Privacy policy

Policy summary

Personal Data processed for the following purposes and using the following services:

Access to third-party accounts

Facebook account access

Permissions: Tracker

Advertising

Google Ad Manager, Google AdSense, Criteo and Facebook Lookalike Audience

Personal Data: Tracker; Usage Data

Facebook Audience Network

Personal Data: Tracker; unique device identifiers for advertising (Google Advertiser ID or IDFA, for example); Usage Data

Google Ads conversion tracking

Personal Data: Trackers; Usage Data

Analytics

Google Analytics (Universal Analytics) and Google Analytics (Universal Analytics) with anonymized IP

Personal Data: Tracker; Usage Data

Google Analytics Demographics and Interests reports

Personal Data: Tracker; unique device identifiers for advertising (Google Advertiser ID or IDFA, for example)

Analytics collected directly

Personal Data: Usage Data

Google Analytics Advertising Reporting Features

Personal Data: Tracker; unique device identifiers for advertising (Google Advertiser ID or IDFA, for example); various types of Data as specified in the privacy policy of the service

User ID extension for Google Analytics

Personal Data: Tracker

Connecting Data

Zapier

Personal Data: Data communicated while using the service

Contacting the User

Mailing list or newsletter

Personal Data: Tracker

Phone contact

Personal Data: phone number

Contact form

Personal Data: various types of Data

Content performance and features testing (A/B testing)

Google Optimize

Personal Data: Tracker; Usage Data

Displaying content from external platforms

Google Fonts, Google Site Search, Video Vimeo, Google Maps widget, Instagram widget and YouTube video widget

Personal Data: Tracker; Usage Data

YouTube video widget without cookies

Personal Data: Usage Data

Handling payments

Hipay

Personal Data: various types of Data as specified in the privacy policy of the service

PayPal

Personal Data: billing address; device information; email address; first name; last name; payment info; phone number; purchase history; Usage Data; various types of Data as specified in the privacy policy of the service

Heat mapping and session recording

Hotjar Heat Maps & Recordings

Personal Data: Tracker; Usage Data; various types of Data as specified in the privacy policy of the service

Hosting and backend infrastructure

ArubaCloud

Personal Data: various types of Data as specified in the privacy policy of the service

Interaction with data collection platforms and other third parties

Mailchimp widget

Personal Data: email address; first name; last name; phone number; Tracker

MailerLite widget

Personal Data: company name; country; email address; first name; last name; phone number; physical address; Tracker; Usage Data

Interaction with external social networks and platforms

LinkedIn button and social widgets, PayPal button and widgets and Facebook Like button and social widgets

Personal Data: Tracker; Usage Data

Interaction with live chat platforms

Zendesk Chat

Personal Data: Data communicated while using the service

Location-based interactions

Geolocation and Non-continuous geolocation

Personal Data: geographic position

Managing contacts and sending messages

Mailchimp

Personal Data: various types of Data

Managing data collection and online surveys

Hotjar surveys

Personal Data: Data communicated while using the service

Managing support and contact requests

Zendesk

Personal Data: various types of Data as specified in the privacy policy of the service

Registration and authentication

Mailchimp OAuth

Personal Data: various types of Data as specified in the privacy policy of the service

Facebook Authentication

Personal Data: Tracker; various types of Data as specified in the privacy policy of the service

Facebook Oauth

Personal Data: Tracker; various types of Data

Remarketing and behavioral targeting

Facebook Remarketing

Personal Data: Tracker; Usage Data

Facebook Custom Audience

Personal Data: email address; Tracker

Social features

Inviting and suggesting friends

Personal Data: various types of Data

SPAM protection

Google reCAPTCHA

Personal Data: answers to questions; clicks; keypress events; motion sensor events; mouse movements; scroll position; touch events; Tracker; Usage Data

Tag Management

Google Tag Manager

Personal Data: Usage Data

Traffic optimization and distribution

Cloudflare

Personal Data: various types of Data as specified in the privacy policy of the service

information on opting out of interest-based advertising

In addition to any opt-out feature provided by any of the services listed in this document, Users may learn more on how to generally opt out of interest-based advertising within the dedicated section of the Cookie Policy.

Further information about the processing of Personal Data

Analysis and predictions based on the User’s Data (“profiling”)

The Owner may use the Personal and Usage Data collected through FLOWERMOUNTAIN to create or update User profiles. This type of Data processing allows the Owner to evaluate User choices, preferences and behaviour for the purposes outlined in the respective section of this document.

User profiles can also be created through the use of automated tools like algorithms, which can also be provided by third parties. To find out more about the profiling activities performed, Users can check the relevant sections of this document.

The User always has a right to object to this kind of profiling activity. To find out more about the User's rights and how to exercise them, the User is invited to consult the section of this document outlining the rights of the User.

Browser Fingerprinting

Browser Fingerprinting creates an identifier based on a device's unique combination of characteristics (e.g. IP address, HTTP header, browser properties etc.), that allows to distinguish the User from other Users, thereby enabling to track the User's browsing behavior across the web. Browser Fingerprinting does not have an expiration date and cannot be deleted.

sessionStorage

sessionStorage allows FLOWERMOUNTAIN to store and access data right in the User's browser. Data in sessionStorage is deleted automatically when the session ends (in other words, when the browser tab is closed).

Automated decision-making

Automated decision-making means that a decision which is likely to have legal effects or similarly significant effects on the User, is taken solely by technological means, without any human intervention. FLOWERMOUNTAIN may use the User's Personal Data to make decisions entirely or partially based on automated processes according to the purposes outlined in this document. FLOWERMOUNTAIN adopts automated decision-making processes as far as necessary to enter into or perform a contract between User and Owner, or on the basis of the User’s explicit consent, where such consent is required by the law.

Automated decisions are made by technological means – mostly based on algorithms subject to predefined criteria – which may also be provided by third parties.

The rationale behind the automated decision making is:

to enable or otherwise improve the decision-making process;
to grant Users fair and unbiased treatment based on consistent and uniform criteria;
to reduce the potential harm derived from human error, personal bias and the like which may potentially lead to discrimination or imbalance in the treatment of individuals etc.;
to reduce the risk of User's failure to meet their obligation under a contract. To find out more about the purposes, the third-party services, if any, and any specific rationale for automated decisions used within FLOWERMOUNTAIN, Users can check the relevant sections in this document.

Consequences of automated decision-making processes for Users and rights of Users subjected to it

As a consequence, Users subject to such processing, are entitled to exercise specific rights aimed at preventing or otherwise limiting the potential effects of the automated decisions taken.

In particular, Users have the right to:

obtain an explanation about any decision taken as a result of automated decision-making and express their point of view regarding this decision;
challenge a decision by asking the Owner to reconsider it or take a new decision on a different basis;
request and obtain from the Owner human intervention on such processing.
To learn more about the User’s rights and the means to exercise them, the User is invited to consult the section of this document relating to the rights of the User.

iubenda Consent Solution localStorage

iubenda ConS JS library localStorage (IUB_DATA) temporarily stores pending data in a storage space internal to the User's browser (localStorage) until it's received by the API, then it is deleted.

localStorage

localStorage allows FLOWERMOUNTAIN to store and access data right in the User's browser with no expiration date.

Pseudonymous use

When registering for FLOWERMOUNTAIN, Users have the option to indicate a nickname or pseudonym. In this case, Users' Personal Data shall not be published or made publicly available. Any activity performed by Users on FLOWERMOUNTAIN.COM shall appear in connection with the indicated nickname or pseudonym. However, Users acknowledge and accept that their activity on FLOWERMOUNTAIN, including content, information or any other material possibly uploaded or shared on a voluntary and intentional basis may directly or indirectly reveal their identity.

Selling goods and services online

The Personal Data collected are used to provide the User with services or to sell goods, including payment and possible delivery.

The Personal Data collected to complete the payment may include the credit card, the bank account used for the transfer, or any other means of payment envisaged. The kind of Data collected by FLOWERMOUNTAIN depends on the payment system used.

User identification via a universally unique identifier (UUID)

FLOWERMOUNTAIN may track Users by storing a so-called universally unique identifier (or short UUID) for analytics purposes or for storing Users' preferences. This identifier is generated upon installation of this Application, it persists between Application launches and updates, but it is lost when the User deletes the Application. A reinstall generates a new UUID.

Personal Data collected through sources other than the User

The Owner of FLOWERMOUNTAIN.COM may have legitimately collected Personal Data relating to Users without their knowledge by reusing or sourcing them from third parties on the grounds mentioned in the section specifying the legal basis of processing.

Where the Owner has collected Personal Data in such a manner, Users may find specific information regarding the source within the relevant sections of this document or by contacting the Owner.

Site specific TCF v1 Cookie (euconsent)

Site specific TCF v1 Cookie (euconsent) stores User advertising tracking preferences in the local domain.

iubenda Cookie Solution (consent Cookie)

iubenda consent Cookie (_iub_cs-X) is set by the iubenda Cookie Solution and stores User preferences related to Trackers in the local domain.

iubenda Cookie Solution (remote consent Cookie)

Remote iubenda consent Cookie (_iub_cs-X) is set by the iubenda Cookie Solution and stores User preferences related to Trackers under the .iubenda.com domain.

Site specific TCF v2 Cookie (euconsent-v2)

Site specific TCF v2 Cookie (euconsent-v2) stores User advertising tracking preferences in the local domain.

Preference Cookies

Preference Cookies store the User preferences detected on FLOWERMOUNTAIN in the local domain such as, for example, their timezone and region.

Access the address book

FLOWERMOUNTAIN may request access to your address book.