Introduction
Transparency is central to how we operate. We process personal data only where we have a lawful basis, and we aim to explain our practices in plain language. If you have questions after reading this policy, you can reach us using the contact details at the end of this page.
This policy applies to visitors of charmingpure.world, individuals who submit forms, and customers who purchase products through channels we operate or link to. It does not cover third-party websites that we may link to; those sites have their own policies.
Data controller
The controller responsible for processing is Charmingpure.ddd, with a business address at 12 Pembroke Rd, Ballsbridge, Dublin 4, Ireland. For privacy requests, email talk@charmingpure.world. We will verify identity before disclosing or changing certain records.
Categories of personal data
Depending on how you interact with us, we may process:
- Identity and contact data: name, email address, phone number if you provide it, and delivery address when you place an order.
- Communication content: messages you send through contact forms, email threads, or support tickets.
- Transaction data: order identifiers, product selections, payment status references (payment card data is handled by payment processors under their terms).
- Technical data: IP address, browser type, device type, operating system, referring URL, and approximate location derived from IP.
- Usage data: pages viewed, scroll depth where measured, click events, and time on page when analytics cookies are enabled with your consent.
- Cookie identifiers: as described in our Cookie Policy, including consent records stored locally.
Purposes and legal bases
We process personal data for the following purposes and legal bases under GDPR Article 6:
Website operation and security
We process technical data to deliver pages, prevent abuse, detect fraud, and maintain server integrity. This relies on our legitimate interests in securing our infrastructure and your data, balanced against your rights.
Responding to inquiries and fulfilling orders
We use contact and transaction data to process orders, communicate about delivery, and answer questions. This is necessary for the performance of a contract or pre-contractual steps at your request.
Legal compliance
We retain certain records to meet tax, consumer protection, and regulatory obligations. Processing is necessary for compliance with a legal obligation.
Analytics and improvement
Where you consent through our cookie banner, we process usage data to understand how the site performs and to improve content layout. You may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
Direct marketing
Optional marketing cookies or email marketing (if you separately subscribe) are based on consent or, where applicable, soft opt-in under ePrivacy rules. You can opt out through links in messages or cookie settings.
Recipients and international transfers
We share data with trusted service providers who assist with hosting, email delivery, customer support tools, analytics (when enabled), and payment processing. Providers act on our instructions and under data processing agreements where required.
Some providers may process data outside the European Economic Area. Where we transfer personal data to countries without an adequacy decision, we rely on appropriate safeguards such as Standard Contractual Clauses approved by the European Commission, supplemented by technical and organizational measures.
Retention periods
We keep personal data only as long as necessary for the purposes described:
- Marketing and contact inquiries: typically up to twenty-four months after the last message unless a longer period is needed for dispute resolution.
- Order and tax records: as required by Irish and EU commercial and tax law, often six to ten years depending on the record type.
- Server logs: generally up to twelve months unless extended for security investigations.
- Cookie consent records: up to twelve months or as specified in the Cookie Policy.
Security measures
We implement HTTPS encryption for data in transit, access controls for staff and vendors, role-based permissions, logging of administrative actions where appropriate, and regular review of subprocessors. No system is perfectly secure; if we learn of a breach that risks your rights, we will notify supervisory authorities and affected individuals as required by law.
Your rights
Depending on your situation, you may have the right to access, rectify, erase, restrict processing, object to processing, data portability, and to withdraw consent. You may lodge a complaint with the Data Protection Commission in Ireland or your local supervisory authority.
To exercise rights, email us with a description of your request. We respond within one month in most cases, extendable where complexity requires.
Children
Our website and products are not directed at children under sixteen. We do not knowingly collect personal data from children. If you believe we have received such data, contact us and we will delete it promptly.
Changes to this policy
We may update this Privacy Policy to reflect legal, technical, or business changes. The date at the top is generated dynamically when you load the page to reflect today’s calendar date in Ireland; substantive edits are also recorded in our internal change log. Continued use of the site after updates constitutes acceptance where permitted by law.
Contact
For privacy questions: talk@charmingpure.world
Postal
address: 12 Pembroke Rd, Ballsbridge, Dublin 4, Ireland