Privacy Policy for GH Beauty

GH Beauty (“we”, “us”, or “our”) values your privacy and is committed to protecting your personal data. This Privacy Policy outlines how we collect, use, store, and protect your information when you interact with our website, available at gh-beauty.com, and any related services. We are dedicated to handling your data with transparency, integrity, and in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

1. Introduction

At GH Beauty, we are fully committed to preserving the confidentiality, integrity, and availability of your personal information. We recognize the importance of privacy and data protection, and we process your information carefully, lawfully, and transparently. This Privacy Policy explains your rights, details the personal data we collect, and describes how we protect it.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all visitors, users, and customers who access gh-beauty.com and any services associated with it. GH Beauty acts as the data controller for personal information collected via our website and services. As data controller, we determine the purposes and means of processing your personal data.

3. Categories of Personal Data Processed

We may collect and process the following categories of personal data:

a) Usage Data:
Information about your use of gh-beauty.com including IP address, browser type, operating system, referral source, length of visit, page views, and interactions with website elements.

b) Account Data:
Information you provide when creating an account or making a purchase: full name, billing and shipping addresses, email address, and phone number.

c) Profile Data:
Details about your preferences, browsing history on gh-beauty.com, purchase behavior, product interests, and user-generated content.

d) Communication Data:
Correspondence you send to us, including emails, contact forms, support tickets, and the metadata associated with such communications.

e) Technical Data:
Information obtained through analytics tools or error logs, such as device type, internet service provider, screen resolution, operating system language, and timezone settings.

f) Transaction Data:
Information related to payments and order fulfillment, including the date and amount of purchases, payment method, delivery tracking details, and transaction history (Note: we do not store full credit card numbers).

g) Preference Data:
Marketing and communication preferences, opt-in consents, survey responses, and product interest tags.

4. Legal Bases for Processing Personal Data

We process your personal data only when we have a valid legal basis for doing so. Our lawful bases for processing include:

– Contractual Necessity: To perform obligations under contracts with you, such as fulfilling product orders or managing your account.
– Legitimate Interests: To improve our services, operate gh-beauty.com effectively, secure our platform, and communicate with you.
– Consent: When you provide clear and voluntary consent, such as subscribing to marketing communications.
– Legal Obligation: When processing is necessary to comply with legal or regulatory requirements.

5. Your Rights

Under applicable data protection laws, you may have the following rights with respect to your personal data:

– Right of Access: You may request confirmation as to whether your personal data is being processed and obtain access to that data.
– Right to Rectification: You have the right to correct inaccurate or incomplete personal data.
– Right to Erasure: You may request deletion of your data, subject to certain legal exceptions.
– Right to Restriction: You may request temporary suspension of processing in certain circumstances.
– Right to Data Portability: You can request your personal data in a structured, commonly-used, machine-readable format for transmission to another data controller.
– Right to Object: You may object to certain types of processing, including direct marketing.
– Right to Withdraw Consent: Where processing is based on your consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at [email protected].

6. Security Measures

We take appropriate technical and organizational measures to protect your personal data. These measures include:

– Data encryption in transit using SSL/TLS protocols
– Secure storage and password hashing
– Strict access controls on data
– Regular security audits and monitoring
– Employee training on data security and privacy obligations
– Routine backups and disaster recovery processes

7. International Transfers

In certain circumstances, your data may be transferred outside of your country or region, including to countries outside the European Economic Area (EEA). Where transfers occur, we ensure there are appropriate safeguards in compliance with GDPR, such as Standard Contractual Clauses or equivalent mechanisms for lawful data transfer.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected. Retention timeframes include:

– Account and Transaction Data: Retained for 7 years for tax and financial audit compliance
– Communication Data: Retained for 2 years for customer service resolution
– Usage and Technical Data: Retained for up to 2 years for analytics and security
– Marketing Preference Data: Retained until consent is withdrawn or data is deemed inactive

Once data retention periods expire, we securely delete or anonymize the information.

9. Cookie Policy

Our website uses cookies and similar tracking technologies to enhance user experience and analyze site performance. Cookies may be categorized as follows:

– Essential Cookies: Required for core operations, such as login authentication and shopping cart functions.
– Functional Cookies: Remember user preferences and enable features to provide a personalized experience.
– Analytics Cookies: Collect data on user behavior to help us optimize usability and content.
– Performance Cookies: Monitor system performance metrics for troubleshooting and improvements.

10. Cookie Management and Compliance

Upon visiting gh-beauty.com, you are presented with a cookie banner to manage your preferences. You may consent to or reject non-essential cookies in accordance with GDPR and CCPA requirements. You may also modify cookie settings through your browser preferences or our Cookie Settings panel.

Under the CCPA, you may exercise the right to opt out of the “sale” or “sharing” of personal information by adjusting your cookie preferences or contacting us directly at [email protected].

11. Children’s Privacy

GH Beauty does not knowingly collect or solicit personal data from children under the age of 13. If we become aware that a child under 13 has provided personal information without parental consent, we will delete the information promptly. If you believe your child may have submitted data to us, please contact us at [email protected].

12. Policy Updates and Notifications

We may update this Privacy Policy from time to time in response to legal, technical, or business developments. We will take appropriate measures to inform users, such as posting a notice on gh-beauty.com or sending a direct communication where necessary.

We encourage you to review this Privacy Policy periodically to remain informed about how your information is protected.

13. Contact Us

If you have any questions regarding this Privacy Policy, your rights, or our data practices, you may contact us at:

Email: [email protected]
Website: https://gh-beauty.com

Compliance Assurance

GH Beauty strives to maintain the highest standards of privacy compliance in alignment with GDPR and CCPA regulations. If you have any concerns about your personal data or wish to make a privacy-related request, please reach out to us at your convenience.