Privacy policy

Below you can get to know a description of what kind of personal data and for what purpose are processed in connection with the purchase of Iris Flowers services, including: flower bouquets, bouquet subscription and greening.

1. Personal data administrator

The administrator of your personal data is: PARKENTERTEINMENT sp. z o. o., based in Warsaw at 45 Grzybowska Street, KRS: 0000896219, hereinafter: Iris Flowers and also Administrator. Contact with the Administrator is possible via email:

2. Processed personal data, purposes and basis for processing, your rights

Iris Flowers only uses personal data that you provide:
– directly – if you order our services for yourself
– indirectly – when you place an order for another person.

Personal data is processed by Iris Flowers , in accordance with applicable law, in particular in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016. on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – hereinafter referred to as “GDPR”.

Take advantage of Iris Flowers services, including making purchases is voluntary. Similarly, providing personal data by the service user is voluntary, subject to two exceptions:
a. concluding contracts with Iris Flowers – failure to provide, in the cases and to the extent indicated on the Iris Flowers website and in the Regulations and this privacy policy, personal data necessary to conclude and perform the Sales Agreement or the contract for the provision of Electronic Services with Iris Flowers results in the inability to conclude this contract. In such a case, providing personal data is a contractual requirement and if the data subject wants to conclude a contract with Iris Flowers , you are obliged to provide the required data. Each time, the scope of data required to conclude a contract is previously indicated on the Iris Flowers website and in the Regulations.
b. Iris Flowers statutory obligations – providing personal data is a statutory requirement resulting from generally applicable legal provisions imposed on Iris Flowers, the obligation to process personal data (e.g. data processing for the purpose of keeping tax or accounting books) and failure to provide them will prevent Iris Flowers from performance of these duties.

3. We process the following data:

a. name and address of the sender and recipient; telephone number of the sender and recipient; billing address; e-mail adress; Information about payment; IP address to complete the order;
b. name, surname, telephone number, email – to respond to the contact form;
c. image – when visiting our atelier (monitoring).

4. The above data is processed for the following purposes:

a. for order delivery: we use the above-mentioned data to process your order. In some cases, we may also share data with companies we work with to deliver your order;
b. for the purposes of order fulfillment;
c. to respond to the contact form;
d. Iris Flowers legal obligations, including determining, pursuing or defending claims that may be raised by the Administrator or that may be raised against the Administrator;
e. for marketing purposes: if you consent, you may receive notifications about any news from Iris Flowers via email or via social media, as well as SMS information;
f. for the purposes of ensuring the safety of the Administrator’s employees, associates and clients, protecting its property and keeping secret information whose disclosure could expose the Administrator to harm (video monitoring).

5. The basis for the processing of personal data is the contract you conclude with Iris Flowers

1.  in the case of marketing and cookies – your consent, as well as the legitimate legal interest of Iris Flowers, which involves the processing of data necessary to complete your order, which does not violate your rights and freedom or the rights and freedom of other people,
2.  in the case of monitoring – the legal basis is the legitimate legal interest of Iris Flowers, consisting in ensuring the security of the atelier, ensuring the safety of employees and associates, the Administrator’s clients, protecting its property and keeping secret information whose disclosure could expose the Administrator to harm.

6. Your rights

You have the right to send a request to view, edit, delete or transfer your personal data. For example, you can check if your details are correct. If you want to know what information you have provided to us or want to limit its use, you can ask us and change it. If you have any questions about this privacy policy, please contact: .
Moreover, as we process your data on the basis of our legitimate interest, you have the right to object to the processing of your data due to your special situation.
You also have the right to withdraw consent if it was granted, e.g. for marketing purposes. In order to implement the above-mentioned rights, please contact:
You also have the right to lodge a complaint with the supervisory authority responsible for the protection of personal data, i.e. the President of the Personal Data Protection Office:

7. Principles of processing and security

Iris Flowers takes special care to protect the interests of persons whose personal data it processes, and in particular it is responsible and ensures that the data it collects is:
a. processed lawfully;
b. collected for specified, lawful purposes and not subjected to further processing incompatible with these purposes;
c. substantively correct and adequate in relation to the purposes for which they are processed;
d. stored in a form enabling identification of data subjects for no longer than necessary to achieve the purpose of processing
e. processed in a way that ensures appropriate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, using appropriate technical or organizational measures.
Taking into account the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity of violation of the rights and freedom of natural persons, Iris Flowers implements appropriate technical and organizational measures, to ensure that processing is carried out in accordance with this Regulation and to be able to demonstrate this. These measures are reviewed and updated as necessary. Iris Flowers uses technical measures to prevent unauthorized persons from obtaining and modifying personal data sent electronically.

8. Retention periods

We store personal data for as long as necessary to process your order. We then store it for our own use for a maximum of two years. After this period, your personal data will be deleted, unless we need to keep it for legal reasons. Why? Legal provisions oblige Iris Flowers to store your payment information for seven years. Monitoring data is stored for a period of one month.

9. External entities and international transfers

For the proper processing of your order, it is necessary to use Iris Flowers from the services of external entities (such as software providers, couriers or payment processors).
Iris Flowers only uses the services of processors that provide sufficient guarantees to implement appropriate technical and organizational measures so that the processing meets the requirements of the GDPR and protects the rights of data subjects.
Iris Flowers data transfer by is not distributed in every case and not to all recipients or categories of recipients indicated in the privacy policy. Data is transferred only when it is necessary to achieve a given purpose of personal data processing and only to the extent necessary to achieve it. For example, if the Customer uses personal collection, his data will not be transferred to the carrier cooperating with the Administrator.

9.1. Personal data may be transferred to the following recipients or categories of recipients:
a. carriers / forwarders / courier brokers – if the service is delivered by post or courier, Iris Flowers provides the collected personal data of the Customer to the selected carrier, forwarder or intermediary carrying out delivery on behalf of the Administrator to the extent necessary to provide the service;
b. entities handling electronic payments or payment cards – in the case of electronic payments or payments by credit card, the Administrator provides the Customer’s collected personal data to the selected entity, handling the above payments in the Online Store at the request of the Administrator, to the extent necessary to handle the payment made by the Customer. Iris Flowers uses the services of Stripe and Tpay, with which it has a data processing agreement and Standard Contractual Clauses;
c. service providers supplying the Administrator with technical, IT and organizational solutions enabling the Administrator to conduct business activities, including the Online Store and the Electronic Services provided through it (in particular computer software providers, e-mail and hosting providers and providers of company management and assistance software technical Administrator). The Administrator makes the collected personal data available to a selected supplier acting on its behalf only in the case and to the extent necessary to achieve a given purpose of data processing in accordance with this privacy policy.
d. providers of accounting, legal and advisory services providing the Administrator with accounting, legal or advisory support (in particular an accounting office, law firm or debt collection company). The Administrator makes the collected personal data available to a selected supplier acting on its behalf only in the case and to the extent necessary to achieve a given purpose of data processing in accordance with this privacy policy.

9.2. All international transfers are made in accordance with Chapter V of the GDPR.

10. Cookies

Iris Flowers uses cookies to optimize it and ensure safe shopping. Cookies are small text information in the form of text files, sent by the server and saved on the side of the person visiting the Administrator’s website (e.g. on the hard drive of a computer , laptop or on the memory card of a smartphone – depending on which device is used by visitors to our online store). Detailed information on cookies , as well as the history of their creation, can be found, among others, at: here:
The Administrator may process data contained in cookies when visitors use the Online Store website for the following purposes:
a. identifying customers as logged in to the online store and showing that they are logged in;
b. remembering products added to the cart in order to place an order;
c. remembering data from completed Order Forms, surveys or login details to the Online Store;
d. adapting the content of the online store website to individual customer preferences (e.g. colors, font size, page layout) and optimizing its use;
e. keeping anonymous statistics showing how the online store website is used;
f. remarketing , i.e. examining the behavioral characteristics of online store visitors by anonymously analyzing their activities (e.g. repeated visits to specific pages, keywords, etc.) in order to create their profile and provide them with advertisements tailored to their expected interests, also when they visit other websites in the advertising network of Google Inc. and Meta Platforms , Inc ;
g. By default, most web browsers available on the market accept cookies . Everyone can define the conditions for the use of cookies using the settings of their own web browser. This means that you can, for example, partially limit (e.g. temporarily) or completely disable the ability to save cookies . In the latter case, however, it may affect some functionalities of the online store (for example, it may be impossible to complete the Order path through the Order Form due to the Products in the basket not being remembered during subsequent steps of placing the Order);
h. Internet browser settings regarding cookies are important from the point of view of consent to the use of cookies by our Online Store. In accordance with the regulations, such consent may also be expressed through web browser settings. If you do not give such consent, you should change your web browser settings regarding cookies accordingly ;
i. detailed information on changing cookie settings and deleting them yourself in the most popular web browsers is available in the web browser’s help section and on the following websites (just click on the link):
in the Chrome browser
‍ in the Firefox browser
‍ in the Internet Explorer browser
‍ in Opera
‍ in Safari
‍ in Microsoft Edge

j. The Administrator may use the Google Analytics and Universal Analytics services provided by Google Inc. in the Online Store. (1600 Amphitheater Parkway , Mountain View , CA 94043, USA). These services help the Administrator analyze the web traffic in the Online Store. The data collected is processed as part of the above services in an anonymized manner (these are so-called operational data that make it impossible to identify a person) to generate statistics helpful in administering the Online Store. These data are aggregated and anonymous, i.e. they do not contain identifying features (personal data) of persons visiting the online store website;
k. it is possible for a given person to easily block information about his or her activity on the Online Store’s website from being made available to Google Analytics. For this purpose, you can install a browser add-on provided by Google Inc. available here : _ _ _ _ _
l. And the administrator may use the Facebook Pixel service provided by Meta Platforms , Inc. in the Online Store. (4 Grand Canal Square , Grand Canal Harbour, Dublin 2, Ireland). This service helps the Administrator measure the effectiveness of advertisements and find out what actions are taken by visitors to the online store, as well as display tailored advertisements to these people. Detailed information about the operation of the Facebook Pixel can be found at the following website address: .
m. managing the operation of the Facebook Pixel is possible through ad settings in your account on .

11. Third party websites

Our website may contain links to other websites. We have no control over these sites and cannot guarantee that the companies treat your data as securely as we do. We recommend that you read their privacy policy before using them.

12. Change of privacy policy

In order to inform you about the use of personal data in the best possible way, this policy may be updated – we recommend reading it regularly. We make every effort to make our users feel safe and their data is protected by the best technical security. Dear User – you can rest assured.