Gdpr compliance statement

Effective Date:22/05/2025

At Floradream.de (hereafter referred to as „we,“ „us,“ or „our“), we are committed to protecting your privacy and personal data. As part of our compliance with the General Data Protection Regulation (GDPR), we outline how we collect, store, process, and protect your personal data, as well as your rights under the GDPR.

1. Data Controller Information

• Company Name: Floradream.de
• Address: Tüflweg 2, Aich, Fürstenfeldbruck, 82256, Germany
• Email: Contact@floradream.de
• Phone: +4915204780321

As the Data Controller, we are responsible for ensuring your personal data is processed securely and in accordance with applicable data protection laws.

2. Types of Personal Data We Collect

We collect personal data necessary for the provision of our services. The types of data we process include:

• Identification Information: Name, email address, phone number.
• Transaction Information: Payment details, billing address, delivery address, order history.
• Communication Data: Email correspondence, customer support requests.
• Usage Data: Cookies, website usage statistics, IP addresses, device information.

3. Purposes of Data Processing

We process your personal data for various purposes, including:

• Order Fulfillment: To process and deliver your orders.
• Customer Support: To respond to inquiries, assist with orders, and provide services.
• Marketing Communications: To send promotional emails, newsletters, or special offers (you can opt-out at any time).
• Legal Obligations: To comply with legal obligations, such as accounting and tax requirements.

The legal bases for processing your data include:

• Contractual Necessity: To fulfill contracts you have with us.
• Consent: For marketing communications and optional data collection (e.g., cookies).
• Legitimate Interests: To improve our services, enhance customer experience, and communicate with you about our products.
• Legal Obligation: To comply with legal and regulatory requirements.

4. Sharing of Personal Data

We do not sell or share your personal data with third parties for marketing purposes. However, we may share your personal data in the following cases:

• Service Providers: We may share your personal data with third-party service providers (e.g., payment processors, delivery companies) who assist us in fulfilling your orders or providing services on our behalf.
• Legal Requirements: We may disclose your data to authorities or legal bodies when required by law or in the case of suspected fraud or other legal matters.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new entity.

We ensure that third-party service providers comply with appropriate data protection standards, and their use of your data is governed by a contract that ensures the security and confidentiality of your personal data.

5. Data Retention

We retain your personal data only for as long as necessary for the purposes set out in this policy or to fulfill our legal obligations. This includes:

• Order and Transaction Data: Retained for 7-10 years to comply with accounting laws.
• Account Information: Retained until you request deletion of your account.

After the retention period, your personal data will be securely deleted or anonymized.

6. Your Rights Under the GDPR

Under the GDPR, you have the following rights regarding your personal data:

• Right of Access: You have the right to request a copy of the personal data we hold about you.
• Right to Rectification: You can request corrections if the personal data we hold is inaccurate or incomplete.
• Right to Erasure: You have the right to request deletion of your personal data, subject to certain exceptions.
• Right to Restrict Processing: You can request that we restrict the processing of your personal data under specific circumstances.
• Right to Data Portability: You can request to receive your data in a structured, commonly used, and machine-readable format, and request its transfer to another controller.
• Right to Object: You can object to the processing of your data in certain situations, including for direct marketing purposes.
• Right to Withdraw Consent: If we process your data based on consent, you can withdraw that consent at any time.
• Right to Lodge a Complaint: If you believe that we are processing your personal data in violation of the GDPR, you have the right to lodge a complaint with the relevant supervisory authority.

To exercise any of these rights, please contact us at Contact@floradream.de. We will respond to your request in accordance with GDPR guidelines.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction. This includes encryption, secure data storage, and access controls. However, no data transmission over the internet is 100% secure, so we cannot guarantee absolute security.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience on our website, improve functionality, and analyze usage patterns. For more information on how we use cookies, please refer to our Cookie Policy.

9. Changes to This Privacy Policy

We may update this GDPR Compliance Statement to reflect changes in our data processing practices or legal requirements. Any updates will be posted on this page, and the effective date will be revised accordingly.

10. Contact Information

If you have any questions or concerns about how we process your personal data, or if you wish to exercise your rights under the GDPR, please contact us at:

• Email: Contact@floradream.de
• Phone: +4915204780321
• Postal Address: Tüflweg 2, Aich, Fürstenfeldbruck, 82256, Germany

This GDPR Compliance Statement ensures that Floradream.de adheres to the strict data protection principles outlined by the General Data Protection Regulation (GDPR). It provides transparency about how we handle customer data, ensuring that you are informed about your rights and how to exercise them.