Privacy Policy

Privacy Protection

Reykjavik Roses respects your privacy and is committed to protecting your personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

We collect and process personal information necessary to provide our services and fulfill orders placed through our website.

Personal information may include:

  • Name
  • Billing and shipping address
  • Email address
  • Phone number
  • Payment-related details
  • Order history

How We Use Your Information

We process personal data for the following purposes:

  • To process and deliver orders
  • To communicate regarding orders or customer service inquiries
  • To improve website functionality and user experience
  • To comply with legal and accounting obligations
  • To prevent fraud and ensure transaction security

We retain personal data only for as long as necessary to fulfill legal, accounting, or operational requirements.

Legal Basis for Processing (EU Customers)

For customers within the European Union, personal data is processed on the following legal grounds:

  • Performance of a contract (order fulfillment)
  • Compliance with legal obligations
  • Legitimate business interests
  • Consent (where applicable, such as marketing communications)

Data Sharing

We do not sell or rent personal data.

Personal information may be shared only with trusted third parties where necessary to provide our services, including:

  • Payment processors
  • Shipping and logistics providers
  • IT and hosting providers
  • Accounting services

All third parties are required to comply with applicable data protection regulations.

Payments

All payments are processed through secure and certified payment gateways that comply with strict security standards.

  • We do not store credit card information.
  • Payment data is encrypted and processed directly by authorized payment providers.
  • We do not add hidden charges or additional fees at checkout.

Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, misuse, alteration, or disclosure.

Your Rights (EU Residents)

Under GDPR, you have the right to:

  • Access your personal data
  • Request correction of inaccurate information
  • Request deletion of your data (where legally permitted)
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent at any time

To exercise your rights, please contact us at: info@reykjavikroses.com

Contact Information

If you have questions regarding this Privacy Policy or how we process your data, please contact: info@reykjavikroses.com