PRIVACY POLICY

1. Introduction

Bloomi Collective Pty Ltd ("Bloomi", "we", "us", "our") respects your privacy and is committed to protecting your personal information.

This Privacy Policy explains how we collect, use, disclose, store and protect personal information when you:

• Visit our website;
• Use our mobile applications;
• Create an account;
• Purchase products;
• Operate a merchant account;
• Subscribe to marketing communications;
• Contact us;
• Participate in promotions, competitions or surveys; or
• Otherwise interact with the Bloomi platform.

This policy has been prepared in accordance with the Australian Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs).

By accessing or using our platform, you acknowledge that you have read and understood this Privacy Policy.

2. Who We Are

Bloomi Collective Pty Ltd operates an online marketplace connecting customers with independent florists and gift merchants.For privacy enquiries, contact:

Privacy Officer
Email: contact@bloomico.com.au

3. Information We Collect

We may collect information directly from you, automatically through your use of our services, and from third parties.

3.1 Personal Information

Personal information may include:

• Full name
• Date of birth
• Email address
• Phone number
• Billing address
• Delivery address
• Account login credentials
• Profile information
• Business information
• Government-issued identification where required
• Merchant verification information
• Tax information
• ABN details

3.2 Payment Information

Payments are processed through third-party payment providers including Stripe.

We may collect:

• Payment transaction details
• Payment status information
• Refund information
• Chargeback information

We do not store complete payment card details.

Payment information is collected and processed by Stripe in accordance with their privacy practices.

3.3 Merchant Information

For florists and merchants we may collect:

• Business name
• Trading name
• ABN
• Business address
• Contact details
• Banking information
• Stripe Connect account information
• Identity verification documents
• Tax documentation
• Product catalog information
• Order fulfilment information

3.4 Order Information

When you place an order we may collect:

• Recipient name
• Recipient phone number
• Delivery address
• Delivery instructions
• Gift messages
• Product selections
• Order history
• Refund requests
• Customer support communications

3.5 Communications

We may collect information contained in:

• Customer support requests
• Email communications
• Chat communications
• Merchant communications
• Reviews and ratings
• Survey responses
• Feedback submissions

3.6 Automatically Collected Information

When you use our platform we may automatically collect:

• Device information
• Browser type
• Operating system
• IP address
• Session information
• Geographic location data
• Referral URLs
• Clickstream data
• Usage patterns
• App usage information

3.7 Cookies and Similar Technologies

We use:

• Cookies
• Pixels
• Web beacons
• Local storage technologies
• Analytics technologies

These technologies help us:

• Operate the platform
• Improve performance
• Understand user behaviour
• Personalise experiences
• Deliver advertising
• Prevent fraud

Users may disable cookies through browser settings, however some functionality may be unavailable.

4. How We Collect Information

We collect information when you:

• Register an account
• Place an order
• Become a merchant
• Subscribe to marketing
• Submit forms
• Participate in surveys
• Contact support
• Use the website
• Use the mobile app
• Connect third-party accounts

We may also collect information from:

• Stripe
• Identity verification providers
• Delivery partners
• Analytics providers
• Advertising platforms
• Fraud prevention services
• Publicly available sources

5. Why We Collect Personal Information

We use personal information to:

Platform Operations

• Create and manage accounts
• Process orders
• Coordinate deliveries
• Facilitate merchant operations
• Manage subscriptions

Payments

• Process transactions
• Manage refunds
• Detect fraud
• Handle disputes and chargebacks
• Meet financial obligations

Customer Support

• Respond to enquiries
• Resolve complaints
• Investigate issues

Platform Improvement

• Analyse usage patterns
• Improve products and services
• Conduct research
• Develop new features

Marketing

• Send promotional communications
• Personalise content
• Deliver targeted advertising

Legal Compliance

• Verify identity
• Meet regulatory obligations
• Prevent unlawful activity
• Respond to legal requests

6. Legal Basis for Processing

Where applicable, we process information based on:

• User consent
• Contractual necessity
• Legal obligations
• Legitimate business interests
• Protection against fraud and misuse

7. Sharing Personal Information

We may share information with:

Merchants

Customer information may be provided to merchants fulfilling orders, including:

• Name
• Contact details
• Delivery information
• Gift messages
• Order details

Only information reasonably necessary for fulfilment will be shared.

Payment Providers

We share information with payment processors including Stripe for payment processing and fraud prevention.

Service Providers

Including:

• Hosting providers
• Cloud infrastructure providers
• Email providers
• SMS providers
• Analytics providers
• Marketing platforms
• Customer support platforms

Delivery Providers

Where applicable we may share:

• Recipient details
• Delivery addresses
• Delivery instructions

Professional Advisers

Including:

• Lawyers
• Accountants
• Auditors
• Insurers

Government Authorities

Where required by law we may disclose information to:

• Courts
• Regulators
• Law enforcement agencies
• Government authorities

Business Transfers

If Bloomi undergoes:

• Merger
• Acquisition
• Restructure
• Asset sale

personal information may form part of the transferred assets.

8. Marketing Communications

We may send:

• Promotional emails
• Product announcements
• Merchant updates
• Newsletters
• Special offers

Users may unsubscribe at any time using the unsubscribe link or by contacting us.
‍
Transactional communications may still be sent where necessary.

9. Analytics and Advertising

We may use services including:

• Google Analytics
• Google Ads
• Meta Ads
• TikTok Ads
• Other advertising technologies

These services may collect information regarding your interaction with our platform.

Advertising partners may use cookies and similar technologies to deliver relevant advertisements.

10. User Generated Content

Users may voluntarily submit:

• Reviews
• Ratings
• Profile information
• Images
• Comments

Content submitted publicly may be visible to other users.

We are not responsible for how other users use publicly visible information.

11. Mobile App Permissions

Our mobile applications may request access to:

• Notifications
• Camera
• Photo library
• Device storage
• Location services

Access is only used for functionality relevant to the services provided.

Users can manage permissions through device settings.

12. Data Retention

We retain information only for as long as reasonably necessary to:

• Provide services
• Meet legal obligations
• Resolve disputes
• Enforce agreements
• Maintain records

Retention periods may vary depending on the type of information.

Financial and tax records may be retained for seven years or longer where legally required.

13. Security

We implement reasonable safeguards including:

• Encryption
• Access controls
• Authentication controls
• Secure infrastructure
• Monitoring systems
• Fraud detection systems

Despite these measures, no method of transmission or storage is completely secure.

We cannot guarantee absolute security.

14. International Data Transfers

Information may be processed or stored outside Australia.

Where information is transferred internationally, we take reasonable steps to ensure appropriate safeguards are in place.

By using our services, you acknowledge that your information may be transferred internationally.

15. Your Privacy Rights

Subject to applicable law, you may:

• Request access to your information
• Request correction of inaccurate information
• Request deletion of certain information
• Withdraw consent
• Object to certain processing activities
• Lodge complaints regarding privacy practices

Requests may be submitted to our Privacy Officer.

16. Children's Privacy

Our services are not intended for individuals under 18 years of age.

We do not knowingly collect personal information from children.

If we become aware that such information has been collected, we may delete it.

17. Fraud Prevention and Platform Integrity

We may use personal information to:

• Detect fraud
• Prevent abuse
• Investigate suspicious activity
• Monitor platform integrity
• Enforce platform rules
• Protect users and merchants

This may include automated systems and risk assessments.

18. Identity Verification

To comply with payment processing, marketplace integrity and legal obligations, we may require identity verification.

Verification information may be collected directly or through third-party verification providers.

Failure to complete verification may limit access to certain services.

19. Third-Party Links and Services

Our platform may contain links to third-party websites and services.

We are not responsible for the privacy practices of third parties.

Users should review third-party privacy policies independently.

20. Changes to This Privacy Policy

We may update this Privacy Policy periodically.

Changes become effective upon publication on the platform.

Where required by law, users will be notified of material changes.

Continued use of the platform constitutes acceptance of the updated policy.

21. Stripe Connect and Merchant Verification

To operate the marketplace and facilitate payments, Bloomi uses Stripe Connect and related payment infrastructure.

Merchants may be required to provide:

• Legal business name
• Trading name
• ABN or equivalent tax identifiers
• Banking information
• Business ownership information
• Government-issued identification
• Verification documents
• Tax documentation

This information may be shared with Stripe and other verification providers for:

• Identity verification
• Fraud prevention
• Regulatory compliance
• Anti-money laundering compliance
• Payment processing

Failure to provide required information may result in suspension, restriction, or termination of marketplace access.

22. Merchant Subscription Services

Merchants may purchase subscription plans that provide access to premium platform features.

To administer subscriptions, Bloomi may collect and process:

• Subscription selections
• Billing information
• Renewal information
• Payment history
• Usage information
• Cancellation requests

Subscription information may be used to:

• Provide subscribed features
• Manage renewals
• Process payments
• Enforce plan limitations
• Improve subscription offerings

Failure to provide required information may result in suspension, restriction, or termination of marketplace access.

23. SMS Communications

Bloomi may send SMS communications including:

• Order confirmations
• Delivery updates
• Security notifications
• Verification codes
• Marketing communications (where consent has been obtained)

Users may opt out of marketing SMS communications by following unsubscribe instructions or contacting us.

Transactional and service-related messages may still be sent where necessary.

Message and data rates may apply depending on the user's mobile provider.

24. Push Notifications

Our mobile applications may send push notifications relating to:

• Order status updates
• Delivery tracking
• Account activity
• Promotions
• Platform announcements

Users may disable push notifications through device settings.

Disabling notifications may limit certain functionality.

25. Saved Addresses and Account Information

Users may save information for convenience including:

• Delivery addresses
• Billing addresses
• Recipient information
• Preferences

Saved information is stored securely and may be modified or removed through account settings.

26. Saved Payment Methods

Where supported by our payment providers, users may choose to save payment methods for future purchases.

Saved payment methods are typically stored by our payment processing providers and not directly by Bloomi.

Bloomi may retain references or tokens associated with stored payment methods for transaction processing purposes.

27. Reviews and Ratings

Customers may submit:

• Reviews
• Ratings
• Photos
• Feedback

Bloomi may display, moderate, remove, edit, reject, or investigate submitted content.

Reviews may be removed if they:

• Violate laws
• Are fraudulent
• Are abusive
• Contain defamatory content
• Violate platform policies

Submitted reviews may remain visible after transactions are completed.

28. Artificial Intelligence and Automated Processing

Bloomi may use artificial intelligence, machine learning, recommendation systems, and automated technologies to:

• Improve search functionality
• Recommend products
• Detect fraud
• Personalise content
• Improve customer experiences
• Assist customer support

Automated systems may analyse user interactions and purchasing behaviour.

Users acknowledge that certain recommendations and decisions may involve automated processing.

Where required by law, users may request review of significant automated decisions.

29. Delivery Tracking and Logistics Data

Bloomi may collect and process information relating to deliveries including:

• Delivery addresses
• Delivery status
• Estimated arrival times
• Delivery confirmation data

Delivery information may be shared with merchants, delivery partners, and recipients as necessary to facilitate fulfilment.

30. Multi-Merchant Orders

Where an order contains products from multiple merchants:

• Information may be shared with each participating merchant
• Merchants may only receive information relevant to fulfilment of their portion of the order
• Delivery and fulfilment information may be shared across systems to coordinate order completion

31. Merchant Analytics and Reporting

Bloomi may provide merchants with analytics tools and reporting dashboards.

These reports may include:

• Sales data
• Order metrics
• Customer demographics
• Customer locations
• Marketing performance
• Product performance

Analytics provided to merchants may be aggregated, anonymised, or de-identified where appropriate.

32. Recipient Information

Customers may provide personal information relating to gift recipients, including names, addresses, phone numbers, and gift messages.

Customers are responsible for ensuring they have appropriate authority to provide recipient information for the purpose of order fulfilment and delivery.

33. Security Breach

If Bloomi becomes aware of a data breach that is likely to result in serious harm, Bloomi will take steps required under applicable law, including notification obligations under Australia's Notifiable Data Breaches scheme where applicable.

34. Contact and Complaints

If you believe Bloomi has breached applicable privacy laws, you may submit a complaint to:

Privacy Officer
Bloomi Collective Pty Ltd
Email: contact@bloomico.com.au

‍We will investigate complaints and attempt to resolve them within a reasonable period.

If you remain dissatisfied, you may contact the Office of the Australian Information Commissioner (OAIC) or another relevant supervisory authority.