Privacy Policy

Last updated January 30, 2024

This Privacy Policy describes how The Greek Herbalist (the "Site", "I", "me", or "my") collects, uses, and discloses your personal information when you visit, use my services, or make a purchase from https://thegreekherbalist.com (the "Site") or otherwise communicate with me (collectively, the "Services"). For purposes of this Privacy Policy, "you" and "your" means you as the user of the Services, whether you are a customer, website visitor, or another individual whose information I have collected pursuant to this Privacy Policy.

Please read this Privacy Policy carefully. By using and accessing any of the Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not use or access any of the Services.

CHANGES TO THIS PRIVACY POLICY

I may update this Privacy Policy from time to time, including to reflect changes to my practices or for other operational, legal, or regulatory reasons. I will post the revised Privacy Policy on the Site, update the "Last updated" date and take any other steps required by applicable law.

HOW I COLLECT AND USE YOUR PERSONAL INFORMATION

To provide the Services, I collect and have collected over the past 12 months personal information about you from a variety of sources, as set out below. The information that I collect and use varies depending on how you interact with me.

In addition to the specific uses set out below, I may use information I collect about you to communicate with you, provide the Services, comply with any applicable legal obligations, enforce any applicable terms of service, and to protect or defend the Services, my rights, and the rights of my users or others.

WHAT PERSONAL INFORMATION I COLLECT

The types of personal information I obtain about you depends on how you interact with my Site and use my Services. When I use the term "personal information", I am referring to information that identifies, relates to, describes or can be associated with you. The following sections describe the categories and specific types of personal information I collect.

INFORMATION I COLLECT DIRECTLY FROM YOU

Information that you directly submit to me through my Services may include:

- Basic contact details including your name, address, phone number, email.

- Order information including your name, billing address, shipping address, payment confirmation, email address, phone number.

- Account information including your username, password, security questions.

- Shopping information including the items you view, put in your cart or add to your wishlist.

- Customer support information including the information you choose to include in communications with me, for example, when sending a message through the Services.

Some features of the Services may require you to directly provide me with certain information about yourself. You may elect not to provide this information, but doing so may prevent you from using or accessing these features.

INFORMATION I COLLECT THROUGH COOKIES

I also automatically collect certain information about your interaction with the Services ("Usage Data"). To do this, I may use cookies, pixels and similar technologies ("Cookies"). Usage Data may include information about how you access and use my Site and your account, including device information, browser information, information about your network connection, your IP address and other information regarding your interaction with the Services.

INFORMATION I OBTAIN FROM THIRD PARTIES

Finally, I may obtain information about you from third parties, including from vendors and service providers who may collect information on my behalf, such as:

- Companies who support my Site and Services, such as Squarespace.

- my payment processors, such as Stripe, who collect payment information (e.g., bank account, credit or debit card information, billing address) to process your payment in order to fulfill your orders and provide you with products or services you have requested, in order to perform my contract with you.

- When you visit my Site, open or click on emails I send you, or interact with my Services or advertisements, I, or third parties I work with, may automatically collect certain information using online tracking technologies such as pixels, web beacons, software developer kits, third-party libraries, and cookies.

Any information I obtain from third parties will be treated in accordance with this Privacy Policy. I am not responsible or liable for the accuracy of the information provided to me by third parties and am not responsible for any third party's policies or practices. For more information, see the section below, Third Party Websites and Links.

HOW I USE YOUR PERSONAL INFORMATION

Providing Products and Services. I use your personal information to provide you with the Services in order to perform my contract with you, including to process your payments, fulfill your orders, to send notifications to you related to your account, purchases, returns, exchanges or other transactions, to create, maintain and otherwise manage your account, to arrange for shipping, facilitate any returns and exchanges and to enable you to post reviews.

Marketing and Advertising. I use your personal information for marketing and promotional purposes, such as to send marketing, advertising and promotional communications by email and to show you advertisements for products or services. This may include using your personal information to better tailor the Services and advertising on my Site.

Security and Fraud Prevention. I use your personal information to detect, investigate or take action regarding possible fraudulent, illegal or malicious activity. If you choose to use the Services and register an account, you are responsible for keeping your account credentials safe. I highly recommend that you do not share your username, password, or other access details with anyone else. If you believe your account has been compromised, please contact me immediately.

Communicating with you. I use your personal information to provide you with customer support and improve my Services. This is in my legitimate interests in order to be responsive to you, to provide effective services to you, and to maintain my business relationship with you.

COOKIES

Like many websites, I use Cookies on my Site. For specific information about the Cookies that I use related to powering my Site with Squarespace, see https://support.squarespace.com/hc/en-us/articles/360001264507-About-the-cookies-Squarespace-uses. I use Cookies to power and improve my Site and my Services (including to remember your actions and preferences), to run analytics and better understand user interaction with the Services (in my legitimate interests to administer, improve and optimize the Services). I may also permit third parties and services providers to use Cookies on my Site to better tailor the services, products and advertising on my Site and other websites.

For example, I use Stripe to collect and process payments. Stripe is PCI-DSS compliant and uses HTTPS and other security best practices to ensure the safe handling of your payment information. To learn more about Stripe, including their terms, Cookies policy, and privacy policy, visit https://stripe.com.

Most browsers automatically accept Cookies by default, but you can choose to set your browser to remove or reject Cookies through your browser controls. Please keep in mind that removing or blocking Cookies can negatively impact your user experience and may cause some of the Services, including certain features and general functionality, to work incorrectly or no longer be available. Additionally, blocking Cookies may not completely prevent how I share information with third parties.

HOW I DISCLOSE PERSONAL INFORMATION

In certain circumstances, I may disclose your personal information to third parties for legitimate purposes subject to this Privacy Policy. Such circumstances may include:

- With vendors or other third parties who perform services on my behalf (e.g., IT management, payment processing, data analytics, customer support, cloud storage, fulfillment and shipping).

- With business and marketing partners, including Squarespace, to provide services and advertise to you.

- When you direct, request me or otherwise consent to my disclosure of certain information to third parties, such as to ship you products or through your use of social media widgets or login integrations, with your consent.

- With my affiliates or otherwise within my corporate group, in my legitimate interests to run a successful business.

- In connection with a business transaction such as a merger or bankruptcy, to comply with any applicable legal obligations (including to respond to subpoenas, search warrants and similar requests), to enforce any applicable terms of service, and to protect or defend the Services, my rights, and the rights of my users or others.

For example, I use Squarespace to power my website, newsletter, and shop; you can read more about how Squarespace manages your Personal Information here: https://www.squarespace.com/privacy. I use Stripe to collect and process payments; you can read more about how Stripe manages your Personal Information here: https://stripe.com/privacy.

USER GENERATED CONTENT

The Services may enable you to post product reviews and other user-generated content. If you choose to submit user generated content to any public area of the Services, this content will be public and accessible by anyone.

I do not control who will have access to the information that you choose to make available to others, and cannot ensure that parties who have access to such information will respect your privacy or keep it secure. I am not responsible for the privacy or security of any information that you make publicly available, or for the accuracy, use or misuse of any information that you disclose or receive from third parties.

THIRD PARTY WEBSITES AND LINKS

My Site may provide links to websites or other online platforms operated by third parties. If you follow links to sites not affiliated or controlled by me, you should review their privacy and security policies and other terms and conditions. I do not guarantee and am not responsible for the privacy or security of such sites, including the accuracy, completeness, or reliability of information found on these sites. Information you provide on public or semi-public venues, including information you share on third-party social networking platforms may also be viewable by other users of the Services and/or users of those third-party platforms without limitation as to its use by me or by a third party. My inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators, except as disclosed on the Services.

CHILDREN'S DATA

The Services are not intended to be used by children, and I do not knowingly collect any personal information about children. If you are the parent or guardian of a child who has provided me with their personal information, you may contact me using the contact details set out below to request that it be deleted.

As of the Effective Date of this Privacy Policy, I do not have actual knowledge that I "share" or "sell" (as those terms are defined in applicable law) personal information of individuals under 16 years of age.

SECURITY AND RETENTION OF YOUR INFORMATION

Please be aware that no security measures are perfect or impenetrable, and I cannot guarantee "perfect security." In addition, any information you send to me may not be secure while in transit. I recommend that you do not use unsecure channels to communicate sensitive or confidential information to me.

How long I retain your personal information depends on different factors, such as whether I need the information to maintain your account, to provide the Services, comply with legal obligations, resolve disputes or enforce other applicable contracts and policies.

YOUR RIGHTS AND CHOICES

Depending on where you live, you may have some or all of the rights listed below in relation to your personal information. However, these rights are not absolute, may apply only in certain circumstances and, in certain cases, I may decline your request as permitted by law.

- Right to Access / Know. You may have a right to request access to personal information that I hold about you, including details relating to the ways in which I use and share your information.

- Right to Delete. You may have a right to request that I delete personal information I maintain about you.

- Right to Correct. You may have a right to request that I correct inaccurate personal information I maintain about you.

- Right of Portability. You may have a right to receive a copy of the personal information I hold about you and to request that I transfer it to a third party, in certain circumstances and with certain exceptions.

- Right to Opt out of Sale or Sharing or Targeted Advertising. You may have a right to direct me not to "sell" or "share" your personal information or to opt out of the processing of your personal information for purposes considered to be "targeted advertising", as defined in applicable privacy laws.

- Right to Limit and/or Opt out of Use and Disclosure of Sensitive Personal Information. You may have a right to direct me to limit my use and/or disclosure of sensitive personal information to only what is necessary to perform the Services or provide the goods reasonably expected by an average individual.

- Restriction of Processing: You may have the right to ask me to stop or restrict my processing of personal information.

- Withdrawal of Consent: Where I rely on consent to process your personal information, you may have the right to withdraw this consent.

- Appeal: You may have a right to appeal my decision if I decline to process your request. You can do so by replying directly to my denial.

- Managing Communication Preferences: I may send you promotional emails, and you may opt out of receiving these at any time by using the unsubscribe option displayed in my emails to you. If you opt out, I may still send you non-promotional emails, such as those about your account or orders that you have made.

You may exercise any of these rights where indicated on my Site or by contacting me using the contact details provided below.

I will not discriminate against you for exercising any of these rights. I may need to collect information from you to verify your identity, such as your email address or account information, before providing a substantive response to the request. In accordance with applicable laws, you may designate an authorized agent to make requests on your behalf to exercise your rights. Before accepting such a request from an agent, I will require that the agent provide proof you have authorized them to act on your behalf, and I may need you to verify your identity directly with us. I will respond to your request in a timely manner as required under applicable law.

COMPLAINTS

If you have complaints about how I process your personal information, please contact me using the contact details provided below. If you are not satisfied with my response to your complaint, depending on where you live you may have the right to appeal my decision by contacting me using the contact details set out below, or lodge your complaint with your local data protection authority.

INTERNATIONAL USERS

Please note that I may transfer, store and process your personal information outside the country you live in, including the United States. Your personal information is also processed by staff and third party service providers and partners in these countries.

CONTACT

Should you have any questions about my privacy practices or this Privacy Policy, or if you would like to exercise any of the rights available to you, please email me at maria@thegreekherbalist.com.