top of page

Privacy Policy

Last updated: [Insert Date]
​

Herbalchemy.ie is committed to protecting your privacy and personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Irish data protection laws. This Privacy Policy explains how we collect, use, disclose, and protect your information when you visit our website www.herbalchemy.ie.

​

1. Who We Are

Data Controller: Herbalchemy.ie
Address: [Insert Business Address]
Email: [Insert Contact Email for Privacy]
Phone: [Insert Phone Number]

​

2. What Data We Collect

We collect the following categories of information:

(a) Personal Identification Data

  • Name, email address, phone number, billing/shipping address

  • Account login details (if you register an account)

(b) Order & Payment Data

  • Order history, payment method (processed securely by third-party payment providers; we do not store card details)

(c) Health & Beauty Information (Special Category Data)

When you submit consultation forms, skincare quizzes, or product recommendations, we may collect:

  • Skin type, allergies, sensitivities, or health-related information you voluntarily provide.

Legal basis: Explicit consent (Article 9(2)(a) GDPR)

(d) Technical & Usage Data

  • IP address, browser type, device identifiers, website usage, cookies, and analytics data.

Legal basis: Legitimate interest (site performance) and consent (analytics/marketing cookies).

​

​

3. How We Use Your Data

We process your personal data for the following purposes:

PurposeLegal Basis

To process and deliver your ordersContract (Art. 6(1)(b))

To respond to your queries or consultation requestsLegitimate interest / Consent

To send newsletters and promotional offersConsent

To personalize product recommendationsExplicit consent (health data)

To improve our website and servicesLegitimate interest

To comply with tax and legal obligationsLegal obligation (Art. 6(1)(c))

​

5. Cookies & Tracking Technologies

We use cookies to improve your browsing experience, analyze website traffic, and offer personalized content.

  • Essential cookies: Required for site functionality.

  • Analytics cookies: Help us understand how visitors use the site.

  • Marketing cookies: Used for advertising and retargeting.

When you first visit our website, you will see a cookie consent banner that allows you to accept or reject non-essential cookies.
You can change your preferences anytime via our [Cookie Settings] link.

For more details, see our Cookie Policy: [Insert Link]

​

6. Sharing of Data

We may share your data with:

  • Payment processors (e.g., Stripe, PayPal)

  • Shipping providers (e.g., An Post, DHL)

  • Email marketing platforms (e.g., Mailchimp, Klaviyo)

  • Analytics providers (e.g., Google Analytics 4 with IP anonymization)

All third-party processors are bound by Data Processing Agreements (DPAs) and comply with GDPR standards.

We do not sell your personal data.

​

7. Data Retention

We only keep your data for as long as necessary to fulfill the purposes outlined above:

​

Data Type                                                 Retention Period

Order and account information                    Up to 7 years (for tax/legal reasons)

Marketing data                                          Until consent is withdrawn

Health-related consultation data                   Up to 12 months or until consent is withdrawn

Cookie data                                              As per Cookie Policy

​

8. Data Security

We take appropriate technical and organizational measures to protect your data, including:

  • SSL encryption (HTTPS)

  • Secure databases and password protection

  • Limited employee access

  • Regular security reviews and backups
     

9. International Data Transfers

If we transfer your data outside the European Economic Area (EEA), we ensure appropriate safeguards, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission, or

  • Transfers to countries with adequacy decisions.

​

​

10. Your Data Protection Rights

Under GDPR, you have the right to:

  • Access your personal data

  • Rectify inaccurate or incomplete data

  • Erase your data (“right to be forgotten”)

  • Restrict or object to processing

  • Withdraw consent at any time

  • Data portability (receive a copy in a structured, machine-readable format)

To exercise these rights, contact us at [Insert Email].
We may request verification of your identity before fulfilling your request.

​

11. Data Breaches

If a personal data breach occurs, we will notify the relevant supervisory authority (the Irish Data Protection Commission) within 72 hours, and affected users if there is a high risk to their rights and freedoms.

​

12. Contact & Complaints

If you have any concerns about how your data is handled, please contact:
Email: [Insert Email]
Address: [Insert Address]

​

You also have the right to lodge a complaint with:
Data Protection Commission (Ireland)
Website: https://www.dataprotection.ie/

​

​

13. Updates to This Policy

We may update this Privacy Policy occasionally to reflect changes in our practices or legal requirements.
The latest version will always be available at: www.herbalchemy.ie/privacy-policy

bottom of page