Two Edmonton locationsSame-day delivery — order before 2 PMFree delivery over $100+1 (780) 000-0000
Keep Blooming

Legal

Privacy Policy

Last updated: March 2025

Keep Blooming ("we", "us", "our") is a premium florist operating in Edmonton, Alberta, Canada. We are committed to protecting your personal information and your right to privacy in compliance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and Alberta's Personal Information Protection Act (PIPA).

This Privacy Policy explains what information we collect, how we use it, who we share it with, and how you can exercise your privacy rights. By using our website or placing an order, you agree to the practices described here.

1. Information We Collect

We collect information in the following ways:

Information you provide directly

  • Order information: name, email address, phone number, delivery address, card message, recipient name and phone (for gift orders).
  • Account information: if you create an account, your name, email, and password (stored as a secure hash).
  • Communication: messages or inquiries you send us via contact forms, email, or phone.

Information collected automatically

  • Usage data: pages visited, time spent, browser type, device type, and referring URL — collected via standard web server logs.
  • Cookies: session cookies to maintain your shopping cart and authentication state. We do not use third-party advertising cookies.

Information from payment processing

We do not store full card numbers. All payment data is processed securely by Stripe, Inc. under their own privacy policy. We receive only a payment confirmation reference (PaymentIntent ID) and masked card details (last 4 digits, card brand).

2. How We Use Your Information

We use your personal information solely to:

  • Process and fulfil your flower orders, including delivery or pickup.
  • Send order confirmations and status updates to your email address.
  • Send SMS delivery notifications if you opt in (via Twilio).
  • Respond to your customer service inquiries.
  • Maintain your account if you choose to create one.
  • Comply with legal and tax obligations.
  • Improve our website and services (aggregated, non-identifying analytics only).

We do not sell your personal information. We do not use your data for third-party advertising profiling.

3. How We Share Your Information

We share your information only as necessary to operate our service:

  • Stripe, Inc. — payment processing. Stripe is PCI-DSS compliant. See stripe.com/privacy.
  • Twilio Inc. — SMS verification and delivery notifications (if you provide a phone number). See twilio.com/legal/privacy.
  • Resend — transactional email delivery (order confirmations).
  • Legal authorities — if required by law, court order, or to protect the safety of our customers.

All service providers are bound by data processing agreements and are prohibited from using your data for their own marketing purposes.

4. Data Retention

We retain your personal information for as long as necessary to fulfil the purposes outlined in this policy, or as required by law:

  • Order records: 7 years (required for Canadian tax purposes).
  • Account data: until you request deletion.
  • SMS verification codes: expire after 10 minutes and are not stored.
  • Contact form messages: 2 years or until resolved.

5. Your Privacy Rights

Under PIPEDA and Alberta's PIPA, you have the right to:

  • Access the personal information we hold about you.
  • Request correction of inaccurate information.
  • Request deletion of your personal data (subject to legal retention obligations).
  • Withdraw consent for marketing communications at any time.

To exercise any of these rights, contact us at hello@keepblooming.ca. We will respond within 30 days.

6. Cookies

Our website uses essential cookies only:

  • Session cookie: maintains your login state during your visit.
  • Cart cookie: persists your shopping cart between page loads (local storage).

We do not use analytics cookies, advertising cookies, or cross-site tracking. You can disable cookies in your browser settings, but doing so may prevent checkout and account features from working correctly.

7. Security

We take reasonable technical and organizational measures to protect your information, including:

  • HTTPS encryption for all data in transit.
  • Passwords stored as bcrypt hashes — never in plain text.
  • Payment data handled exclusively by PCI-compliant Stripe.
  • Access to order data restricted to authorized staff only.

No internet transmission is 100% secure. If you believe your information has been compromised, contact us immediately at hello@keepblooming.ca.

8. Children's Privacy

Our website is not directed to children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with their information, please contact us and we will promptly delete it.

9. Third-Party Links

Our website may contain links to third-party websites (e.g., Google Maps, social media). We are not responsible for the privacy practices of those sites. We encourage you to read their privacy policies before providing any personal information.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the revised policy on this page with an updated "Last updated" date. Continued use of our website after any changes constitutes acceptance of the updated policy.

11. Contact Us

For questions, concerns, or privacy rights requests, contact our privacy officer:

Keep Blooming

Edmonton, Alberta, Canada

hello@keepblooming.ca

Terms of ServiceReturns & RefundsContact Us