Our company respects your privacy rights and we do our best to protect them
We ensure that your data are processed by us only to the extent necessary for the following purposes, in a way that guarantees their full security and in compliance with all laws governing the processing of personal data, including in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Official Journal of the European Union No 119, p. 1), hereinafter referred to as “GDPR” and the Act of 10 May 2018 on the Protection of Personal Data (Journal of Laws of 2018, item 1000).
HEMPHILIA is acting as a controller of the users’ Personal Data. For the purpose of this clause the term “Individual User” shall mean any natural person, who visit and/or make a purchase from our Store. If you have any questions related to your privacy, please contact us directly: Email: firstname.lastname@example.org, address: Kr. Valdemāra Str. 73-27, LV-1013, Latvija. Phone: +37127398989 or by “Contact us” form.
1.1. Types of personal data that we collect
In course of using our Store, we will ask you certain information that identifies you as a specific individual or can be used to contact or identify you (hereinafter referred to as “Personal Data”). Once you are visiting our Store we will ask you to confirm your age.
When you purchase something from our Store we will ask the following personal information:
– E-mail address;
– First and last name;
– Your billing and shipping address (city, zip code, street address, country);
– Phone number.
This Personal Data is required to make delivery from our Store to you. Additionally, when you browse our Website we automatically receive your computer’s internet protocol (IP) address. Based on this information, we can identify your device, optimize your online experience, and simultaneously protect our online environment.
Despite the payment method you choose, we do not store and cannot use your credit card information or other payment details. Your credit card details are encrypted and securely stored by your payment operator to enable us to automatically bill you.
Contact us form
If you choose to use the “Contact us” form we will ask you to give us your name, phone, and e-mail address. We requested this information in order to provide you with a reply to such a request. And if you are not the registered user on our Website with the account we will not use your personal data for any other purposes unless we receive your consent for that.
If you subscribe to our newsletter, we will regularly send you our e-mail newsletter based on your consent according to Art. 6 (1) 1 lit. a) GDPR, using the data required or disclosed by you separately for this purpose. We will send you interesting information about our products and special offers.
You may unsubscribe from the newsletter service at any time. For this purpose, you can either send a message to the contact option specified below or use the opt-out link in the newsletter.
Upon unsubscription, we will delete your email address unless you have expressly consented to the further use of your data or we reserve the right to further use your personal data in the scope and manner permitted by the law, of which we inform you in this notice.
The following information is collected in the context of the newsletter:
– E-mail address
1.2. Purpose of data collection
We collect and process your Personal Data only for certain purposes and according to the legal grounds provided by the law.
We process your personal data in order to ensure the functionality of our Website, in accordance with its Terms and Conditions. This includes, in particular, the possibility of registering on the Website and placing orders for our products.
Following the decision to purchase our products, your Personal Data is used for the purposes of effecting sales transactions. This includes in particular receiving payments from you, delivery of products to the place indicated by you.
We process your Personal Data for our marketing purposes, which means in particular promoting our product range. We want you to have up-to-date knowledge of our products and achievements, and in particular to ensure that you receive information about new products and unique offers. Please note that if you gave your consent to that, you can use the unsubscribe option at any time by clicking to the unsubscribe button in the received letter or by sending us a request to “Withdraw my consent”.
1.3. The processing period of your Personal Data
The period for which we process your Personal Data depends on the purpose of the processing. Accordingly:
1) As long as you want to use your account on our Website all this period your data will be processed by HEMPHILIA. Requests regarding inspection or correction of stored personal data or the removal of an account can be sent to: email@example.com
2) In case you are buying products from our Website without using the account – during the period of communication; after this period, we will process your personal data for the purposes related to the accountability of our activities, to which we are obliged by the provisions on personal data protection or for the period for which we are obliged to process pursuant to other provisions of the law, however, not longer than 5 years.
1.4. Lawfulness of processing
Depending on the purpose for which your Personal Data is processed, the legal basis is the fact that it is necessary for taking action at the request of the data subject (Article 6(1)(b) of GDPR) or the consent given by you when using the forms on our Website (Article 6(1)(a) of GDPR). The processing of your personal data may also be based on the fact that the processing is necessary for the purposes resulting from the legally justified interests pursued by HEMPHILIA (Article 6(1)(f) of GDPR).
Please note that such processing of your Personal Data will not harm any of your rights and interests and we will not use your Personal Data for any other purposes.
If we process your Personal Data on the basis of our legitimate interest, we will consider and balance any potential impact on you and your rights under data protection and any other relevant law.
1.5. Collecting your Personal Data
We collect and process your Personal Data under your consent as a legal basis. We will ask you about your consent while completing your order on our website. You can withdraw your consent at any time. In order to do it please contact us by email firstname.lastname@example.org
Cookies are small bits of information that tell your computer about previous interactions with our Website. These cookies are stored on your hard drive, not our Website. Basically, when you use our Website, your computer will show us its cookies, telling our Website whether you used it before. This allows our Website to operate faster, as well as to remember things related to your previous visits (e.g. username), to make it more convenient for you. At our Website, we use two types of cookies: functional and analytical cookies.
3.1. Functional cookies
Functional cookies are used to improve your online experience. These cookies, inter alia, keep track of what is placed in the shopping cart. The use of these cookies does not require prior permission.
3.2. Analytical cookies
Analytical cookies are used to carry out market research and analyses. Data gathered with these analytical cookies is anonymized, thus becoming useless to others. The use of these cookies does not require prior permission.
You have the following privacy rights related to your Personal Data processing:
– Right to be informed
This right means that you can obtain the information from us of how we use your Personal Data;
– Right of access
This right entitles you to receive information from us on the ways we use and the purposes of processing your Personal Data.
– Right to rectification
This right means your right to obtain from us without undue delay the rectification of inaccurate Personal Data concerning you.
– Right to erasure, “right to be forgotten”
This right means that you can request the removal of your Personal Data, we hold and process, but please pay attention that we can delete your Personal Data only if there is no legal or regulatory obligation to retain it.
– Right to restriction of processing
This right means that you can ask us to stop processing your Personal Data, but please note, that there are certain categories of data that we need for example to complete delivery to your address, so if we stop processing it, you will not be able to get products from our Store.
– Right of data portability
This right means that you can ask us to transmit your Personal Data to the other data controller.
– Right to object
In addition, you have the right to make a complaint to the supervisory authority in the Member State of your habitual residence, place of work, or place where your Data is being processed if you think that there are any privacy infringements concerning you.
More information and contact details of the data protection authorities in the European Union (EU) and the European Free Trade Area (EFTA) can be found here.
We only disclose your Personal Data to third parties when we are obliged by law or other applicable legislation.
We will share information with government agencies as required by law. We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose information about you to government or law enforcement officials if it is necessary or appropriate to respond to claims and legal process, at the request of governmental authorities or other third parties conducting an investigation, to protect the property and rights of us or a third party, to protect the safety of the public or any person, or to prevent or stop activity we may consider to be illegal, fraudulent or unethical. We are entitled to share your Personal Data for such purposes under the clause 6.1.c) of GDPR (General Data Protection Regulation).
All your Personal Data, which is being processed by us is stored on the territory of the European Union. But please note, that if you have given your consent to receive marketing materials we may disclose certain categories of your Personal Data as mentioned above to the third parties, which can be located on the territory outside the EU, but only to those who provide the adequate level of data protection.
Please note that your Personal Data is being stored by our hosting provider Squarespace.
If we need to transfer your Personal Data outside the European Union to the third parties other than mentioned in this clause you will be informed about that and we will ask your consent in case of such transfer. In all such cases, your Personal Data can only be transferred to the companies or organizations outside the EU, which provide an adequate level of data protection.
We use third-party services to make transactions and perform services of our Store. Such providers will only collect, use, and disclose your information to the extent necessary to allow them to perform the services they provide to us.
Third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies with respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, please read their privacy policies, so you can understand the manner in which your personal information will be handled by these providers.
In particular, certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So, if you elect to proceed with a transaction that involves the services of a third-party, your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
For delivery from our Store, we use a postal service. This service makes shipping between our company and your address. For such purposes, the postal company requires access to information about your name, address, and telephone number.
Hemphilia is supported by a company specialized in marketing activities and communication activities. Their access to personal information is very limited and mostly anonymized.
At Hemphilia we use external payment services to fulfill transactions (e.g. credit card payments). You may read more about available payment methods in our Shipping policy.
We do not knowingly collect the Personal Data of the children under 18 years old. For this purpose, by using our Website you represent that you are at least 18 years. If we found that information from users less then 18 years old has been collected we will take all necessary steps and measures to delete all this data from our records.
Please note, if you know of any data we have collected from children under 18 years contact us immediately by email email@example.com
How we store your personal data
We care about your privacy and take commercially reasonable steps to help protect and secure the information we collect and store about you, such as data encryption and pseudonymization. When you enter your information, we encrypt the transmission of that information using secure socket layer technology (SSL). We also use HTTPS strict transport security to add an additional layer of protection for our users.
However, if we are required by law or any mandatory regulation to retain your Personal Data longer or if we need Personal Data to assert or defend against legal claims, we will retain your Personal Data until the end of the relevant retention period or until the claims in question have been settled.
Changes to this policy