Privacy Policy for Medici Gardens
At Medici Gardens, located at 75 Tras Street, Unit 01-05, Singapore, Singapore, 079014, your privacy is paramount. This Privacy Policy describes how we collect, use, process, and protect your personal data when you interact with our services, including our fresh floral arrangements, bespoke bouquets for events, plant sales, floral design workshops, corporate floral services, wedding floral arrangements, garden consultations, and delivery services. We are committed to transparency and compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) to the extent it applies to our data processing activities, and Singapore's Personal Data Protection Act (PDPA).
1. Information We Collect
We collect various types of personal data to provide and improve our services.
- Personal Identifiable Information (PII): This includes your name, address, email address, phone number, and payment information when you make a purchase or book a service.
- Order and Service Details: Information related to your purchases, such as floral preferences, delivery instructions, recipient details for gifts, event dates, and workshop registrations.
- Communication Data: Records of your communications with us, including inquiries, feedback, and customer service interactions.
- Technical Data: When you visit our online platform, we may automatically collect technical data such as IP address, browser type, operating system, and usage patterns. This data is collected through cookies and similar technologies.
2. How We Use Your Information
We use the collected information for various purposes, primarily to fulfill our contractual obligations and improve your experience.
- To Process Orders and Deliver Services: Fulfilling your fresh floral arrangements, bespoke bouquets, plant sales, corporate floral services, wedding floral arrangements, and garden consultations, including delivery.
- To Manage Workshops: Processing registrations and communicating details for floral design workshops.
- Customer Support: Responding to your inquiries, providing assistance, and managing feedback.
- Marketing and Promotions: With your consent, we may send you information about new products, special offers, and upcoming events. You can opt-out at any time.
- Improve Our Services: Analyzing usage data to enhance our product offerings, website functionality, and overall customer experience.
- Legal Compliance: To comply with legal obligations, resolve disputes, and enforce our agreements.
3. Legal Basis for Processing (GDPR compliant)
We process your personal data based on the following legal grounds:
- Performance of a Contract: When processing is necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering into a contract (e.g., fulfilling your order).
- Legitimate Interests: Where processing is necessary for our legitimate interests or those of a third party, and your interests and fundamental rights do not override those interests (e.g., improving our services, preventing fraud).
- Consent: Where you have given explicit consent for us to process your personal data for one or more specific purposes (e.g., for direct marketing). You have the right to withdraw your consent at any time.
- Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject.
4. Sharing Your Information
We do not sell your personal data to third parties. We may share your information with:
- Service Providers: Trusted third-party vendors who assist us in operating our business and providing services, such as payment processors, delivery partners, and IT support. These providers are obligated to protect your data and only use it for the purposes we specify.
- Legal and Regulatory Bodies: When required by law or to respond to valid legal requests, such as subpoenas or court orders.
- Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred as part of the transaction.
5. Data Retention
We retain your personal data only for as long as is necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The precise retention period will depend on the nature of the data and the purpose for which it is processed. Once the retention period expires, we securely delete or anonymize your data.
6. Data Security
We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, use, disclosure, alteration, or destruction. This includes using secure servers, encryption, access controls, and regular security audits. While we strive to protect your personal data, we cannot guarantee its absolute security.
7. Your Rights (Applicable for GDPR and PDPA)
Depending on your location and applicable data protection laws, you may have the following rights regarding your personal data:
- Right to Access: You have the right to request a copy of the personal data we hold about you.
- Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
- Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your personal data under certain circumstances.
- Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data under certain conditions.
- Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
- Right to Object: You have the right to object to our processing of your personal data, particularly for direct marketing purposes.
- Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time.
To exercise any of these rights, please contact us using the details provided below.
8. Third-Party Links
Our online platform may contain links to third-party websites or services that are not operated by us. We have no control over, and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies of any third-party sites you visit.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on this page, and the "last updated" date at the top of the policy will be revised. We encourage you to review this Privacy Policy periodically.
10. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
- Medici Gardens
- 75 Tras Street, Unit 01-05
- Singapore, Singapore, 079014
- Phone: +65 6220 7890