1. Information We Collect

• Personal Information: name, email address, phone number, and delivery address.
• Payment Information: processed securely via Stripe; we never store full credit card details.
• Location Data (Drivers Only): real-time GPS data collected only during active deliveries for route optimization and delivery tracking.
• Device and Usage Data: IP address, device type, OS version, session duration, and crash logs to improve performance.

2. Purpose of Processing

• Provide e-commerce and delivery services;
• Process payments and send confirmations;
• Ensure compliance with legal and accounting obligations;
• Improve the App and enhance security.

3. Legal Bases (GDPR Art. 6)

• Contract performance (purchases, deliveries, user accounts).
• Legal obligation (tax, financial record keeping).
• Legitimate interest (fraud prevention, app improvement).
• Consent (optional camera or location use).

4. Children’s Privacy (COPPA)

We do not knowingly collect personal data from children under 13. If you believe your child has provided personal data, contact us immediately at freeholdflowersnj@gmail.com.

5. Location Permission (iOS Compliance)

The Application requests location access only when necessary to perform active delivery tasks. The user is explicitly informed via iOS system permission prompt that location data is used solely for route optimization and delivery tracking. The Application never collects location data in the background when the driver is not actively delivering.

6. Third-Party Services

• Stripe, Inc. – payment processing (Privacy Policy)
• OpenRouteService – routing/geolocation (Terms)

7. Data Retention

8. Security

• All communications use TLS 1.3 encryption.
• Passwords encrypted via bcrypt (12 rounds).
• JWT authentication with token expiration and revocation lists.
• Access restricted by user roles and secure servers.

9. Email Communications

We use your email address solely to communicate important information related to your purchases and account activity. These transactional messages include order confirmations, delivery updates, receipts, password resets, and customer support correspondence.

We do not send promotional or marketing emails without your explicit consent. All communications comply with the U.S. CAN-SPAM Act and relevant privacy regulations. You may contact us at any time to opt out of non-essential communications.

10. User Rights (GDPR/CCPA)

• Access and obtain a copy of your data.
• Request correction or deletion.
• Withdraw consent for certain processing.
• Opt out of data sales (we do not sell personal data).

11. International Data Transfers

Your data may be processed in the United States and the European Union (for routing). We comply with applicable transfer mechanisms under GDPR and the U.S. Data Privacy Framework.

12. Changes

We may update this Policy from time to time. Material changes will be posted within the App and on our website.

13. Contact

Privacy Officer – Freehold Flowers
10 W Main St, Freehold, NJ 07728, USA
Email: freeholdflowersnj@gmail.com

14. Governing Law

This Policy and any disputes arising hereunder are governed by the laws of the State of New Jersey, USA.

15. GDPR and CCPA Compliance

Freehold Flowers complies with the principles of the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We ensure transparency, data minimization, lawful processing, and respect for user rights. Users have the right to access, correct, delete, and export their personal information. No personal data is sold or shared for advertising purposes.