Your privacy matters to us. This Privacy Policy explains how we collect, use, and protect your personal information when you visit our website or make a purchase from us. We are committed to handling your data with the utmost care, transparency, and respect. We do not sell, trade, or give away your personal information to third parties — ever.
Who we are
We are Genesis Flower Farm, a flower and plant business located at [your address]. We sell cut flowers, plants, tubers, seeds, and floral accessories through our website and in store.
If you have any questions or concerns about this Privacy Policy or how your data is handled, you can contact us at:
📧 Email: [email protected]
Comments
When visitors leave comments on our website, we collect the data shown in the comments form, as well as the visitor’s IP address and browser user agent string. This information helps us detect and prevent spam.
An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to check whether you use it. The Gravatar service privacy policy is available at https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
We do not use your comment data for marketing purposes, nor do we share it with third parties outside of the spam detection processes described above.
Media
If you upload images to our website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Any images or media files you submit to us (for example, photos of damaged products sent for a refund claim) will only be used for the purpose they were submitted and will not be shared publicly or with third parties.
Cookies
Our website uses cookies — small text files placed on your device — to improve your browsing experience and help our website function correctly. We use the following types of cookies:
Essential cookies: These are necessary for the website to function and cannot be switched off. They are usually set in response to actions you take, such as setting your privacy preferences, logging in, or filling in forms.
Functional cookies: These allow us to remember choices you make (such as your region or currency preference) and provide a more personalised experience.
Analytics cookies: We may use anonymised analytics tools to understand how visitors interact with our website. This helps us improve our content and user experience. No personally identifiable information is collected through analytics.
If you leave a comment on our site, you may opt-in to saving your name, email address, and website in cookies for your convenience, so you do not have to fill in your details again next time you visit. These cookies will last for one year.
You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our website may become inaccessible or not function properly.
Embedded content from other websites
Pages on our website may include embedded content (for example, videos, images, or social media posts). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website directly.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the content if you have an account and are logged in to that website.
We aim to minimise the use of embedded third-party content where possible, and we are not responsible for the privacy practices of external websites. We encourage you to review the privacy policies of any third-party websites you visit.
Who we share your data with
We want to be clear: we do not sell, rent, trade, or otherwise share your personal information with third parties for their own marketing or commercial purposes. Your data is yours, and we treat it that way.
We may share your data only in the following limited and necessary circumstances:
Payment processors: When you make a purchase, your payment details are securely handled by our trusted payment provider (e.g., Stripe, PayPal, or your bank). We do not store your full payment card details on our systems.
Delivery and logistics: If your order is being delivered, we may share your name and delivery address with our courier or delivery partner solely for the purpose of fulfilling your order.
Legal obligations: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).
In all cases, we only share the minimum information necessary and ensure that any third parties we work with are bound by appropriate confidentiality and data protection obligations.
How long we retain your data
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
If you leave a comment on our website, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically rather than holding them for moderation.
For customers who register an account on our website, we also store the personal information they provide in their user profile. You may view, edit, or delete your personal information at any time (except your username). Website administrators can also view and edit this information.
Order information is retained for a minimum of 7 years to comply with Australian tax and financial record-keeping obligations. After this period, data is securely deleted or anonymised.
If you contact us by email or phone, we may keep a record of that communication for up to 2 years for quality assurance and dispute resolution purposes.
What rights you have over your data
We respect your right to control your personal information. You have the following rights regarding the data we hold about you:
Right to access: You can request a copy of the personal data we hold about you at any time.
Right to correction: If any of the information we hold about you is inaccurate or incomplete, you have the right to ask us to correct it.
Right to erasure: You can request that we delete your personal data, subject to any legal obligations we have to retain certain records (such as financial data required for tax purposes).
Right to withdraw consent: Where we process your data based on your consent (such as for marketing emails), you may withdraw that consent at any time.
Right to complain: If you believe we have not handled your data appropriately, you have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
To exercise any of these rights, please contact us using the details in the ‘Who We Are’ section above. We will respond to all requests within a reasonable timeframe and no later than 30 days.
Where your data is sent
Our website is hosted in [country/region, e.g., Australia]. In most cases, the personal data we collect about you is stored and processed within Australia.
Visitor comments may be checked through an automated spam detection service, which may involve data being processed outside of Australia. Where this occurs, we ensure that appropriate safeguards are in place in accordance with applicable privacy laws.
Payment processing may involve your data being transmitted to servers operated by our payment provider, which may be located overseas. These providers are required to maintain high standards of data security and privacy protection.
We do not knowingly transfer your personal data internationally except as described above, and we take reasonable steps to ensure that any overseas recipients handle your information in a way that is consistent with Australian Privacy Principles.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we do, we will update the ‘Last updated’ date at the top of this page. We encourage you to review this policy periodically.
Continued use of our website after any changes to this policy constitutes your acceptance of the updated terms.
Thank you for trusting us with your information. We are committed to keeping it safe.