Stay updated with our latest promotions and offers:

Privacy Policy

1. ABOUT US AND THIS CONFIDENTIALITY POLICY

This privacy policy provides the users of this site (www.florariairis.ro) with the most complete and clear information regarding the processing of personal information through the site, in accordance with the General Data Protection Regulation (GDPR). The new EU Data Protection Act (GDPR) entered into force on May 25, 2016, but will begin to produce its effects starting with 25

May 2018. This law represents the biggest change in personal data protection over the last 20 years and has objectives that go far beyond just protecting private space.

In accordance with legal requirements, this privacy policy also indicates:

• Nature of processed personal information;

• Purposes and means of processing personal information;

• Identity and contact details of the data carrier (s);

• Contact details of the Data Protection Officer (DPO);

• Any third parties involved in processing activities;

• The period for keeping personal information;

• Security measures taken to protect personal information;

• User privacy rights.

This privacy policy applies only to the site and does not concern any website or platform the site can connect to.

Users under the age of 16 are not permitted to consent to the processing of personal information without the permission of their parents.

PERSONAL DATA CONTROLLER / OPERATOR

According to GDPR, a Personal Data Operator is the one who, alone or with others, determines the purposes and means of processing personal information.

The personal data controller / operator for data processing related to the site's activities is:

• SC FLORARIA IRIS SRL - 17 Aerogarii Blvd, sector 1, Bucharest, Romania, European Union.

There is a Designated Data Protection Officer to ensure that the site processes personal information in accordance with the GDPR. DPO can be contacted for any questions at the following e-mail address: comenzi@florariairis.ro

2. WEB SITES OF THIRD PARTIES

Our site may contain links to and from the websites of our advertisers and affiliates, among others. If you follow a link to any of these websites, please note that this privacy policy does not apply to these websites. We are not responsible or liable for the privacy policies or practices of these websites, so please review their policies before submitting personal data to these websites.

3. WHAT INFORMATION DO WE COLLECT AND HOW?

PERSONAL INFORMATION. PROCESSING PURPOSES.

"Personal Information" means any user information that identifies itself personally, either singularly or in combination with other information.

Personal information is automatically collected by the site or received through multiple sources: forms, chat, email, applications, devices, social media and other means.

The site processes personal information in various forms for the following purposes:

CHARGING DATA

The site collects non-sensitive navigational data by automated means to allow and improve user navigation (e.g., IP address, visit date / time and length, any referrer URL, pages visited on the site, other information) .

The processing of this information allows users to access the site and fully enjoy its functions and services. Furthermore, navigation data can be used to verify that the site is working properly.

From time to time, navigation data is processed anonymously for statistical purposes.

It is unlikely that navigational data will allow the identification of the relevant target person. However, by their very nature, navigation data can allow users to be identified if they are associated with other information.

The navigation data described above is stored only temporarily in accordance with the applicable law.

ORDERS

At checkout, the site requires users to provide personal information for the purpose of fulfilling their purchase orders and complying with contractual obligations (for example, name and surname, e-mail address, delivery address, etc.).

Such personal information is also critical to Customer Service to help customers with their requests and for whatever need they are needed before or after the sale (for example, regarding the delivery status of the order or the return of the product).

Personal information relating to orders will be stored as long as they are necessary to comply with the applicable contractual obligations and applicable tax and financial reporting obligations.

The site may also verify the payment instruments used by customers to buy them on the Site (for example, credit or debit card, etc.) to prevent fraudulent activities or in accordance with applicable anti-money laundering laws. Because the total trust in payment verification is given to third-party payment processors, the controller does not process or store any financial information that belongs to clients.

Failure to make the necessary personal information to make payment will prevent users from completing an order on the Site.

Based on his legitimate interest in improving his / her customer relationship, the site will send communications messages to the latter with product suggestions, discounts, feedback requests, or other updates. Customers are always free to unsubscribe from such communications by email (for example, by clicking the "unsubscribe link" at the bottom of each email).

REGISTER ON THE SITE

When users choose to register a personal account on the site, they are asked to provide personal information (e.g., date of birth, sex, etc.). The site clearly indicates which personal information is required (or not) to set up an account on the site.

Users must send personal information that is true and accurate at the time of registration and are invited to update their updated personal information (if changes occur) by logging in to their personal account to make any relevant changes.

Users who choose to activate or connect to the account on their site through a social media should be aware that when they log in to a social media account, the site collects certain personal information on which has already provided an example: email address and public profile on Facebook).

The controller does not supervise or control these social media services or user profiles with respect to these services, and does not set up privacy settings or rules on how personal information on these services will be used. Users are strongly encouraged to read all applicable policies and information about applicable social services to learn more about how they process personal information.

NEWSLETTER AND MARKETING COMMUNICATIONS

On site, users can choose to receive newsletters and commercial communications.

The site always collects explicit, free and unambiguous consent from users before sending these newsletters and marketing communications to these users or, more generally, before initiating e-marketing initiatives dedicated to them.

In such cases, users may be asked to provide personal information in addition to their e-mail address (eg gender, country of residence, etc.) in order to have newsletters and marketing communications tailored to the user's profile.

Users can always easily withdraw their consent from receiving newsletters and commercial communications in the following ways:

• through account settings;

• by clicking the "unsubscribe" link in any such email;

• contacting customer service.

4. WHAT DO YOU USE YOUR INFORMATION?

In order to offer you the services and the site, including to allow you to order and receive products using our site, manage your account and optimize your experience, we need to use the information we collect in a number of different ways .

STATING A PROFILE / PROFILING

Under the explicit consent of a user, newsletters and marketing communications may be adapted to the "profile" of the user based on the personal information the Site collects or receives about the user concerned.

As for Site Customers, the legitimate interest of the site is to process personal information to provide more exciting products, improve the site, and personalize the products offered on the Site.

The main purpose of profiling is to offer products, services and initiatives more responsive to tastes, shopping habits and the interests of users and customers.

Personal information may also be used for remarketing, retargeting or profiling, including through third parties (e.g., social networks, etc.).

Neither the site nor the controller will ever perform child profiling activities.

5. COOKIES

We use technology, such as cookies, to gather information and store your preferences online. Cookies are small pieces of information sent by a web server to a web browser that allows the server to uniquely identify the browser on each page.

We use the following categories of cookies on our site:

CATEGORY 1: STRICT COOKIES NECESSARY These cookies are essential to allow you to navigate the site and use its features. Without these cookies, the services you have requested, such as remembering your login details or shopping cart items, can not be provided.

CATEGORY 2: PERFORMANCE CONTROLS These cookies collect anonymous information about how you use our site. For example, we use Google Analytics cookies to help us understand how customers get to our site, navigate or use our site and highlight areas where we can improve areas such as navigation, shopping experience and marketing campaigns. Data stored by these cookies does not show personal details from which your individual identity can be determined. You can sign up for these cookies using your browser settings, but it can affect the performance of our site.

CATEGORY 3: FUNCTIONAL COOKIES These cookies keep in mind the choices you make, such as the country you visit our site, the language and search parameters, such as size, color, or product line. These can then be used to give you a better fit for your selections and make your visits more personalized and enjoyable. The information these cookies collect can be anonymous and can not track your browsing activity on other websites. You can sign up for these cookies using your browser settings, but it can affect our site's functionality.

CATEGORY 4: MAIN COOKIES OR ADVERTISING COOKIES These cookies collect information about your browsing habits to make advertising more relevant to you and your interests. They are also used to limit the number times you see an ad, and to help measure the effectiveness of an advertising campaign. Cookies are usually placed by third-party advertising networks. They remember the websites you visit and that information is shared with other people, such as advertisers. For example, we use third-party companies to give you more personalized ads when you visit other websites. You can sign up for these cookies using your browser settings.

CATEGORY 5: SOCIAL MEDIA COOKIES These cookies let you share what you did on your site on social media such as Facebook, for example. See the appropriate privacy policies for how their cookies work.

If you want to delete all the cookies that are already on your computer, see the help and assistance area in your browser for instructions on locating the file or directory that stores cookies. Information about deleting or controlling cookies is available at www.AboutCookies.org. Keep in mind that by deleting cookies or by disabling future cookies, you may not be able to access certain areas or features of our site.

You can withdraw your consent for these cookies at any time through the following options:

• Google Analytics cookies on all websites, access the Google Analytics exclusion browser extensions;

• other third-party cookie-related cookies, visit www.youronlinechoices.eu.

• any other type of cookies, you can clean cookies through browser settings.

Keep in mind that denying cookies does not mean you will not get online advertising anymore. This means that the company or companies you opted out of will no longer offer ads tailored to web preferences and usage patterns, so you may see more ads that are irrelevant to you and your preferences.

6. WHAT DO YOU LEAVE ACCESS TO YOUR INFORMATION?

To provide our site and services, we work with a number of carefully selected third parties with whom we can share your information.

EVALUATION AND TRANSFER OF PERSONAL INFORMATION

An operator may transfer customer personal information to third-party primary data providers ("processors") for business purposes to perform their contractual obligations.

The Contributor will make every effort to ensure that all processors will apply industry best practices to protect personal information and will not use personal information for purposes other than those agreed with the controller.

For example, the controller can share personal information with the following categories of processors:

• Courier and postal operators;

• Storage and storage centers;

• Advertising, digital, marketing and social media;

• IT Service Providers;

• Customer Service Providers;

• Payment service providers.

In such cases, the exchange of personal information with the processors is necessary for the operator to fulfill its contractual obligations and also to improve the products and services of the site.

Users may request an updated list of processors involved in processing personal information relevant to the site's activities by writing an email to: comenzi@florariairis.ro

An operator must always retain the right to disclose personal information about users, as required by law (for example, in response to law enforcement requests) and, where necessary, to protect the rights of the operator, affiliates or third parties.

In addition, personal information may be disclosed to other companies within the same corporate group of each operator or third parties in the event of a corporate restructuring process in full compliance with the applicable law.

In all other cases, the exchange of personal information will be subject to the prior and explicit consent of the user, unless processing is allowed on an alternative legal basis.

The Operator will not transfer personal information outside of the European Economic Area (EEA), unless the user has explicitly authorized such transfer and the transfer of personal information outside the EEA is permitted by GDPR on another legal basis.

7. SECURITY, PROCESSING METHODS AND DESECURITY MEASURES

User's personal information is processed by the operator using automated, electronic and electronic tools and, in limited cases, by using documentary means. According to the GDPR, specific security measures have been implemented to prevent data loss, illegal or inappropriate use and unauthorized access.

Only authorized operator employees and authorized third-party vendors who act as processors on behalf of the operator have access to personal information related to the site's activities. Data processing agreements are in place with processors to ensure that they always meet the security level required by GDPR while processing personal information related to the site's activities.

Although the site adopts primary security measures to prevent the loss, destruction or diffusion of personal information, it can not exclude the safety risks that are naturally involved by online data transmission. The user accepts the inherent risks of providing personal information on the Internet and will not hold the site responsible for any breach of security unless such breach is due to the negligence of the site or the intention to default.

8. HOW MUCH TIME WE KEEP YOUR INFORMATIONS?

We keep the data you provide for as long as you have your account with us and then for a period during which you may have questions or a complaint about our services despite any longer retention period that we may be required to we comply with the legal requirements applicable to us.

Under certain circumstances, you can ask us to delete the data as outlined below.

Once you have stopped using our services, we may store the information in an aggregate and anonymous format.

We keep the data you provide for as long as it is necessary to provide users and customers with the services they require or to meet legal or tax obligations or for the minimum period required by law.

In order to determine the appropriate retention period for personal information stored by the Site on the basis of the user's consent, the controller will consider several factors to ensure that personal information is not stored longer than the required or appropriate period. These criteria will also include:

• the purpose for which the site has personal information;

• legal, tax, and regulatory obligations in relation to this personal information;

• the type of ongoing relationship with the user or customer concerned (how often the user logs into his / her account, whether users continue to receive marketing communications, how often they navigate or buy on the site, etc.);

• any specific user request related to the deletion of personal information;

• legitimate business interests.

The site will promptly delete or delete anonymous personal information that is no longer required or kept under the law.

9. WHAT ARE YOUR RIGHTS?

You have certain rights with respect to the personal data we hold about you, which is detailed below.

In this case, within GDPR, users also have the rights to:

• Be aware of the collection and use of their personal information;

• Easily access their personal information;

• Inaccurate personal information corrected or filled in (when incomplete);

• Deleting personal information ("the right to be forgotten");

• Under specific conditions, you get the restriction or suppression of their personal information;

• Obtaining and re-using personal information for own purposes in different services when processing is based on a contract or consent, and processing is done by automated means ("data portability");

• Under specific circumstances, oppose the processing of their personal information;

• Object at any time the use of personal information for "profiling" or "automation of decisions" purposes.

• The right to lodge complaints about the collection and processing of personal information to the competent supervisory authority;

• The right to withdraw at any time the consent to the processing of personal information.

To exercise any of your rights, users may contact the site at the following email address: comenzi@florariairis.ro

10. RECLAMATIONS

If you have any questions or concerns about this privacy policy, please contact us:

• by sending an e-mail to comenzi@florariairis.ro

This is without prejudice to your right to file a complaint with the EU Data Protection Supervisor where you live or work if you believe that we have breached data protection laws. "

1. UPDATING OF THIS POLICY

Any subsequent changes to this Privacy Policy will be displayed on the Site and, if applicable, will be notified to users by email. Users are encouraged to read this privacy policy frequently to check for any updates or changes.

Last Updated: June 2018