PRIVACY POLICY

Privacy Policy

Flora Livings Pty Ltd (“we”, “us”, “our”) is committed to protecting your privacy. This policy explains how we collect, use, disclose, store and secure your Personal Information, and your rights under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

Contact details
23 Palmerston Rd E, Ringwood VIC 3134, Australia
support@floralivings.com.au | 03 9847 0668

1. Scope

This policy applies to all individuals whose Personal Information we handle, including customers, website visitors, job applicants, suppliers/partners, and contractors. It also covers data processed through marketplace and integration services we use (e.g., Amazon Seller Partner API).

2. What Personal Information we collect

Depending on your interactions with us, we may collect:

  • Identification and contact details (name, address, email, phone).

  • Order and transaction data (purchases, delivery details, refund/return history).

  • Account information (usernames, preferences).

  • Device and usage data (IP, browser, pages visited, cookies).

  • Limited payment information (processed by our payment providers; we do not store full card details).

  • Support communications (emails, messages, call notes).

We do not intentionally collect sensitive information. If such data is provided, we only use it with your consent or where authorised by law.

3. How we collect information

  • Directly from you (checkout, forms, email/phone, support).

  • Automatically via our websites and apps (cookies and similar technologies).

  • From third parties where permitted (e.g., marketplaces, logistics partners, payment providers).

4. Why we collect and use your information

We use Personal Information to:

  • Provide, fulfil and deliver orders; process payments and returns.

  • Communicate about orders, support, and product updates.

  • Improve our services, websites and customer experience.

  • Perform fraud prevention, security, auditing and compliance.

  • Conduct marketing where permitted (you may opt out at any time).

5. Legal bases (APPs/Privacy Act)

We handle data in ways you would reasonably expect for the above purposes, with consent where required, and as otherwise permitted or required by law.

6. Sharing and disclosure

We may share Personal Information with:

  • Service providers (e.g., payment gateways, warehousing, couriers, IT/cloud providers) under confidentiality and security obligations.

  • Marketplaces/platforms where you transact with us (e.g., Amazon).

  • Professional advisers and insurers.

  • Government or regulatory authorities where required by law.
    We do not sell Personal Information.

7. International transfers

Some providers may store data overseas. Where this occurs, we take reasonable steps to ensure appropriate safeguards (contractual and technical) consistent with the APPs.

8. Retention

We keep Personal Information only for as long as needed for the purposes above or to comply with legal, tax and accounting requirements. When no longer required, we destroy or de-identify it securely.

9. Security

We implement administrative, technical and physical safeguards, including access controls, encryption in transit (TLS 1.2+), network protection, malware protection, logging/monitoring, staff training, and regular backups. We restrict access on a need-to-know basis and review permissions periodically.

10. Your rights

You may request access to, or correction of, your Personal Information by contacting us. We will respond within a reasonable time. You may opt out of marketing at any time. If you have concerns, you may lodge a complaint with us (details above) or with the Office of the Australian Information Commissioner (OAIC).

11. Cookies and analytics

We use cookies and similar technologies to operate the site, remember preferences, and analyse performance. You can manage cookies via your browser settings; blocking some cookies may impact site functionality.

12. Third-party links

Our site may contain links to third-party sites. Their privacy practices are not covered by this policy; please review their policies directly.

13. Marketplace & Amazon Seller Partner API (if applicable)

Where we access information via the Amazon Services/Seller Partner API, we also comply with Amazon’s security and data-handling requirements, including:

  • Access management & least privilege: unique user IDs, no shared credentials, MFA enforced; access promptly removed for leavers (within 24 hours).

  • Encryption: TLS 1.2+ in transit; strong encryption at rest for any PII handled through the integration.

  • Retention: PII obtained via the API is retained only as required for order fulfilment, tax and legal obligations (generally no longer than 30 days post-delivery unless law requires longer).

  • Logging & monitoring: security event logging, anomaly detection and incident response.

  • Deletion: secure destruction on request or at end of retention, following industry standards (e.g., NIST 800-88).

  • Audit & compliance: we maintain records to evidence compliance and will reasonably cooperate with required assessments.
    These controls apply only where such integrations are in use.

14. Changes to this Policy

We may update this Policy from time to time. The latest version will always be available on our website and will include the effective date.

Effective date: 17/12/2015

 

Policy Updates

 This Policy is subject to change and is available on our website.

 Privacy Policy Complaints and Enquiries

 For queries or complaints regarding our Privacy Policy, please reach out to us at:

 support@floralivings.com.au

 03 9847 0668

Newsletter

A short sentence describing what someone will receive by subscribing