Privacy Policy

Last updated: October 2023

Introduction

At Dravolith Wellness, we are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services. We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, which govern how we handle personal data.

This policy applies to all users of our website, customers, and individuals who interact with Dravolith Wellness. By using our website or providing us with your personal data, you consent to the practices described in this policy.

Data We Collect

We collect personal data to provide our services, improve our products, and communicate with you effectively. The types of personal data we may collect include:

  • Contact Information: Name, email address, phone number, and postal address when you contact us, place an order, or subscribe to our newsletter.
  • Order Information: Details of products purchased, shipping addresses, billing information, and payment details (processed securely through third-party providers).
  • Website Usage Data: Information about how you use our website, including pages visited, time spent on pages, and referral sources, collected through cookies and similar technologies.
  • Communication Data: Records of correspondence with us, including emails, phone calls, and chat messages.
  • Marketing Preferences: Information about your preferences for receiving marketing communications and how you interact with them.

We collect this data through various methods, including:

  • Directly from you when you provide it (e.g., when filling out forms or making purchases).
  • Automatically through our website using cookies and analytics tools.
  • From third-party sources where permitted by law, such as delivery partners for order fulfillment.

How We Use Your Data

We use your personal data for the following purposes:

  • Order Fulfillment: To process and deliver your orders, including payment processing and shipping arrangements.
  • Customer Service: To respond to your inquiries, provide support, and resolve any issues you may have.
  • Marketing Communications: To send you information about our products, promotions, and wellness tips, with your consent where required.
  • Website Improvement: To analyze website usage, improve our services, and develop new products.
  • Legal Compliance: To comply with legal obligations, such as tax reporting and fraud prevention.
  • Business Operations: To manage our business, including accounting, auditing, and legal matters.

We ensure that all processing is lawful, fair, and transparent, and we only use your data for the purposes stated above or as otherwise permitted by law.

Data Sharing & Disclosure

We do not sell your personal data to third parties. We may share your data in the following circumstances:

  • Service Providers: With trusted third-party service providers who help us operate our business, such as payment processors, shipping companies, and IT service providers. These providers are contractually obligated to protect your data and only use it for the purposes we specify.
  • Legal Requirements: When required by law, such as in response to a court order, legal process, or government request.
  • Business Protection: To protect our rights, property, or safety, or that of our customers or the public.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, where your data may be transferred as part of the transaction.

We take steps to ensure that any third parties we share data with provide adequate protection for your personal information.

Your Rights (GDPR/CCPA)

Under UK GDPR and other applicable data protection laws, you have several rights regarding your personal data. These include:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can ask us to correct inaccurate or incomplete data.
  • Right to Erasure: You can request deletion of your data in certain circumstances.
  • Right to Restriction of Processing: You can ask us to limit how we use your data.
  • Right to Data Portability: You can request your data in a structured, commonly used format.
  • Right to Object: You can object to our processing of your data for direct marketing or other purposes.
  • Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time.

To exercise these rights, please contact us using the details provided below. We will respond to your request within 30 days and may ask for verification of your identity. Please note that some rights may not apply in all circumstances, and we may need to retain certain data for legal or legitimate business reasons.

Cookies

Our website uses cookies and similar technologies to enhance your browsing experience, analyze website traffic, and personalize content. Cookies are small text files stored on your device.

Types of cookies we use:

  • Essential Cookies: Necessary for the website to function properly, such as remembering your shopping cart contents.
  • Analytics Cookies: Help us understand how visitors use our website, allowing us to improve our services.
  • Marketing Cookies: Used to deliver relevant advertisements and track the effectiveness of our marketing campaigns.
  • Functional Cookies: Remember your preferences and settings to provide a personalized experience.

You can manage your cookie preferences through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. However, disabling certain cookies may affect the functionality of our website. For more information about how we use cookies, please see our Cookie Policy.

Security

We take the security of your personal data seriously and implement appropriate technical and organizational measures to protect it against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • SSL encryption for data transmission between your browser and our servers.
  • Secure data storage with access controls and regular security audits.
  • Regular updates to our systems and software to address security vulnerabilities.
  • Employee training on data protection and privacy best practices.
  • Limited access to personal data on a need-to-know basis.

While we strive to protect your data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to using industry-standard practices to safeguard your information.

International Data Transfers

Dravolith Wellness is based in the United Kingdom, and your data is primarily processed within the UK. However, some of our service providers may be located outside the UK or European Economic Area (EEA). In such cases, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK Government or adequacy decisions by the European Commission.

If you are located outside the UK, please note that by providing your data to us, you consent to its transfer to and processing in the UK.

Children's Privacy

Our website and services are not intended for children under 13 years of age. We do not knowingly collect personal data from children under 13. If we become aware that we have collected personal data from a child under 13, we will take steps to delete such information promptly.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last updated" date at the top of this policy and notify you of significant changes by email or through a prominent notice on our website.

We encourage you to review this policy periodically to stay informed about how we protect your data.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Dravolith Wellness
438 Church Street
Sheffield, S1 2GN
United Kingdom
Phone: +44 1284 855937
Email: [email protected]

You can also contact our Data Protection Officer at the above address or email.

We are committed to addressing your privacy concerns and will respond to your inquiries as quickly as possible.