Introduction
Garage des Fleurs is a service that provides you with fresh flower bouquets and arrangements.
We care about our clients and their privacy and take this issue very serious. We are committed to protecting the information you have entrusted us with.
The following data protection statement informs you about the way we handle your personal data when you visit our website and contact us by e-mail. We also outline the way in which the data from our Facebook fanpage is processed.
We care about our clients and their privacy and take this issue very serious. We are committed to protecting the information you have entrusted us with.
The following data protection statement informs you about the way we handle your personal data when you visit our website and contact us by e-mail. We also outline the way in which the data from our Facebook fanpage is processed.
The controller - Who is responsible for collecting and using your data?
The controller and responsible party for the collection and processing of your data, within the meaning of the General Data Protection Regulation (GDPR), is:
Garage des Fleurs GmbH
Reifträgerweg 6
14129 Berlin
We decide about the purposes and means of processing personal data. If you have any questions or complaints regarding our data protection policy or practices, or if you have an unresolved privacy concern that we have not successfully addressed, please contact [email protected]
Garage des Fleurs GmbH
Reifträgerweg 6
14129 Berlin
We decide about the purposes and means of processing personal data. If you have any questions or complaints regarding our data protection policy or practices, or if you have an unresolved privacy concern that we have not successfully addressed, please contact [email protected]
The Data, Purpose and Legal Basis - What do we use your information for?
Access and Functionality of our Website
When you visit our website your browser transmits certain data to our web server, where they are stored temporarily. This includes the following data:
We process the data listed above in accordance with Art. 6 (1) (f) GDPR based on the legitimate interest to provide access to our website and its basic functionality. The data is stored for a maximum of 13 months.
When you visit our website your browser transmits certain data to our web server, where they are stored temporarily. This includes the following data:
- your IP address and service provider
- the transferred amount of data
- date, time and duration of your visit
- the requested website and its content
- access status/HTTP status code
- the name and version of the browser you use, display Resolution and operating system of your device
- your language settings and region
We process the data listed above in accordance with Art. 6 (1) (f) GDPR based on the legitimate interest to provide access to our website and its basic functionality. The data is stored for a maximum of 13 months.
Presentation of our Website
Google Fonts
We have embedded "Google Fonts", a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, on our website. According to Google, the user data collected (including IP address) is used solely for the purpose of displaying the fonts in your browser. No cookies are placed or used to provide the typefaces we use on our website. The use is based on our legitimate interests, in accordance with Art. 6 (f) GDPR, in a secure, maintenance-free and efficient use of fonts and the uniform presentation of such fonts. To prevent detection by Google Fonts, disable JavaScript in your browser. To get more information about the privacy policy from Google, visit https://www.google.com/policies/privacy/.
Typekit
We also use Adobe's Typekit, a service provided by Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland, for the design of our website. Again, no cookies are placed or used to provide the presentation of the fonts. To get more information about the privacy policy from Adobe, visit https://www.adobe.com/privacy/policy.html.
Cookies and Performance Analysis on our Website
To provide functionality to our website as well as analyze and better understand how you use our website and services and to make them better, we utilize cookies. You know Hansel and Gretel? Cookies are like breadcrumbs that help us recognize whether you have been to our site before or not. They are small files placed and stored on your device by your web browser that contain certain information, like preferred language settings, and act as identifiers.
Below you will find information about what kind of cookies we utilise, the way we use them and what methods you can use to deactivate them.
Types of Cookies
We use first party cookies, i.e. cookies issued by our website. In addition, our website also contains third-party cookies that are set by servers of other providers and, in some cases, by our own website.
Some of the cookies we use are session cookies. These cookies are stored only for the duration of the time you spend visiting our website. When you close the website, the cookies are automatically deleted.
We also use persistent cookies which stay saved on your device, even after you closed the Website, and are automatically deleted after a predefined expiry date.
We have embedded "Google Fonts", a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, on our website. According to Google, the user data collected (including IP address) is used solely for the purpose of displaying the fonts in your browser. No cookies are placed or used to provide the typefaces we use on our website. The use is based on our legitimate interests, in accordance with Art. 6 (f) GDPR, in a secure, maintenance-free and efficient use of fonts and the uniform presentation of such fonts. To prevent detection by Google Fonts, disable JavaScript in your browser. To get more information about the privacy policy from Google, visit https://www.google.com/policies/privacy/.
Typekit
We also use Adobe's Typekit, a service provided by Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland, for the design of our website. Again, no cookies are placed or used to provide the presentation of the fonts. To get more information about the privacy policy from Adobe, visit https://www.adobe.com/privacy/policy.html.
Cookies and Performance Analysis on our Website
To provide functionality to our website as well as analyze and better understand how you use our website and services and to make them better, we utilize cookies. You know Hansel and Gretel? Cookies are like breadcrumbs that help us recognize whether you have been to our site before or not. They are small files placed and stored on your device by your web browser that contain certain information, like preferred language settings, and act as identifiers.
Below you will find information about what kind of cookies we utilise, the way we use them and what methods you can use to deactivate them.
Types of Cookies
We use first party cookies, i.e. cookies issued by our website. In addition, our website also contains third-party cookies that are set by servers of other providers and, in some cases, by our own website.
Some of the cookies we use are session cookies. These cookies are stored only for the duration of the time you spend visiting our website. When you close the website, the cookies are automatically deleted.
We also use persistent cookies which stay saved on your device, even after you closed the Website, and are automatically deleted after a predefined expiry date.
Purpose of our Cookies
Platform services and hosting
We use Weebly, a service provided by Squareup International Limited, 70 Sir John Rogerson's Quay, Dublin 2, Ireland, to host and operate our website, enabling us to provide our services. The cookies set by Weebly are only those that are used to make the website available, and the information is processed in accordance with Art. 6 (1) (f) GDPR based on our legitimate interest to provide you with the functionality of our website. For more information about the privacy policy of Weebly, please visit https://www.weebly.com/privacy. Weebly, Inc. is an US based company and processes the information outside of the EU/EEA. Weebly participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework.
Analytics
To understand how you and other users or visitors use our website and service, we have implemented Google Analytics, a service from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When you visit our website, Google sets a cookie on your device to be able to differentiate between you and other users and link the interactions you perform on our website accordingly. This interaction is recognized through a small JavaScript code, integrated on our website and performed on your computer, and then send to Google Analytics. This tells us, how long users stay on our site, what pages the look at or what region most of our users come from.
We use Google Analytics in conjunction with IP anonymization. This means that the IP address is shortened by Google within Member States of the European Union or in other countries party to the Agreement on the European Economic Area before it is sent to Google Analytics. Only in exceptional cases will the full IP address be transmitted to a Google server in the US and shortened there. The IP address is not merged with other Google data.
Google uses this information on our behalf to evaluate the data und create reports and statistics. We integrated Google Analytics in accordance with Art. 6 (1) (f) GDPR based on our legitimate interest to improve the accessibility of our website and service, to provide users with an optimal experience, to continually improve the site and to better serve our clients.
You can prevent the collection of information generated by the cookie and data processing by Google Analytics by following this link: https://tools.google.com/dlpage/gaoptout?hl=en.
Further information on data processing within the framework of Google Analytics, Google's privacy policy can be found under https://support.google.com/analytics/answer/6004245?hl=en. Google holds a Privacy Shield certification that ensures an adequate level of data protection.
Disabling Cookies
You can prevent the use of cookies by changing the corresponding settings in your browser. In this case you may not be able to use all functions of our website. In addition, cookies that have already been set can be deleted at any time. This is possible in all common Internet browsers. You can find out how to deactivate and/or delete cookies via the help functions of your Internet browser. Please note that the deactivation and/or deletion of cookies may result in certain features of our website no longer performing as expected. In addition, the deactivation and/or deletion of cookies only affects the specific Internet browser you used to perform this action. For other Internet browsers, the deactivation and/or deletion of cookies must be repeated accordingly.
Social media links
You will find links to social networks on our website. These are not social plugins provided by the social media provider, which transmit data to the provider immediately upon loading the page without the user being able to influence the process. Each button only contains a link to our profile on the respective social network. No user data is transferred from the website to the social network. With a click on the button you will be forwarded to the page of the social network and from this point on you will be on the website of the respective social network.
A Quick word about our Facebook Fanpage
Responsible for the management of our Facebook Fanpage https://de-de.facebook.com/leboxberlin/ as Joint Controller in accordance with Art. 26 GDPR are
Facebook Ireland Ltd. (nachfolgend „Facebook“) 4 Grand Canal Square
Grand Canal Harbour Dublin 2
Ireland
and
Garage des Fleurs GmbH
Reifträgerweg 6
14129 Berlin
If you use the Facebook direct messaging function to send us a request, e.g. regarding our service, we process your profile name and the content of the messages that you communicated to us to respond to your request in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest to effectively inform users and communicate with them.
In addition, user data is usually processed by Facebook for market research and advertising purposes (“Facebook Insights”). It is possible to create user profiles based on your behavior and the associated interests. The user profiles can in turn be used to place advertisements within and outside of facebook, which are supposed to correspond to the interests of the users. For this purpose, cookies are usually stored on your device. In addition, data can also be stored in the user profiles independently of the devices used by you. Especially if you logged in with your facebook profile.
We would like to emphasize that your data may be processed outside the EU/EEA. Please not that we take no decisions about the processing of user data by Facebook.
We refer to the following privacy policy https://www.facebook.com/about/privacy/ provided by Facebook for a detailed description of the respective processing and opt-out options.
To find information on the rights of data subjects please read the section on “Data subjects rights” of this privacy notice. With regard to information processing via our Facebook Fanpage, you can also invoke those rights against Facebook.
In the case of requests for information and the exercise of data subject rights, the most effective way of achieving results is often with the provider. Facebook has access to all your data and can directly take measures and provide information. You can nevertheless contact us if you need any help.
Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Email Requests
You can reach us via the e-mail address provided on our website. When you send us an e-mail, we collect, store and use the following data:
We use Weebly, a service provided by Squareup International Limited, 70 Sir John Rogerson's Quay, Dublin 2, Ireland, to host and operate our website, enabling us to provide our services. The cookies set by Weebly are only those that are used to make the website available, and the information is processed in accordance with Art. 6 (1) (f) GDPR based on our legitimate interest to provide you with the functionality of our website. For more information about the privacy policy of Weebly, please visit https://www.weebly.com/privacy. Weebly, Inc. is an US based company and processes the information outside of the EU/EEA. Weebly participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework.
Analytics
To understand how you and other users or visitors use our website and service, we have implemented Google Analytics, a service from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When you visit our website, Google sets a cookie on your device to be able to differentiate between you and other users and link the interactions you perform on our website accordingly. This interaction is recognized through a small JavaScript code, integrated on our website and performed on your computer, and then send to Google Analytics. This tells us, how long users stay on our site, what pages the look at or what region most of our users come from.
We use Google Analytics in conjunction with IP anonymization. This means that the IP address is shortened by Google within Member States of the European Union or in other countries party to the Agreement on the European Economic Area before it is sent to Google Analytics. Only in exceptional cases will the full IP address be transmitted to a Google server in the US and shortened there. The IP address is not merged with other Google data.
Google uses this information on our behalf to evaluate the data und create reports and statistics. We integrated Google Analytics in accordance with Art. 6 (1) (f) GDPR based on our legitimate interest to improve the accessibility of our website and service, to provide users with an optimal experience, to continually improve the site and to better serve our clients.
You can prevent the collection of information generated by the cookie and data processing by Google Analytics by following this link: https://tools.google.com/dlpage/gaoptout?hl=en.
Further information on data processing within the framework of Google Analytics, Google's privacy policy can be found under https://support.google.com/analytics/answer/6004245?hl=en. Google holds a Privacy Shield certification that ensures an adequate level of data protection.
Disabling Cookies
You can prevent the use of cookies by changing the corresponding settings in your browser. In this case you may not be able to use all functions of our website. In addition, cookies that have already been set can be deleted at any time. This is possible in all common Internet browsers. You can find out how to deactivate and/or delete cookies via the help functions of your Internet browser. Please note that the deactivation and/or deletion of cookies may result in certain features of our website no longer performing as expected. In addition, the deactivation and/or deletion of cookies only affects the specific Internet browser you used to perform this action. For other Internet browsers, the deactivation and/or deletion of cookies must be repeated accordingly.
Social media links
You will find links to social networks on our website. These are not social plugins provided by the social media provider, which transmit data to the provider immediately upon loading the page without the user being able to influence the process. Each button only contains a link to our profile on the respective social network. No user data is transferred from the website to the social network. With a click on the button you will be forwarded to the page of the social network and from this point on you will be on the website of the respective social network.
A Quick word about our Facebook Fanpage
Responsible for the management of our Facebook Fanpage https://de-de.facebook.com/leboxberlin/ as Joint Controller in accordance with Art. 26 GDPR are
Facebook Ireland Ltd. (nachfolgend „Facebook“) 4 Grand Canal Square
Grand Canal Harbour Dublin 2
Ireland
and
Garage des Fleurs GmbH
Reifträgerweg 6
14129 Berlin
If you use the Facebook direct messaging function to send us a request, e.g. regarding our service, we process your profile name and the content of the messages that you communicated to us to respond to your request in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest to effectively inform users and communicate with them.
In addition, user data is usually processed by Facebook for market research and advertising purposes (“Facebook Insights”). It is possible to create user profiles based on your behavior and the associated interests. The user profiles can in turn be used to place advertisements within and outside of facebook, which are supposed to correspond to the interests of the users. For this purpose, cookies are usually stored on your device. In addition, data can also be stored in the user profiles independently of the devices used by you. Especially if you logged in with your facebook profile.
We would like to emphasize that your data may be processed outside the EU/EEA. Please not that we take no decisions about the processing of user data by Facebook.
We refer to the following privacy policy https://www.facebook.com/about/privacy/ provided by Facebook for a detailed description of the respective processing and opt-out options.
To find information on the rights of data subjects please read the section on “Data subjects rights” of this privacy notice. With regard to information processing via our Facebook Fanpage, you can also invoke those rights against Facebook.
In the case of requests for information and the exercise of data subject rights, the most effective way of achieving results is often with the provider. Facebook has access to all your data and can directly take measures and provide information. You can nevertheless contact us if you need any help.
Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Email Requests
You can reach us via the e-mail address provided on our website. When you send us an e-mail, we collect, store and use the following data:
- First name, last name
- email address
- The contents of your message
Data Transfer - With whom and how do we share your information?
We will only transmit your personal data if there is a legal obligation to do so. The transmission takes place on the basis of Art. 6 (1) (c) GDPR (e.g. to law enforcement authorities in the context of criminal investigations or to the data protection authorities).
Retention Time - How long do we keep your data?
We store your data as long as this is necessary for the above-mentioned purposes. If these purposes no longer exist, we will delete your data.
We will delete your data unless we have other legal reasons for storing it further. If the data is not deleted because it is required for other and legally permissible purposes, its processing is restricted. This means that the data will be blocked and not processed for other purposes. Information that is collected in connection with tax and legal obligations is partially stored for a corresponding period of time. The retention periods may be up to ten years. In addition, it may occur that personal data must be stored for the period in which claims can be asserted against us (statutory limitation period of up to thirty years).
We will delete your data unless we have other legal reasons for storing it further. If the data is not deleted because it is required for other and legally permissible purposes, its processing is restricted. This means that the data will be blocked and not processed for other purposes. Information that is collected in connection with tax and legal obligations is partially stored for a corresponding period of time. The retention periods may be up to ten years. In addition, it may occur that personal data must be stored for the period in which claims can be asserted against us (statutory limitation period of up to thirty years).
Data Subject Rights - What rights do you have regarding the processing of your information?
As a person concerned, you have various rights in connection with the processing of your personal data.
If you wish to assert your rights to information, correction, deletion, restriction of processing, object to data processing or revoke your consent to data processing, please send an e-mail to [email protected]
Right to information
You have the right to information about your personal data processed by us and to the following information:
Right to rectification
You have the right to immediately request the rectification of inaccurate personal data concerning you and, taking into account the purposes of the processing, the completion of incomplete personal data - also by means of providing a supplementary statement.
Right to erasure
You have the right to request the immediate erasure of personal data concerning you and we are obliged to delete this data immediately if one of the following reasons applies:
These rights do not apply to the extent that processing is necessary.
Right to restriction of processing
You have the right to request us to restrict processing if one of the following conditions is met:
Right to data portability
You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit this data to another controller without hindrance, provided that the processing is based on a consent pursuant to Article 6 (1) lit. a) or Article 9 (2) lit.a ) GDPR or on a contract pursuant to Article 6 (1) lit. b) GDPR and the processing is carried out by automated means.
When exercising your right to data portability, you have the right to have your personal data transferred directly by us to another controller, insofar as this is technically feasible.
Right of objection
You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you which is based on Article 6(1) lit. e) or f) GDPR, including profiling based on these provisions. We will no longer process your personal data unless we can demonstrate compelling legitimate reasons for the processing that override your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims.
Right of revocation
You have the right to revoke your consent the processing of your personal data at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until revocation.
Right to lodge a complaint
If you consider that the processing of personal data concerning you infringes the GDPR, you can lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement.
If you wish to assert your rights to information, correction, deletion, restriction of processing, object to data processing or revoke your consent to data processing, please send an e-mail to [email protected]
Right to information
You have the right to information about your personal data processed by us and to the following information:
- the processing purposes;
- the categories of personal data being processed;
- the recipients or categories of recipients to whom the personal data have been or are being disclosed, in particular recipients in third countries or international organizations;
- if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration;
- the existence of a right to rectification or deletion of your personal data, to restricting the processing of your personal data or to object to such processing;
- the existence of a right of appeal to a supervisory authority;
- if the personal data is not collected from you, all available information about the origin of the data;
- the existence of automated decision-making, including profiling in accordance with Article 22 (1) and (4) GDPR and, at least in these cases, meaningful information on the logic involved and the scope and intended impact of such processing on the data subject.
- in the case of the transfer of personal data to a third country or an international organization, on the appropriate safeguards under Article 46 GDPR in relation to the transfer.
Right to rectification
You have the right to immediately request the rectification of inaccurate personal data concerning you and, taking into account the purposes of the processing, the completion of incomplete personal data - also by means of providing a supplementary statement.
Right to erasure
You have the right to request the immediate erasure of personal data concerning you and we are obliged to delete this data immediately if one of the following reasons applies:
- The personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
- You revoke your consent on which the processing was based under Article 6 (1) lit. a) or Article 9 (2) lit. a) of the GDPR and there is no other legal basis for the processing;
- You object to the processing pursuant to Article 21 (1) GDPR and there are no overriding legitimate grounds for processing or you object to the processing pursuant to Article 21 (2) GDPR;
- Your personal data has been processed unlawfully;
- The deletion of your personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which we are subject;
- The personal data have been collected in relation to information society services provided in accordance with Article 8 (1) GDPR.
These rights do not apply to the extent that processing is necessary.
- to exercise the right of freedom of expression and information;
- to fulfil a legal obligation required for processing under the law of the Union or of the Member States to which we are subject;
- to assert, exercise or defend legal claims.
Right to restriction of processing
You have the right to request us to restrict processing if one of the following conditions is met:
- the accuracy of the personal data is contested by you, for a period of time that enables us to verify the accuracy of the personal data;
- the processing is unlawful, and you oppose to delete the personal data and instead requests the restriction of the use of your personal data;
- we no longer need your personal data for the purposes of processing, but you do need it to assert, exercise or defend legal claims, or
- you have objected to the processing pursuant to Article 21 (1) GDPR pending the verification whether the legitimate interests of our company override your legitimate interests.
Right to data portability
You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit this data to another controller without hindrance, provided that the processing is based on a consent pursuant to Article 6 (1) lit. a) or Article 9 (2) lit.a ) GDPR or on a contract pursuant to Article 6 (1) lit. b) GDPR and the processing is carried out by automated means.
When exercising your right to data portability, you have the right to have your personal data transferred directly by us to another controller, insofar as this is technically feasible.
Right of objection
You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you which is based on Article 6(1) lit. e) or f) GDPR, including profiling based on these provisions. We will no longer process your personal data unless we can demonstrate compelling legitimate reasons for the processing that override your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims.
Right of revocation
You have the right to revoke your consent the processing of your personal data at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until revocation.
Right to lodge a complaint
If you consider that the processing of personal data concerning you infringes the GDPR, you can lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement.
Contact and Supervisory Authority
If you have further questions or suggestions regarding this privacy policy or our data processing, please contact us at [email protected].
You may of course contact us if you have a complaint about how we collect, store and use your personal information. We aim to provide the best possible solution to your concerns. Should you not be satisfied with our response, you are welcome to contact the competent supervisory authority
The supervisory authority which is competent at our place is:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstraße 219
10969 Berlin
Phone: 030/138 89-0
Fax: 030/215 50 50
E- Mail: [email protected]
You may of course contact us if you have a complaint about how we collect, store and use your personal information. We aim to provide the best possible solution to your concerns. Should you not be satisfied with our response, you are welcome to contact the competent supervisory authority
The supervisory authority which is competent at our place is:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstraße 219
10969 Berlin
Phone: 030/138 89-0
Fax: 030/215 50 50
E- Mail: [email protected]