Privacy Policy

We collect information you provide directly to us, including:

• Account Information: Name, email address, phone number, and password when you create an account.
• Order Information: Shipping address, billing address, and payment details when you make a purchase.
• Communication Data: Messages you send through our contact form or customer support.
• Skin Profile Data: Information you provide through our skin diagnostic tool to receive personalised product recommendations.
• Newsletter Preferences: Email address and communication preferences when you subscribe to our newsletter.

We also automatically collect certain information when you visit our website, including your IP address, browser type, pages visited, and referring URL.

• Process and fulfil your orders, including sending shipping confirmations and updates.
• Manage your account and provide customer support.
• Send transactional emails such as order confirmations, shipping notifications, and password resets.
• Send promotional communications if you have opted in (you can unsubscribe at any time).
• Provide personalised product recommendations based on your skin profile.
• Improve our website, products, and services.
• Detect and prevent fraud or unauthorised activity.

We implement appropriate technical and organisational measures to protect your personal data, including:

• SSL/TLS encryption for all data transmitted between your browser and our servers.
• Secure payment processing through Stripe — we never store your full credit card details on our servers.
• Password hashing using industry-standard algorithms (bcrypt).
• Regular security reviews and updates to our systems.
• Access controls to limit who can access personal data within our organisation.

We use cookies and similar technologies to:

• Keep you signed in to your account.
• Remember items in your shopping cart.
• Understand how you interact with our website to improve the user experience.
• Deliver relevant content and recommendations.

You can control cookie preferences through your browser settings. Disabling cookies may affect your ability to use certain features of our website.

We share your data with trusted third parties only as necessary to provide our services:

• Stripe: For secure payment processing.
• Shipping Carriers: To deliver your orders (name, address, and contact details).
• Email Service Providers: To send transactional and marketing emails.

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

You have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data (subject to legal obligations).
• Opt-out: Unsubscribe from marketing communications at any time using the link in our emails.
• Data Portability: Request your data in a machine-readable format.

To exercise any of these rights, please contact us at support@herbivella.com.