This Privacy Policy sets out the ways in which Flower Pay gathers, uses, discloses and protects the Personal Data You entrust to Us when You visit the Website or make use of Our Services.
At Flower Pay Limited (which trades as "Flower Pay" and is referred to in this document as "Flower Pay", "We", "Us" or "Our") We regard the confidentiality of those who use Our Services as a serious responsibility. In keeping with that undertaking, We consider it right to be open with You about how We, along with those acting on Our behalf, deal with the information We gather about Our users, the moments at which it is gathered, and the ends to which it is put.
This document (the "Policy") relates to the site located at https://flower-pay.com (the "Website"). Within it, You ("You", "Your" or the "User") will find an account of the categories of information We obtain about Users of the Website, when it is obtained, how it is used, the circumstances in which it is passed to others and how long it is kept, together with the entitlements that belong to You.
Wherever this Policy speaks of "Personal Data", it means any information relating to a natural person who is identified or who is capable of being identified, whether from that information alone or when it is read together with further information that We hold or are able to obtain.
When do We collect information about You?
We may obtain Personal Data about You in the following situations:
- when You reach or use the Website, together with the offerings provided through it (the "Services"); and
- when You correspond with Us, whether by email or through any other means of contact.
No law requires You to supply any information about Yourself, and whatever You share is given of Your own accord. However, should You decide not to provide certain details, We may be unable to make some or all of the Services available to You.
What type of information do We collect?
We, or parties acting for Us, may gather the following categories of Personal Data about You:
- Information about Your use of the Website — records of Your online behaviour and technical traffic data, such as Your IP address, the date and time of access, the web or mobile pages You open, the language You use, reports produced when software fails, the browser You rely on and particulars of the device You use. Some of these details cannot, on their own, point to You as an individual and therefore fall outside the meaning of Personal Data.
- Information about Your activity on the Website — each time You use the Website We observe and log what You do, including the searches You run, the material You view, how long You engage with it and the way in which You interact with the Website.
- Information from Your communications — when You get in touch with Us (whether via the Website or another route), You may give Us Your full name, the organisation with which You are connected, Your address, Your contact particulars (for instance Your email address and telephone number) and the content of Your message to Us.
Ensuring that the information You give to Us (or to others acting for Us) is accurate rests with You. Information that is incorrect may reduce Our ability to deliver certain Services and to reach You in the manner described in this Policy.
What is the legal basis for processing Your Personal Data?
Our processing of Personal Data is founded on one or more of the following lawful grounds:
- Performance of a contract — where the processing is needed in order to provide the Services to You.
- Legitimate interests — for purposes such as preventing fraud, conducting analytics, maintaining security and improving the Services.
- Legal obligations — in order to comply with the laws and regulatory requirements that apply to Us, including those governing anti-money-laundering and the provision of financial services.
- Consent — where You have expressly agreed, for example to receive marketing communications from Us.
How do We use Personal Data?
The Personal Data We hold about You may be used for any of the following purposes:
- to run, maintain and enhance the Website and the Services;
- to reach You for operational, customer-support or security reasons;
- to tailor content or offers to You;
- to address Your questions, requests or complaints;
- to send You promotional material, where You have consented to receive it;
- to carry out and support the work that underpins how the Services are offered and delivered, spanning back-office operations, business development, strategic planning and financial management;
- to protect the interests of Us and of others, including the bringing, pursuit or defence of legal claims;
- to fulfil the legal and regulatory obligations that apply to Us.
What rights do You have?
Subject to the law that applies to You, the following entitlements may be available:
- Right of access — to request a copy of whatever Personal Data We hold on You.
- Right to rectification — to have Personal Data that is inaccurate or incomplete put right.
- Right to erasure (the "right to be forgotten") — to request that Your Personal Data be deleted, save where the law permits or requires Us to retain it.
- Right to restriction — to ask that Our processing be limited in defined circumstances.
- Right to data portability — to obtain the Personal Data You have given Us in a structured, commonly used and machine-readable form.
- Right to object — to object where processing relies on legitimate interests, or where it is carried out for direct marketing.
- Right to withdraw consent — to withdraw consent previously given, where consent is the basis on which We process.
To act on any of these entitlements, please write to Us at privacy@flower-pay.com. You are also entitled to raise a complaint with the data-protection authority responsible for Your area.
How and with whom do We share Personal Data?
We will not reveal or pass on Personal Data about You to anyone else except as set out in this Policy.
We may pass Personal Data to companies that control Us, that We control, or that sit under common control or ownership alongside Us (together, the "Group"). Members of the Group may use that Personal Data to support the Group's needs.
In addition, We may disclose Personal Data about You to the following recipients or for the following reasons:
- where You have consented or instructed Us to do so;
- to suppliers who deliver Website- and Services-related functions on Our behalf, such as hosting, identity checks, analytics, communications and security, acting under contract and on Our instructions;
- to regulated banking, acquiring and payment providers where their involvement is required to carry out transactions and effect settlements;
- to regulators, law-enforcement bodies and other authorities where the law obliges or permits Us to make the disclosure;
- as part of a merger, acquisition, sale, assignment, insolvency or comparable transaction, where Personal Data may pass to a successor or acquirer;
- to defend the rights, property and interests of Us and of others, and to satisfy a court order or another legal requirement.
Do We transfer Personal Data to other countries?
We may send Personal Data about You beyond the territory where You are located and hold it in other countries, whose data-protection and other laws may offer weaker safeguards than those of Your own jurisdiction. Whenever this occurs, We will take measures to see that Your Personal Data continues to receive a suitable level of protection, for instance through the use of recognised standard contractual terms or an applicable adequacy decision.
How long do We keep Personal Data?
We keep Personal Data relating to You for no longer than is needed to accomplish the purposes for which it was gathered. In some cases We may keep it for longer where doing so is necessary to meet legal, regulatory, anti-money-laundering or tax obligations that fall on Us. Once the applicable retention period has ended, We securely destroy the data or render it anonymous.
Will this Policy change?
We may revise this Policy from time to time. Where We do, the updated version will be published on this page together with a revised effective date.
How can You contact Us?
For questions relating to privacy, please reach Us at privacy@flower-pay.com. For matters concerning regulation and compliance, You may also write to Us at compliance@flower-pay.com.