At Fleurop-Interflora NE Europe OÜ (hereinafter referred to as "Fleurop-Interflora"), the privacy of our customers is
very important to us and we want to assure that we take the confidentiality and security of personal data very
Website at the domain name www.interflora.ee, as well as any of our consumer apps, mobile websites, and other related
subdomain websites and services (collectively, the “Websites”). The term Websites also covers the collection and
processing of personal data through Interflora’s e-mail reminders and newsletter, social media channels, phone and
In our activities, we are guided by the European Data Protection Act (GDPR), local Legislations and Laws, our own data
subject specified in the GDPR, hereinafter referred to as the User, whose personal data is processed for the provision
of the service.
- What personal data we collect and how we collect it
- Personal data provided when making a purchase from us
- Personal data obtained when using our Website
- Personal data obtained when contacting us
- How we use the personal data we collect
- To fulfil orders
- or customer care
- For marketing
- For internal business purposes
- Our lawful basis for processing personal data
2. What personal data do we collect?
We collect personal data whenever a User interacts with our Websites, including making a purchase, browsing our
Websites, signing up to receive any of our services or using our services in any other way. When providing personal
data to us through a form, we indicate which personal data is optional. Please note that, when collection of personal
data is required or necessary either as needed for us to fulfil the order or based on legal obligation and when
selecting not to provide the personal data, we may not be able to accept or fulfil the order.
The types of personal data that we will collect, store, maintain or process includes the following. We provide
further details regarding the use of the personal data in Clause 8.
Personal data provided when making a purchase from us:
- Customers contact details provided when placing an order, including name, billing address, telephone numbers,
e-mail address and company billing data
- Recipient and delivery details provided when placing an order, including name, contact telephone numbers, delivery
address and instructions
- The occasions for which one purchases our goods and services such as birthdays and anniversaries, and dates
associated with them
- Any personal data contained within the card message (e.g., names and birthdays)
- Details associated with the ordered products
- Communication and marketing preferences, including delivery and Reminder Service notifications.
Additional Personal Data provided through the “My Account” feature:
- Additional telephone numbers, email address and postal address
- Order history, recipient and delivery data
- Named, addresses and phone numbers in the Address Book
- Occasions, related names, dates and additional data in the Reminder Service
- Reminder Service, notifications and newsletter preferences.
Additional Personal Data obtained when using our Websites:
- Details of online browsing activities on our Websites such as the pages visited and the parts of the Websites
- Details of the type of device used to access our Websites, IP address, and device location
- Additional data obtained by third parties, e.g. social media and advertising platforms
- Cookies that are necessary to use the Website and make a purchase.
Additional Personal Data obtained through contact with us:
- Details of the interaction with emails and notification that we send including links that are clicked and emails
that are opened
- If contact occurs between us, we will keep a record of that correspondence, including name and contact data,
details of customer care issues or other concerns and our responses (including any recorded telephone calls).
Our terms and conditions require that a person has to be 18 or older when placing an order with us.
If one believes we have collected personal data from a person under the age of 18, please notify us at the information
provided in Clause 14.
3. How we use the personal data we collect?
We will use personal data for the following purposes:
- To fulfil orders
- To track and process orders
- To process payment. Fleurop-Interflora Webpage uses third party payment gateways that direct to a payment page
provided by the bank chosen by the User. Fleurop-Interflora does not receive or keep any personal data related to
Users bank account, except provided data on the invoice or payment confirmation.
- To to any third party supplier or vendor who may fulfil the order on our behalf
- To provide order confirmation or notify about questions and problems related to an order placed with us.
For customer care purposes:
- To contact the sender or recipient with any changes, cancellation or other issues with the order
- To address any customer care issues that occur either with respect to a product or service, delivery, or a
complaint or enquiry that the sender or recipient raise with us
- To manage any registered accounts on the Website
- To obtain customer feedback with respect to an order (to the extent permitted under the applicable law)
Please note that the sender or receiver will receive communications with respect to fulfilling the order or for
customer care purposes even if the sender has opted out of receiving marketing communications.
For marketing purposes:
- To keep up-to-date with new products and services that we think will be of interest
- To provide promotional offers
- To notify about important dates and holidays or dates and reminders set by the User through the Reminder Service
- To make experience with our Website and Reminder Service more personalised, faster and friendlier, we try to
provide products and information tailored to the User
- To serve marketing advertisements based on the Users browsing history on our Websites, to the extent one use our
Websites, through cookies on our Websites or a registered account with us.
For marketing through third parties:
We may use third party advertising companies to serve advertisements on our behalf on other websites than our own.
These third party providers may use data that we have collected on our Website and employ cookies to make
advertisements more personalised and measure advertising effectiveness. Any information that these third parties
collect via cookies is completely anonymous and these third parties do not have access to any personal data stored in
For internal business purposes:
We will use any of the personal data collected to help us to understand how many people visit our Websites, how well
the Websites are working and to consider any improvements we may need to make to the Websites to improve online
experience. It also helps us determine what products and services the customers are interested in and what they might
wish to purchase from us in future
4. How to opt out of marketing communications?
A User has the right to opt out of receiving direct marketing communications at any time by:
- Unsubscribing from emails using the unsubscribe link in the e-mail footer
- Updating personal preferences within “My Account” section
- Updating personal preferences in the shopping basket
- Contacting us via the contact information provided in Clause 14
personal information and is and identification code that enables us to track the shopping basket, so that it’s
possible to make a purchase. We relate cookies to a User, when the User logs in with a personal account and/or will
make a purchase.
We also share cookies to offer quality client service and better user experience with third party software on our
Website, for example Live Chat and software that collects User browsing history and activities (e.g. Google
Analytics). Any information that these third parties collect via cookies and action tags is completely anonymous.
6. How do we protect personal data?
Fleurop-Interflora is committed to protecting and respecting our customers and Users privacy rights, and to ensuring
that their personal data is safe and secure. We do not store personal data that is not necessary for the purpose of
placing and fulfilling an order, monitoring privacy, achieving our marketing objectives, improving Website user
experience, or for other purposes listed in the preceding paragraphs.
We use administrative, organisational, technical and physical safeguards to protect personal data from being used or
disclosed in an unauthorized way. For example, we regularly test our Website, databases, technical systems, and other
assets for security vulnerabilities, train our staff, do scenario planning and crisis management protocols to ensure
we are able to respond to cyber security attacks and data security incidents.
We will inform the Surveillance Authority and the victim (the data subject) about any important security incidents
within 72 hours after the incident.
Fleurop-Interflora Web pages do not see or store personal information relating to the User's bank account, except
payment confirmation or data on the payment confirmation indicated by the bank.
7. What can you do to protect your personal data?
Fleurop-Interflora will never ask to confirm any bank account or credit card details in writing or via email. Payment
gateways will direct the payment to a secure website designated by the bank outside Fleurop-Interflora Website.
When using a computing device in a public location, it is recommended to always log out and close the website browser
after finishing the online session.
When creating an account with us, one must keep the password private. When creating a company account, the password
can only be shared with authorized personnel. We strongly suggest to avoid using the same password for multiple online
accounts. Any password created should be at least 8 characters long and must include at least one upper case letter,
one lower case letter.
We recommend regularly changing the password, which one can do within “My Account” section.
8. Our lawful basis for processing personal data
Fleurop-Interflora relies on different lawful basis for processing personal data. In some cases, more than one lawful
basis may apply with respect to the same personal data.
- Contract: We collect and process personal data in order to fulfil the orders placed with us, and
- Legitimate Interest: We collect and process personal data for our legitimate interests in
fulfilling and processing orders, any customer care issues, improving our Websites user experience and product
selection, for marketing purposes and enabling to use Reminder Service or client loyalty programs, handling legal
claims, and for fraud identification and prevention checks. Such personal data includes the items detailed in Clause
3. With respect to any direct marketing (which includes newsletter and Reminder Service notifications) we provide on
the basis of a legitimate interest, it is possible to unsubscribe as described in Clause 4. A User has a right to
delete his/her account and data related to it, except for the data related to orders.
- Consent: In addition to the legitimate interests outlined above, we rely on the consent that User
has provided as the legal basis for our marketing communications and Reminder Service notifications. It is possible
to unsubscribe to the marketing communications and Reminder Service notifications as described in Clause 4. Please
note that withdrawing consent may not be sufficient to cease all communications or for us to delete personal data
since we may have another lawful basis or ongoing reason we need to keep personal data such as a new purchase or
recordkeeping legal obligations. Please further note that when making a purchase with us after withdrawing consent,
User will be asked for consent for marketing communications again.
- Legal Obligations: We maintain records of orders and connected personal data to maintain the tax
and accounting records required by applicable laws, and to share such records with the tax authorities as and when
9. When might we share personal data with third parties?
We will share personal data with certain third parties in order to provide usage of our Website, to fulfil, process
and deliver orders, and to provide marketing. The following is a list of types of third parties that may receive
personal data. Our third party providers are required to handle personal data in accordance with appropriate data
Fleurop-Interflora Member Florists/Fulfilment Partners: Fleurop-Interflora shares data with our
florists who are independently owned and operated businesses. Our florists are our distributors for the purposes of
fulfilling and delivering purchases. We also use other third party fulfilment partners such as wholesalers for certain
products and postal and courier services. Our florists and fulfilment partners will contact the recipient to schedule
delivery or verify delivery information and availability (unless agreed otherwise between the customer and
Florists or couriers to not see the senders contact information. When needed, Fleurop-Interflora will contact the
sender regarding any customer care issues.
Fleurop-Interflora Affiliates: In order to fulfil international orders, Fleurop-Interflora may share
personal data with its affiliates, including Interflora Inc and FTD Companies, Inc., their subsidiaries and
affiliates. When having ordered a product for international delivery, this may also include other third party entities
who fulfil and deliver orders.
IT Suppliers and Vendors: In order to manage our operations, Fleurop-Interflora contracts with third
parties who provide security and technical services to protect our Website, maintain databases of personal data for
Flower and Gifting Suppliers (other than Fleurop-Interflora Florist Members): In order to fulfil
customer orders, Fleurop-Interflora contracts with third parties who provide products that the local florists might
not have, such as gourmet products and gifts
Financial/Payment Service Providers: In order to process customer orders placed with us, Interflora
contracts with payment service companies who process payment, ensure security of your transactions, and prevent or
detect fraudulent transactions
Marketing Service Providers: Interflora contracts with third parties who:
- provide email and direct marketing campaigns
- provide online advertising campaigns
- provide us with analysis and reporting of our marketing campaigns and Website usage
Website Improvement: In order to offer secure and the best quality experience when using our
services, we contract with third parties who help us identify and make improvements to our website, provide website
traffic data and website performance analysis information, and provide analysis on website performance focused on
Customer Service Providers: In order to provide the best possible customer services to our
customers, we use third party software which provides us with ‘Live Chat’ functionality.
In addition to the reasons identified above, we may provide your personal data to third parties in the following
Law Enforcement/Government Requests: We may be required by law to provide personal data to law
enforcement, a government agency or in response to a search warrant, subpoena or other legally valid enquiry or order,
or to an investigative body or civil litigant including emergency situations. We may also disclose personal data when
we believe in good faith that disclosure is necessary to comply with relevant laws, for the establishment, exercise or
defence of legal claims, to prevent and address fraud and other illegal activity, to prevent death or imminent bodily
harm, or to protect or defend the rights, property or safety of our Users, others and ourselves.
Interflora Business and Legal Purposes/Mergers and Acquisitions: There may be business or legal
reasons to disclose personal data. As an example, we may transfer data we have about you to third parties in
connection with an actual or potential merger, consolidation, acquisition, reincorporation, sale/divestiture,
acquisition or other similar transaction involving all or part of our company or any affiliate, or as part of a
corporate reorganisation or stock sale or other change in corporate control. If we undergo such a business transition,
personal data may be one of the assets that may be shared or transferred as part of the business transition and used
by such third party as though such third party were Interflora.
10. How long do we keep your personal data?
We will only retain your personal data for the purposes set out in this policy and for as long as we have a legal or
business requirement to do so.
11. When might we transfer your personal data abroad?
When placing an international order, details related to the order, delivery and personal information connected to the
to the recipient will be sent to Interflora Inc affiliates and their partners. This means that personal information
may be sent outside the European Economic Area (EEA) for the purpose of fulfilling an order and customer care.
We have implemented appropriate technical and organisational measures and adequate safeguards to protect personal
data by entering into standard contractual clauses with data recipients in countries outside of EEA. If any
disclosures of personal data mean that your personal data will be transferred outside the European Economic Area, we
will only make that transfer if:
- the country to which the personal data is to be transferred ensures an adequate level of protection for personal
- we have put in place appropriate safeguards to protect your personal data, such as an appropriate contract and
- the transfer is necessary for one of the reasons specified in Clause 8, such as fulfilment of an international
order under the contract between Fleurop-Interflora and the customer.
12. Your rights to access your data and rectify any inaccuracies in your personal data
We fully respect the right you have toward your data, including the right to receive a copy of the personal
information we hold about you. Please note that we can only forward data which disclosure does not violate
intellectual property or business law, does not adversely affect the rights and freedoms of third parties and is not
technically excessively complex to get.
As an owner of your personal data, you have the:
Right to view the personal data we hold about you: You can view the persona data on your account by
logging in with you username and password.
In order to receive an additional copy of all the information we hold about you, please send a digitally signed
application to our contacts in Clause 14. We respond to the request and make a decision regarding it within at least
30 business days. To identify yourself in any other way than digital signature, please contact us at the contact
details provided in Clause 14.
Right to Rectification: You may ask us to update and correct any out-of-date or incorrect personal
data that we hold about you, or to complete incomplete personal data. In order to update your personal data, please
visit your account on our Website. To update your data in any other way, please contact us at the contact details
provided in Clause 14.
13. Your additional rights with respect to your personal data
We fully respect that your personal data is owned by you and that you have certain rights with respect to the
personal data. Please understand that we may have certain obligations to maintain personal data records despite your
requests to exercise the following rights, such as for legal and accounting purposes.
You may have the following additional rights, detailed below:
Right to erase your data: You can erase your user account by logging in with your username and
password and selecting the “delete account” option. This will erase your account and information connected to you user
account, except for the data related to previous orders and other information that is necessary to hold for accounting
and legal purposes.
To erase your data in another way or to another extent, please send a digitally signed application to our contacts in
Clause 14. We respond to the request and make a decision regarding it within at least 30 business days. To identify
yourself in any other way than digital signature, please contact us at the contact details provided in Clause 14.
Right to Restrict: For a limited list of reasons, you may request that we cease using or that we
suppress your personal data. To do that, please send us a digitally signed application which explains the reason and
changes related to the use of the data. We respond to the request within at least 30 business days and may ask for
more detailed information from you.
Please note that after deleting your account, you will not be able to see your order history connected to your
deleted account, even when you open a new account in the future.
14. Contact details
Fleurop-Interflora NE Europe is responsible for collecting and storing orders and User data for this
Website. For inquiries and requests related to personal data, please contact the following contacts:
Fleurop-Interflora NE Europe OÜ
Vabaõhumuuseumi tee 2A
13522 Tallinn / Estonia
Tel: +372 6003900 / 6003904
Fax: +372 6003901