Skip to content

Privacy Policy

Last Updated: November 15, 2024

PRIVACY POLICY

This privacy policy (“Privacy Policy”) explains how Lovingly, LLC and its affiliates (“we,” “us,” “our,” or “Lovingly”), collect, use, disclose and safeguard your information, when you use the Services provided by us.

We collect and use information about you, our:

  1. Customers;
  2. Retailers; and
  3. Visitors to our Websites or anyone contacting customer support.

By using or accessing: (a) the website and associated domains of , and of any Retailer (together“Websites”), (b) a Lovingly Account Services, (c) a Lovingly Shop Services, or (d) any other services we provide (together with Websites, Lovingly Account Services and Lovingly Shop Services, the “Services”), you accept the practices set forth in this Privacy Policy and agree to the collection, use and disclosure of information in accordance with this Privacy Policy.

BY USING THE SERVICES, YOU CONSENT TO THE COLLECTION AND PROCESSING OF THE INFORMATION DESCRIBED IN THIS PRIVACY POLICY. IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY THEN YOU MUST NOT ACCESS OR USE THE SERVICES.

DEFINITIONS

Below are definitions of some of the important terms used in this Privacy Policy. In addition, some terms may be defined within the text of the Privacy Policy. “customer” means any individual who browses, inquires about or purchases products or services listed on our Website or a Retailer Site.

GDPR” means General Data Protection Regulation (EU) 2016/679, as amended from time to time.

Lovingly Account Services” means our online point-of-sale platform, floral shop management system and related cloud services.

Lovingly Shop Services” means Lovingly Account Services in addition to services related to Lovingly’s creation, operation, hosting and marketing of an eCommerce website for a retail florist, flower shop or flower market.

Personal Data” means personal information or any other information that alone or when in combination with other information may be used to identify, contact, or locate you. Personal Data or personal information excludes information that has been aggregated and/or anonymized so that it does not allow a third party to easily identify a specific individual (“non-PII”).

Retailer” or “retailer” means any natural or legal person using or accessing the Lovingly Account Services or Lovingly Shop Services.

Service Provider” means any natural or legal person who processes the data on behalf of the Lovingly or a Retailer. It refers to third-party companies or individuals employed by Lovingly to facilitate the Services, to provide the Services on behalf of Lovingly, to perform services related to the Services, or to assist Lovingly in analyzing how the Service is used. For the purposes of the GDPR, Service Providers are considered Data Processors.

YOUR INFORMATION

We may collect your personal information that you provide directly to us, including but not limited to:

  1. Identifiers, including your first and last name, email address, mailing address, phone number;
  2. Your account access credentials such as account log-in, in combination with any required security access code, password, or credentials allowing access to an account;
  3. Your payment information including bank account, debit or credit card number, billing address and phone number;
  4. Commercial information, including products you purchase, place in your shopping cart, favorite or review (if you are a customer) and information you provide us about you and your business (if you are a retailer or a business);
  5. Photos, profile images(s) and videos, which may include face imagery, if you choose to provide them.
  6. Information about your social media accounts such as Facebook, Twitter, Google+ and LinkedIn.
  7. Inferences, or information derived from other personal information about you, which could include your preferences, interests, and other information used to personalize your experience;
  8. Any other information you may provide; and
  9. The contents of emails or messages that you send to us, either through email or through our Websites.

IN ADDITION TO THE ABOVE PERSONAL INFORMAITON, WE AUTOMATICALLY COLLECT AND STORE THE FOLLOWING INFORMATION ABOUT YOU, YOUR COMPUTER OR MOBILE DEVICE AND YOUR ACTIVITIES WHEN YOU USE OUR SERVICES:

  1. Device Information/Specifications. Technical information about your computer or mobile device (e.g., type of device, web browser or operating system, IP address and internet service provider) to analyze trends, administer the site, prevent fraud, track visitor movement in the aggregate, and gather broad demographic information.

Browsing information. Internet or other electronic network activity information, including information regarding the device and browser you use, network connection, IP address, and how you browse through our Websites; geolocation data, including your mailing and billing address;

  1. Length and Extent of Usage. How long you used the Services and which services and features you used.
  2. Information obtained through Cookies. We use Cookies to keep track of some types of information while you are visiting and using the Services. “Cookies” are very small files placed on your computer, and they allow us to count the number of visitors to our Website and distinguish repeat visitors from new visitors. They also allow us to save user preferences and track user trends. We rely on Cookies for the proper operation of the Services; therefore if your browser is set to reject all Cookies, the Services may not function properly. Users who refuse Cookies assume all responsibility for any resulting loss of functionality with respect to the Services.
  3. Information obtained through web beacons. “Web Beacons” (also known as “clear gifs” and “pixel tags”) are small transparent graphic images that are often used in conjunction with Cookies in order to further personalize the Services for our users and to collect a limited set of information about our visitors including geographical location, length and extent of usage, and whether visitors have registered for any of the Services. We may also use Web Beacons in email communications in order to understand the behavior of our customers, such as whether an email has been opened or acted upon.

How We Use Your Information

  1. General Purposes. Subject to the terms of this Privacy Policy, we may use Personal Data for the following purposes:

take and handle orders, deliver products and services, process payments, and communicate with you about orders, products and services, and promotional offers;

provide, maintain, and improve the Services and our overall business;

to comply with laws. For instance, we collect from retailers information regarding place of establishment and bank account information for identity verification and other purposes;

to improve your user experience and help you efficiently access your information and account after you log-in;

to track purchase history and preferences;

to recommend features, products, and services that might be of interest to you, identify your preferences, and personalize your experience;

respond to your comments and questions and provide customer service;

communicate with you about the Services and related offers, promotions, news, upcoming events, and other information we think will be of interest to you;

monitor and analyze trends, usage and activities;

ensure the security and integrity of the Services; and

investigate and prevent fraud and other illegal activities.

  1. Email Addresses. We use your email address for both “administrative” (e.g., confirming your registration) and “promotional” (e.g., newsletters, new listings, special discounts, event notifications, special third-party offers) purposes. Email messages we send to you may contain code that enables our database to track your usage of the e-mails, including whether the email was opened and what links (if any) were clicked. You may opt-out of receiving promotional emails and other promotional communications from us at any time via the opt-out links provided in such communications. However, we reserve the right to send you certain communications relating to the Services (such as service announcements, security alerts, update notices, or other administrative messages) without affording you the opportunity to opt in or out of receiving such communications.
  2. Use for Research. In addition to the uses outlined above, by using the Services, you agree to allow us to anonymously use the information from you and your interaction with the Services to continue our research into event patterns and general trends, so that we may continue to improve the Services for users and the general public. This research may be published in our blogs or interviews. However, all of your responses will be kept anonymous, and no Personal Data will be published without your consent.
  3. Financial information. We may use your financial information or authorized payment method to process payment for any purchases, subscriptions or sales made on the Services, to protect against or identify possible fraudulent transactions, and otherwise as needed to manage our business. We transmit your financial information to our third-party payment processors. We do not save or store your payment information on our own servers. Their Privacy Policy can be viewed at and .

Sharing Your Information

We may share your personal information in the following circumstances:

  1. With third party service providers to perform functions on our behalf, such as payment processing, Retailers and fulfillment partners, data analysis, security and technology services, and marketing.
  2. Law enforcement or other third parties in connection with legal requests, to comply with applicable law or to protect the rights and safety of our customers and the Retailers.
  3. Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.
  4. Aggregate Data. We may combine non-PII we collect with additional non-PII collected from other sources. We also may share aggregated, non-PII with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis.

We do not “share” your personal information as that term is defined in the California Consumer Privacy Act (CCPA).

Your Rights and Choices

Your rights over your information

Depending on where you reside and how you use our Services, and subject to certain exceptions, you may have some or all of the following rights:

  • Right to Know: The right to request that we disclose to you the personal information we collect, use, or disclose about you, and information about our data practices.
  • Right to Request Correction: The right to request that we correct inaccurate personal information that we maintain about you.
  • Right to Request Deletion: The right to request that we delete personal information that we have collected about you.

To exercise your rights, including the “right to know” and “right to delete,” please submit a request either directly in your account or through our online portal at .

You can also elect not to receive marketing communications by changing your preferences in your account or by following the unsubscribe instructions in such communications.

If you delete any information provided to us, or following termination or deactivation of your account, we may retain your information (including your profile information) and user content for a commercially reasonable time for backup, archival, and/or audit purposes. If you want any Personal Data permanently deleted, you must request such deletion by contacting us at .

Additionally, if we rely on your consent for the processing of your Personal Data, you have the right to withdraw it at any time. When you do so, this will not affect the lawfulness of any processing of your data that was completed before your consent withdrawal.

If you are a customer who has purchased any product from a Retailer, that Retailer may have collected and retained your Personal Data. You must contact that Retailer to exercise your rights with respect to any information the Retailer might have collected about you.

Under the privacy laws, you may also designate an authorized agent to make these requests on your behalf. If you use an authorized agent to submit a request, we may need to collect additional information, such as a government issued identification, to verify your identity before processing your request to protect your information.

Customer Information

Retailers are responsible for what they do with any Personal Data that they may collect, directly or through our Services, about their customers. Retailers are solely responsible for complying with any laws and regulations that apply to the collection and use of customers’ information, including Personal Data that Retailers collect by using functionality provided through any of our Services.

Customers’ payment information may be processed via third party payment processors, whose services may be integrated with our own Services. Such integrations will allow our third-party payment processors to collect Customers’ payment information in accordance with such payment processor’s terms of service and Privacy Policy. Their Privacy Policy can be viewed at and .

THIRD PARTY SITES

The Services may contain links to other websites. If you choose to click on a third-party link, you will be directed to that third party’s website. The fact that we link to a website is not an endorsement, authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third party websites. These other websites may place their own Cookies or other files on your computer, collect data or solicit Personal Data from you. Other websites follow different rules regarding the use or disclosure of the Personal Data you submit to them. We encourage you to read the privacy policies or statements of the other websites you visit.

PRIVACY NOTICE REGARDING MICROSOFT CLARITY

We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our Websites through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Websites usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the .

PRIVACY NOTICE REGARDING GOOGLE ANALYTICS AND GOOGLE TAG MANAGER

We partner with GOOGLE to capture how you use and interact with our Websites through conversion tracking, site analytics, Remarketing, and Managing how tags behave after users make cookie consent decisions. For more information about how GOOGLE collects and uses your data, visit .

PRIVACY NOTICE REGARDING META PIXEL TRACKING

Meta Pixel is a tracking tool provided by Meta Platforms, Inc. doing business as ‘Meta’ (formerly Facebook). We partner with Meta to measure the effectiveness of our marketing on Facebook by understanding how users interact with our website. We place a small piece of code (called a pixel) on the website, which collects data on user actions, such as page visits, purchases, or form submissions. For more information about how Meta collects and uses your data, visit the

HOW WE RESPOND TO LEGAL REQUESTS OR PREVENT HARM

We may access, preserve and share your information without notice or consent from you in response to a legal request (like a search warrant, court order or subpoena) if we have a good faith belief that the law requires us to do so. We may also access, preserve and share information when we have a good faith belief it is necessary to: detect, prevent and address fraud and other illegal activity; to protect ourselves, you and others, including as part of investigations; or to prevent death or imminent bodily harm. Information we receive about you may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies, or otherwise to prevent harm. We also may retain information from accounts disabled for violations of our terms for at least a year to prevent repeat abuse or other violations of our terms.

CHILDREN’S PRIVACY

Only individuals over the age of 18 are eligible to use our Services. Our Services are not directed to children under the age of 13 and we do not knowingly collect, maintain or use Personal Data from children under the age of 13. If you learn that your child has provided us with Personal Data, you may alert us at . Should we learn that a child under 13 has provided us with Personal Data, we will delete that information from our database and terminate any account created by a minor.

SECURING YOUR PERSONAL DATA

Security Measures

Unauthorized entry or use, hardware or software failure, the inherent insecurity of the Internet and other factors, may compromise the security of your Personal Data at any time. Nevertheless, we strive to safeguard Personal Data to ensure that information is kept private and secure at all times. We maintain administrative, technical and physical safeguards that are intended to appropriately protect against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse and any other unlawful form of processing of, the Personal Data in our possession. We employ security measures such as using firewalls to protect against intruders, building redundancies throughout our network (so that if one server goes down, another can cover for it) and testing for and protecting against network vulnerabilities.

Data Retention

We retain Personal Data regarding you or your use of the Services for as long as your account is active or for as long as needed to provide you the Services. We also retain Personal Data for as long as necessary to achieve the purposes described in this Privacy Policy, for example, to comply with our legal obligations, to protect us in the event of disputes and to enforce our agreements and to protect our and others’ interests.

The precise periods for which we keep your Personal Data vary depending on the nature of the information and why we need it. Factors we consider in determining these periods include the amount, nature and sensitivity of your Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means and the applicable legal requirements.

Because you may use the Services sporadically or come back to us after an account becomes inactive, we don’t immediately delete your Personal Data when your trial expires or you cancel the Services. Instead, we keep your Personal Data for a reasonable period of time, so it will be there for you if you come back.

You may delete your Account by contacting us at  and we will delete the Personal Data we hold about you (unless we need to retain it for the purposes set out in this Privacy Policy).

USING OUR SERVICES FROM OUTSIDE THE UNITED STATES; GDPR PRIVACY NOTICE

Data Transfers

If you are visiting the Services from outside the United States, please be aware that your Personal Data may be transferred to, stored, and processed in the United States where our servers are located and our central database is operated. By using our Services, you understand and agree that your information may be transferred to our facilities and those third parties with whom we share it as described in this Privacy Policy.

Privacy Standards for Data Transfer

We conduct our data transfers in accordance with Chapter V of GDPR. Specifically, we conduct data transfers subject to the following standards:

Standard data protection clauses. We may, in accordance with Article 46 of the GDPR, transfer Personal Data to recipients that have entered into a European Commission approved contract for the transfer of personal data outside the European Economic Area.

Other means. We may, in accordance with Articles 45 and 46 of the GDPR, transfer Personal Data to recipients that offer adequate levels of data protection as evidenced by: (a) location in a country or membership in an organization that the European Commission or other appropriate supervisory authority has confirmed, by decision, offers an adequate level of data protection, (b) certification through an approved certification mechanism pursuant to Article 42 of the GDPR, (c) adherence to binding corporate rules adopted pursuant to Article 47 of the GDPR, or (d) any other mechanism that may demonstrate such adequacy under the GDPR.

Onward Transfers to Third Parties. In the context of an onward transfer, Lovingly has responsibility for the processing of personal information it receives and subsequently transfers to a third party acting as an agent on its behalf. Lovingly shall remain liable under the Principles of the GDPR if its agent processes such personal information in a manner inconsistent with the Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.

If you are located in the EEA or UK, you also have the right to lodge a complaint with your local data protection or privacy authority at any time.

Google API Services User Data Policy

If you are using the ‘My Marketing Hub’ functionality in our Services, please refer to the privacy policy of Google LLC, in respect of Your Google user data or your Google business account.

CHANGES TO THIS PRIVACY POLICY

If we change our privacy practices, we may update this Privacy Policy. Any changes will be posted on this page with an updated effective date. Your continued use of the Services after the changes constitute your acceptance of the revised Privacy Policy.

HOW TO CONTACT US

If you have any questions about this Privacy Policy, your Personal Data we hold, or you would like to exercise one of your data protection rights, please do not hesitate to contact us at:

  • Email us at: privacy@lovingly.com,
  • Or write to us at: Lovingly, LLC
    Attn: Privacy Officer
    20 Corporate Park Rd., STE B
    Hopewell Junction, NY, 12533