processor 

  • To carry out identity verification and fraud prevention checks when purchasing with a payment card and validating personal data you provide via a third party payment processor 

  • To provide data to any third party supplier or vendor who may fulfil your order on our behalf

  • To provide order confirmation, delivery status notifications on any order placed with us

 

For customer care purposes:

  • To address any customer care issues that may occur with respect to a product or service or subscription purchased from us or from one of our third party suppliers

  • To contact you with any changes, cancellation or other issues with your order

  • To obtain customer feedback with respect to an order  

 

NOTE: Please note that you will receive communications from us and our suppliers with respect to fulfilling your order or for customer care purposes even if you opt out of receiving marketing communications. 

For marketing purposes (including personalisation):

  • To keep you up-to-date with new products and services that we think will be of interest to you

  • To provide you with promotional offers 

  • To personalise your experience with Interflora by providing information on products, services, news and updates tailored specifically to you through insights we have from the data you provided to us

  • To provide personalised marketing to you based on insights we have gained from the data you have provided to us (e.g. your purchasing history, the occasions you have purchased for and the frequency you have purchased from us)

  • To serve you with marketing advertisements based on your browsing history on our Websites, to the extent you use our Website, through cookies on our Website or within any available registered account with us. See our Cookie Policy.

  • Notify you of competitions and prize draw offers to enable you to enter and to notify you of any wins

For marketing through third parties:

If you use our Websites and you have agreed to accept cookies, then you may receive personalised advertisements of our products, services and subscriptions when browsing other websites using the same computer or device you used to view our Websites. This marketing is enabled through the cookies collecting data of your online browsing behaviour. These cookies are operated by a third party and the advertisements are provided through a third party. Details of our third party providers are available within the Data Sharing section of this policy.

You can remove or disable cookies at any time, see our Cookie Policy.

For marketing through third parties (including online advertising):

If you use our Websites, then you will receive marketing from us through our third party suppliers such as email campaigns and direct marketing campaigns promoting our products services and subscriptions.

By using our Websites, you will also receive personalised online advertisements when browsing other websites using the same computer or device you used to view our Websites. Online advertising is enabled through the cookies collecting data of your online browsing behaviour. These cookies are operated either by Interflora or by a third party and the online advertising is provided through a third party.

Please note that we use search engine advertising programmes e.g. Facebook, Google AdWords and other advertising platforms to serve online advertising.  If you are a registered user with these types of advertising platforms, we will use your email address or other contact information, in an encrypted format, to: 

  • Match with your profile on these advertising platforms so that we can provide you with personalised online advertising on these advertising platforms

  • To find other registered users (known as “lookalikes”) of these advertising platforms that share similar interests to you based on:

  • Information we have observed about you from your interactions with our Websites

  • The information these advertising platforms hold about you

 

Please note that the online advertising outlined above is subject to the privacy choices you have made on these advertising platforms.

You can opt out of receiving online advertising from us via Privacy Settings.

Details of our third party providers are available within Clause 9 of this policy. 
 

You can remove or disable cookies at any time, see our Cookie Policy.
 

For internal business purposes: 

We will use any of the personal data collected to help us to understand how many people interact with our Websites, how well the Websites are working and to consider any improvements we may need to make to the Websites to improve your online experience. It also helps us determine what products and services you are interested in and what you or other customers might wish to purchase from us in future. 

More specifically, we will use your personal data for the following internal business purposes: 

  • To analyse your browsing and purchasing activity on our Websites, including any search terms you may have entered into our Websites

  • To analyse the demographic data we collect when you place your order or otherwise use our Websites including your title, address, IP address, browser type, and occasions for which you purchase flowers in order to offer you better products and services and improve our business

  • To analyse customers shopping with us to understand our target audience for the purposes of selecting similar customers for advertising purposes

  • To analyse delivery location data you provide when placing your order to understand the delivery logistics required for our delivery network

  • To analyse your responses to our marketing communications

  • To ensure our online content is presented in the most effective manner for you and your electronic device(s) i.e. tailored for a desktop computer, tablet, iPhone, Android or voice ordering systems (e.g. Amazon Alexa)

  • To obtain customer feedback with respect to an order either from you or your recipient (to the extent permitted under the applicable law) to determine the quality of the customer or recipient experience and to improve customer care experiences 

  • To develop and provide new or improved products or services

  • To process your application to become one of our florists

  • To process your application to subscribe to our Floristry Trade Club and Services offered via the Websites

  • For crime and fraud prevention, detection and related matters, including cooperation with the police and similar authorities with their lawful queries and investigations

  • To confirm your identity, as necessary

  • To comply with any legal obligation for the purposes of good governance or regulatory guidance with respect to applicable law

 

With respect to any legal claims or related guidance by our advisors

 

With respect to any mergers or acquisitions or other business or legal affairs as further described in Clause 9

 

4.  When may you opt out of marketing communications?

You have the right to opt out of receiving direct marketing communications at any time. We will address your opt out request as soon as possible, but no longer than one month from the date we receive your request.

 

You may opt out of marketing communications or change your preferences with respect to marketing communications by:

  • Unsubscribing from emails using the unsubscribe link which can be found in all marketing emails

  • Unsubscribing from any SMS messaging by texting “STOP” to the number included in the SMS message

  • Updating your preferences on our Websites via the Privacy Settings  (not available to www.efloraservices.co.uk website)

  • Contacting us via the contact information provided in this policy

 

5.  What is our Cookie Policy?

You are not required to accept cookies in order to make a purchase or use our Websites. For example, you may place an order through a direct mail or coupon campaign or through our customer call centre. However, by making a purchase through our Websites, you agree to our Cookie Policy, which includes more information about disabling cookies. See our Cookie Policy.

6.  How do we protect your personal data?

We are committed to protecting and respecting your privacy rights, and to ensuring that your personal data is safe and secure.

We use administrative, organisational, technical and physical safeguards to protect personal data. Our security controls are designed to protect your personal data from unauthorised alteration, access, disclosure, and use. We regularly test our Websites, data centres, systems, and other assets for security vulnerabilities. In addition, at a minimum, our safeguards involve appropriate technical and organisational measures including, but not limited to, encryption services, review of our data collection, storage and processing practices (including physical security measures, to guard against unauthorised access to systems), scenario planning and crisis management protocols to ensure we are able to respond to cyber security attacks and data security incidents, regular penetration testing of systems, security controls to protect our IT infrastructure from external attack and unauthorised access, and internal policies setting out our data security approach and training for employees.

We handle payment card data in a manner consistent with the Payment Card Industry Data Security Standard (PCI-DSS).

7.  What can you do to protect your personal data?

We will never ask you to confirm any bank account or credit card details in writing or via email. If you receive an email or any other written communication claiming to be from us, asking you to provide this data, please ignore it and do not respond.

If you are using a computing device in a public location, you should always log out and close the website browser when you have finished your online session.

8.  Our lawful basis for processing personal data

We rely on different lawful basis for processing personal data. In some cases, more than one lawful basis may apply with respect to the same personal data.

​Contract: We collect and process personal data in order to fulfil the order you place with us, and in accordance with our contract with you to fulfil your order. Such personal data includes the items detailed in Clause 3 under the title “To fulfil your order”.

Legitimate Interest: We collect and process personal data for our legitimate interests in fulfilling and processing your order, any customer care issues, to conduct research, to send email, direct marketing and online advertising to you, handling legal claims, and for fraud identification and prevention checks. Such personal data includes the items detailed in Clause 3 under the title “For customer care purposes”, “For marketing purposes”, “For marketing through third parties” and “For internal business purposes”. With respect to any direct marketing we provide on the basis of a legitimate interest, you can unsubscribe as described in Clause 4.

Consent: In addition to the legitimate interests outlined above, we rely on the consent you have provided as the legal basis for our marketing communications. You can unsubscribe to the marketing communications as described in Clause 4. Please note that withdrawing your consent may not be sufficient to cease all communications or for us to delete your personal data since we may have another lawful basis or ongoing reason we need to keep personal data such as a new purchase or record keeping legal obligations. Please further note that if you make a purchase with us after you have withdrawn your consent, we may collect and use personal data in accordance with this privacy policy with respect to that purchase and you will be asked for consent for marketing communications again.

Legal Obligations: We are required to comply with applicable laws, rules and regulations as well as industry standards and orders by courts with jurisdiction over us. In doing so, we may collect and retain personal data. For example, we create and maintain records of your orders to maintain the tax and accounting records required by applicable laws, and to share such records with the tax authorities as and when required.

9.  When might we share your personal data with third parties?

We will share your personal data with certain third parties in order to fulfil and process your order for services and any subscriptions promoted on our Websites to enable us to perform our contract to provide your purchase to you, provide our Websites and provide you with marketing.

The following is a list of types of third parties that may receive your personal data. Our third party providers are required to handle your personal data in accordance with appropriate data protection and security controls.

  • Interflora Affiliates: Interflora may share personal data with its affiliates from time to time including Interflora’s parent company The Wonderful Company LLC (TWC) and its subsidiaries including Teleflora LLC and those affiliates who may subsequently be acquired by Interflora, its parent company or its affiliated companies.  

  • IT Suppliers and Vendors: In order to manage our operations, Interflora contracts with third parties who provide security and technical services to protect our Websites, maintain databases of personal data for the purposes outlined in this privacy policy and present Website content.

  • Suppliers: In order to fulfil your order for services and/or subscriptions, we contract with carefully selected third parties who provide a range of complimentary products, services, subscriptions to members of our Floristry Trade Club.

  • Financial/Payment Service Providers: In order to process customer orders placed with us, Interflora contracts with payment service companies, e.g. Wix, who process payment, ensure security of your transactions, and prevent or detect fraudulent transactions.

  • Marketing Service Providers: Interflora contracts with third parties who:

    • provide email marketing, SMS (text) marketing, direct marketing campaigns

    • provide online advertising campaigns e.g. Facebook, Google Adwords and other similar advertising platforms

    • maintain databases of personal data for marketing campaigns as outlined in this privacy policy

    • provide to us reporting of our marketing campaigns

  • Market Research Providers: In order to continually improve our Websites user experience, Interflora contracts with third parties who provide market research services which include collating and reporting of Websites user feedback and collate and provide Website user feedback via customer surveys.

  • Website Improvement: In order to improve our online customer experience, Interflora contracts with third parties who help us identify and make improvements to our Websites, provide website traffic data and website performance analysis information, and provide analysis on website performance focused on customer experience.

  • Customer Service Providers: In order to provide the best possible customer service, Interflora contracts with third parties who deal with any customer care issues and, where appropriate, provide ‘Live Chat’ functionality.

 

In addition to the reasons identified above, we may provide your personal data to third parties in the following circumstances:

  • Law Enforcement/Government Requests: We may be required by law to provide personal data to law enforcement, a government agency or in response to a search warrant, subpoena or other legally valid enquiry or order, or to an investigative body or civil litigant including emergency situations. We may also disclose personal data when we believe in good faith that disclosure is necessary to comply with relevant laws, for the establishment, exercise or defence of legal claims, to prevent and address fraud and other illegal activity, to prevent death or imminent bodily harm, or to protect or defend the rights, property or safety of our users, others and ourselves.

  • Business and Legal Purposes/Mergers and Acquisitions: There may be business or legal reasons to disclose personal data. As an example, we may transfer data we have about you to third parties in connection with an actual or potential merger, consolidation, acquisition, reincorporation, sale/divestiture or other similar transaction involving all or part of our company or any affiliate, or as part of a corporate reorganisation or stock sale or other change in corporate control. If we undergo such a business transition, personal data may be one of the assets that may be shared or transferred as part of the business transition and used by such third party as though such third party were Interflora.

 

10.  How long do we keep your personal data?

We will only retain your personal data for the purposes set out in this policy and for as long as we have a legal or business requirement to do so. Different retention periods apply for different types of personal data, however, the longest we will normally hold any personal data is 7 years after the last contact with such person or purchase by such person. The time period for retention will depend on applicable laws, rules or regulations that we are required to follow, whether there is an ongoing request or query or other type of legal claim or dispute, the type of information we are holding and whether we are asked by you or a regulatory authority to keep the personal data.

 

11.  Where your personal data will be processed/International transfers

Interflora is a UK based company and we will hold and process your personal data in the UK, which is outside of the EU, therefore, the UK is considered to be a "third country". We will share some personal data with our parent company TWC, based in the US. We will also share your personal data with certain third party providers both in the UK and overseas for the purpose of: (a) fulfilling orders for products/services/subscriptions, (b) customer care, and (c) as otherwise outlined in Clause 9.

Some of the organisations that we share personal data with may process it overseas. Please be assured that we have implemented appropriate technical and organisational measures and adequate safeguards to protect personal data. We are committed to continuously developing and improving the measures we already have in place.  If any disclosures of personal data mean that your personal data will be transferred outside the UK, we will only make that transfer if: (a) the country to which the personal data is to be transferred ensures an adequate level of protection for personal data; (b) we have put in place appropriate safeguards to protect your personal data, such as an appropriate contract; (c) the transfer is necessary for one of the reasons specified in Clause 8, such as fulfilment of an international order under the contract between us and you; or (d) you consent to the transfer.

12.  Your rights to access your data and rectify any inaccuracies in your personal data

We fully respect that your personal data is owned by you and that you have certain rights with respect to the personal data. Our goal is to respect your rights. Please understand that we may have certain obligations to maintain personal data records despite your requests to exercise the following rights, such as for legal and accounting purposes. We ask that you read these rights carefully.

  • Right of Access (also known as “Subject Access Request”): To receive a copy of the personal data we hold about you, please contact us, see the Contact Details in Clause 14. Please understand that you will need to provide a copy of two of the following separate pieces of identification:

    • Passport

    • Driving licence

    • Birth certificate

    • Utility bill (covering the last 3/6 months)

    • Current vehicle registration document

    • Bank statement (covering the last 3/6 months)

    • Rent book (covering the last 3/6 months)
       

  • Right to Rectification: You may ask us to update and correct any out-of-date or incorrect personal data that we hold about you, or to complete incomplete personal data. In order to update your personal data, please visit our Privacy Settings.
    .

13.  Your additional rights with respect to your personal data

 

You may have the following additional rights, detailed below:

  • Right to Erasure (also known as “the Right to be Forgotten”): For a limited list of reasons, you may request that your personal data is removed from our systems.

  • Right to Restrict: For a limited list of reasons, you may request that we cease using or that we suppress your personal data.

  • Right to Object: You may object to our use of your personal data.

  • Right to Data Portability: Where we use your personal data based on your consent or to enter or perform a contract with you, and our processing is carried out by automated means, you may request that any personal data you have provided to us be transmitted electronically to you or to another supplier (to the extent feasible).

 

Please note that if we erase all information about you and you make a future purchase or otherwise become a future customer, then we will not be aware of your prior requests or objections.

In respect of the additional rights outlined above, we request that you contact us via the Contact Details shown in Clause 14 below and we will provide you with additional information regarding your rights in connection with your specific request.

  • Right to Lodge a Complaint: You have the right to lodge a complaint with the Supervisory Authority. The UK Supervisory Authority is the Information Commissioner’s Office, see website www.ico.org.uk for details. In the Republic of Ireland the Supervisory Authority is The Data Protection Commission, see website www.dataprotection.ie for details.

 

14.  Contact details

We have appointed a Data Protection Officer whose role is to inform and advise us about and to ensure that we remain compliant with data protection laws. The Data Protection Officer should be your first point of contact if you have any queries or concerns about personal data. Our Data Protection Officer can be contacted at:

 

Email: dataprotection.floristrytradeclub@interflora.co.uk

 

Post:

Interflora’s Data Protection Officer

Customer Services

Interflora British Unit

Interflora House

Sleaford

Lincolnshire

NG34 7TB

 

15.  Updates to this policy

Our goal is to keep this privacy policy up to date. Therefore, we recommend that you review this privacy policy periodically. At a minimum, we recommend reviewing this policy together with each new purchase you make with us. We will inform you of material changes to this privacy policy in accordance with the applicable law.