GDPR Compliance
Our commitment to protecting your data privacy rights
1. Introduction
Tech Floral is committed to complying with the General Data Protection Regulation (GDPR), which came into effect on May 25, 2018. This page outlines our GDPR compliance measures and your rights as a data subject.
2. Data Controller Information
Data Controller: Tech Floral Inc.
Address: 123 Flower Street, Suite 100, San Francisco, CA 94102, USA
Email: [email protected]
Data Protection Officer: Jane Smith ([email protected])
3. Your Rights Under GDPR
As an EU resident, you have the following rights regarding your personal data:
3.1 Right to Access (Article 15)
You have the right to obtain confirmation that we process your personal data and to request a copy of that data.
3.2 Right to Rectification (Article 16)
You have the right to request that we correct any inaccurate or incomplete personal data.
3.3 Right to Erasure ("Right to be Forgotten") (Article 17)
You have the right to request the deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.
3.4 Right to Restrict Processing (Article 18)
You have the right to request that we restrict the processing of your personal data in certain circumstances.
3.5 Right to Data Portability (Article 20)
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
3.6 Right to Object (Article 21)
You have the right to object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
3.7 Right to Withdraw Consent (Article 7)
Where we rely on your consent to process your data, you have the right to withdraw that consent at any time.
4. Legal Basis for Processing
We process personal data on the following legal bases:
- Contract: Processing necessary for the performance of a contract with you
- Consent: Processing based on your explicit consent
- Legitimate Interests: Processing necessary for our legitimate business interests
- Legal Obligation: Processing necessary to comply with legal obligations
5. Data Transfers
As a US-based company, we may transfer your personal data outside the European Economic Area (EEA). When we do so, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses approved by the European Commission
- Certification under the EU-US Data Privacy Framework
- Adequacy decisions for specific countries
6. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
- Account information: Retained while your account is active
- Transaction records: Retained for 7 years for tax and accounting purposes
- Marketing data: Retained until you unsubscribe or withdraw consent
- Log data: Retained for 12 months for security purposes
7. Data Breach Notification
In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach.
8. Automated Decision-Making
We do not use automated decision-making or profiling that produces legal effects concerning you or similarly significantly affects you.
9. Exercising Your Rights
To exercise any of your GDPR rights, please contact us:
- Email: [email protected]
- Postal: Data Protection Officer, Tech Floral Inc., 123 Flower Street, Suite 100, San Francisco, CA 94102, USA
We will respond to your request within one month. This period may be extended by two further months where necessary, taking into account the complexity and number of requests.
10. Complaints
If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local supervisory authority. A list of supervisory authorities can be found at: European Data Protection Board
11. Updates to This Notice
We may update this GDPR Compliance page from time to time. We will notify you of any material changes by posting the updated notice on this page.
12. Contact Us
For any questions regarding GDPR compliance or data protection, please contact our Data Protection Officer:
Email: [email protected]
Phone: +1 (800) 356-FLOR
Address: 123 Flower Street, Suite 100, San Francisco, CA 94102, USA