This topic includes the following:
- Information About GDPR
- Contact for Privacy Rights
What is the General Data Protection Regulation?
The General Data Protection Regulation (GDPR) takes effect on May 25, 2018, and it aims to protect all European citizens. It replaces Data Protection Act (1998) and applies to companies (regardless of the company location) who process personal data about individuals in the EU.
What is considered as “personal data”?
GDPR applies to any information relating to an identified or identifiable natural person, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
LolaFlora B.V. understands and respects its customers’ right of privacy. We want you to feel confident about using LolaFlora.com to order gifts, so we are committed to protecting the information we collect. Therefore, we operate our websites in compliance with GDPR and other applicable laws on data privacy protection and data security. We have prepared a policy on how we collect, use, disclose, transfer, and store your information.
What Personal Data Do We Collect?
We collect information to improve shopping experience of all our customers. Here are the types of information we collect:
Personal information you give us: We may collect personal information when you provide us, like when order via our website and/or register with an account with us. The types of information we may collect from you directly include your:
- Delivery address
- E-mail address
- Telephone number
- Date of birth
- Credit card or other payment information
- User-generated content, posts and other content you submit to LolaFlora sites
- Any other personal information you voluntarily provide to us
For the nature of LolaFlora, you also give personal information about someone else. You must do so only with that person’s authorization. You should inform them how we collect, use, disclose, and retain their personal information according to our privacy notice.
Personal information collected automatically: When you visit our websites, we may receive and store certain types of information.
- When you interact our services, we receive information from your devices. For example; your IP address, browsing history, etc.
- We also collect your location, web browser and your mobile device data when you use application of LolaFlora. We may use this information to provide you with location-based services, such as advertising, search results, and other personalized content. You can turn off location services in most mobile devices.
How Do We Use Your Personal Information?
We process your personal data to provide you a higher quality of services, provide you with a personalized experience on our sites, provide you useful customer service and provide you with customized advertising and marketing. We may also use your personal information in order to detect, prevent, mitigate and investigate suspicious, fraudulent or illegal activities.
We may use your personal information for as follows:
- to record the address and other necessary information for communication,
- to be able to inform the public officials in accordance with the legislation in case of a request for public security matters,
- to inform our customers about our products that our customers may be interested in, regarding the interests that the customers provide to us.
- to know our customers and use our customers in the customer environment analysis, to use them in various marketing and advertising activities and to conduct surveys in electronic and/or physical media through contracted organizations in order to provide customer satisfaction in this context,
- to offer suggestions to our customers by our contracted institutions and solution partners and to inform our customers about our services,
- evaluate customer complaints and suggestions related to our services,
- to fulfill our legal obligations and to use our rights arising from the current legislation.
Who Do We Share Your Personal Information With?
The sharing of personal data of our customers with third parties takes place within the framework of the consent of the customers and as a rule personal data is not transferred to third persons without the consent of our customers.
However, personal data are shared with courts and other public institutions due to our legal obligations. We work with third party service providers, for example in order to prepare and deliver the orders. Contracted third party services have access to personal information in order to provide the services we undertake and to provide quality control of the services provided, but they may not use it for other purposes. Technical and legal precautions are taken to prevent violations of rights during data transfer to third parties. However, LolaFlora shall not be liable for infringement of the third party's data protection policies and the risk area of the third party's liability.
Your personal data may be shared with;
- shareholders of LolaFlora,
- direct/indirect subsidiaries,
- institutions and organizations that we have partnered in order to carry our activities,
- institutions which we get storage services for our data in the cloud environment,
- contracted institutions that provide us a service of sending commercial electronic messages to our customers
- contracted banks
- various domestic and foreign agencies, advertising companies, survey companies and other third parties, for the marketing purposes, in order to provide service and customer satisfaction to you.
How Do We Store and Protect Your Personal Data?
We have responsibility in establishing the necessary organization and taking and implementing technical measures for the protection of the confidentiality and integrity of the personal information, in accordance with the provisions of the applicable legislation in force. We hereby inform you that we are aware of our obligation to protect personal data; we are performing penetration tests at periodic intervals in accordance with international and national technical standards covering data confidentiality and always updating our data processing policies.
What Are Your Rights?
You have certain rights in relation to your Personally Identifiable Information. You can access and confirm that your personal data remains correct and up-to-date or choose whether or not you wish to receive material from us or some of our partners by logging into the Site and visiting your user account page.
If you would like further information in relation to your rights or would like to exercise any of them, you may also contact us via firstname.lastname@example.org. If you reside or are located in the EEA (European Economic Area), you have the right to request that we:
- provide access to any personal information we hold about you;
- prevent the processing of your personally information for direct-marketing purposes;
- update any Personally Identifiable Information which is out of date or incorrect;
- delete any personal information which we are holding about you;
- restrict the way that we process your personal information;
- transmit your personal information to a third party provider of services; or
- provide you with a copy of any personal information which we hold about you in a commonly use and machine readable format.
We are also required to notify you of any data breach without undue delay after first becoming aware of the breach where the breach is likely to result in a high risk to the rights and freedoms of individuals.
The services we provide are not directed to a child and we do not knowingly gather personal data of a persons under 13 years of age or a equivalent minimum age in the relevant jurisdiction. If you become aware that a child has provided us with personal information, please contact us.
Contact For Privacy Rights
If you have questions or concerns about how we process your personal data:
- You can contact our Data Protection Officer at email@example.com or firstname.lastname@example.org and write DPO as subject matter.
- You can call +905497879430
- You can send via courier: Kingsfordweg 151, 1043 GR Amsterdam, Netherlands
- LolaFlora operates more than one EU member state and our lead data protection supervise authority is Dutch Data Protection Authority.