Privacy Policy

The Privacy Policy outlines the principles of processing information about you, including personal data and cookies (commonly referred to as “cookies”).

1. General Information

This policy applies to the website operating under the URL: neverfade-florals.com.

The operator of the website and the Data Controller is:

Elena Polyakova
Cybernetyki 3B
Contact email address: lena@neverfade-florals.com

The Operator is the Administrator of your personal data in relation to data voluntarily provided on the website.

The website uses personal data for the following purposes:

  • Running a newsletter
  • Conducting online chat conversations
  • Handling inquiries via the contact form
  • Preparing, packing, and shipping goods
  • Providing ordered services
  • Collecting debts
  • Presenting offers or information

The website gathers information about users and their behavior in the following ways:

  • Through data voluntarily entered in forms, which are entered into the Operator’s systems.
  • By saving cookies on user devices.

2. Selected Methods of Data Protection Used by the Operator

  • Login and personal data entry points are protected at the transmission layer (SSL certificate). This ensures that personal data and login credentials entered on the website are encrypted on the user’s computer and can only be read on the target server.
  • Personal data stored in the database is encrypted in a way that only the Operator has the key to decrypt it. This protects the data in case the database is stolen from the server.
  • User passwords are stored in a hashed form. Hashing is a one-way function that cannot be reversed, which is the contemporary standard for storing user passwords.
  • Two-factor authentication is used on the website as an additional layer of protection for logging in.
  • The Operator periodically changes administrative passwords.
  • The Operator regularly performs backups to protect data.
  • An important element of data protection is the regular updating of all software used by the Operator to process personal data, particularly programming components.

3. Hosting

The website is hosted (technically maintained) on the servers of another company.

The hosting provider ensures technical reliability by maintaining server logs, which may include:

  • Resources identified by URL (addresses of requested pages or files),
  • Time of the request,
  • Time of the server response,
  • Client station name – identified by the HTTP protocol,
  • Information about errors that occurred during the HTTP transaction,
  • URL of the previously visited page (referrer link), if the visit to the website was made via a link,
  • User’s browser information,
  • IP address,
  • Diagnostic information related to self-managed services ordered via website forms,
  • Information related to email correspondence directed to and from the Operator.

4. Your Rights and Additional Information on How Your Data is Used

In some cases, the Administrator has the right to transfer your personal data to other recipients, if it is necessary for contract execution or to fulfill the Administrator’s legal obligations. This applies to the following groups of recipients:

  • Hosting companies on a delegation basis,
  • Couriers,
  • Postal operators,
  • Insurers,
  • Banks,
  • Payment operators,
  • Public authorities,
  • Online chat operators,
  • Authorized employees and associates who use the data to achieve the site’s objectives.

Your personal data is processed by the Administrator no longer than necessary to perform related activities specified by separate regulations (e.g., accounting). Regarding marketing data, the data will not be processed for more than three years.

You have the right to request from the Administrator:

  • Access to your personal data,
  • Correction of data,
  • Deletion of data,
  • Restriction of processing,
  • Data portability.

You have the right to object to processing specified in point 3.2, including profiling for the purposes of legitimate interests pursued by the Administrator. However, the right to object cannot be exercised if there are legally justified grounds for processing that override your interests, rights, and freedoms, particularly the establishment, investigation, or defense of claims.

You have the right to file a complaint with the President of the Office for Personal Data Protection, ul. Stawki 2, 00-193 Warsaw.

Providing personal data is voluntary but necessary for the website’s operation.

Automated decision-making, including profiling, may be performed with respect to you to provide services under the contract and for the Administrator’s direct marketing.

Personal data is not transferred to third countries within the meaning of data protection regulations. This means your data is not sent outside the European Union.

5. Information in Forms

The website collects information provided voluntarily by the user, including personal data, if provided.

The website may save information about connection parameters (timestamp, IP address).

In some cases, the website may save information to link data in the form with the user’s email address who filled out the form. In such cases, the user’s email address appears inside the URL of the page containing the form.

Data provided in the form is processed for purposes resulting from the function of a specific form, such as handling a service request or commercial contact, service registration, etc. Each time the context and description of the form clearly indicate its purpose.

6. Administrator Logs

Information about user behavior on the website may be subject to logging. These data are used for website administration.

7. Key Marketing Techniques

The Operator uses statistical analysis of website traffic through Google Analytics (Google Inc., USA). The Operator does not provide personal data to the operator of this service, only anonymized information. The service is based on the use of cookies on the user’s device. Regarding user preferences collected by the Google advertising network, the user can view and edit information derived from cookies using the following tool: https://www.google.com/ads/preferences/.

The Operator uses remarketing techniques to match advertising messages to the user’s behavior on the website, which might give the impression that personal data is being used to track the user, but in practice, no personal data is transferred from the Operator to advertising operators. The technological requirement for such actions is the enabled cookie support.

The Operator uses the Facebook pixel. This technology ensures that Facebook (Facebook Inc., USA) knows that a person registered there is using the website. The Operator does not transfer any additional personal data to Facebook. The service is based on the use of cookies on the user’s device.

The Operator uses solutions that automate the functioning of the website concerning users, e.g., sending an email to the user after visiting a specific page, provided the user has agreed to receive commercial correspondence.

8. Information About Cookies

The website uses cookies.

Cookies are IT data, in particular text files, stored in the user’s end device and intended for use with the website. Cookies usually contain the name of the website they come from, the duration of storage on the end device, and a unique number.

The entity placing cookies on the user’s end device and accessing them is the Operator of the website.

Cookies are used for the following purposes:

  • Maintaining the user’s session (after logging in), so the user does not have to re-enter login and password on each subpage of the website.
  • Achieving the purposes specified above in the “Key Marketing Techniques” section.

The website uses two main types of cookies: “session” cookies and “persistent” cookies. “Session” cookies are temporary files stored on the user’s end device until they log out, leave the website, or turn off the software (web browser). “Persistent” cookies are stored on the user’s end device for the time specified in the cookie parameters or until deleted by the user.

Web browser software usually allows cookies to be stored on the user’s end device by default. Users of the website can change their settings in this regard. The web browser enables the deletion of cookies. It is also possible to automatically block cookies. Detailed information on this topic is provided in the help or documentation of the web browser.

Restrictions on the use of cookies may affect some of the functionalities available on the website.

Cookies placed on the user’s end device may also be used by entities cooperating with the website operator, particularly Google (Google Inc., USA), Facebook (Facebook Inc., USA), and Twitter (Twitter Inc., USA).

9. Managing Cookies – How to Give and Withdraw Consent in Practice

If the user does not want to receive cookies, they can change their browser settings. Note that disabling cookies necessary for authentication, security, and user preference maintenance processes may hinder or, in extreme cases, prevent the use of the website.

To manage cookie settings, select your web browser from the list below and follow the instructions:

  • Edge
  • Internet Explorer
  • Chrome
  • Safari
  • Firefox
  • Opera

For mobile devices:

  • Android
  • Safari (iOS)
  • Windows Phone

This policy template was generated for informational purposes based on our knowledge, industry practices, and legal regulations as of August 14, 2018. We recommend reviewing the template before using it on your website.