Privacy Policy

Privacy Policy

Effective Date: March 9, 2025
Last Updated: March 9, 2025

Healing Crystal Vibes (“Company,” “we,” “us,” or “our”) operates HealingCrystalVibes.com (the “Website”) and is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Information We Collect

We collect the following types of personal data:

1.1 Information You Provide to Us

  • Name
  • Email address
  • Billing and shipping address
  • Payment information (processed securely through third-party payment providers)
  • Contact details when you reach out to us
  • Account details if you create an account on our Website

1.2 Information Automatically Collected

  • IP address
  • Browser type and version
  • Pages visited, time spent on pages, and referring URL
  • Device and operating system information
  • Cookies and tracking technologies (see Cookies Policy below)

1.3 Information from Third Parties

We may receive data from:

  • Payment processors (e.g., PayPal, Stripe)
  • Analytics providers (e.g., Google Analytics)
  • Social media platforms if you interact with our accounts

2. How We Use Your Information

We process your personal data for the following purposes:

  • To fulfill and manage orders, payments, and deliveries
  • To communicate with you regarding purchases, inquiries, and support
  • To personalize and improve user experience
  • To provide marketing and promotional materials (with your consent)
  • To analyze Website traffic and improve our services
  • To comply with legal obligations

3. Legal Basis for Processing Personal Data

Under GDPR, we process your personal data based on:

  • Contractual necessity: To fulfill purchase orders and customer requests.
  • Legitimate interest: To enhance security, improve our services, and market products.
  • Consent: When you opt in for newsletters or marketing.
  • Legal compliance: To meet legal and regulatory requirements.

4. How We Share Your Information

We do not sell or rent your personal data. We may share data with:

  • Service providers (e.g., payment processors, shipping companies, email providers)
  • Legal authorities if required by law
  • Business partners (only with your explicit consent)

We ensure all third parties comply with GDPR and use adequate safeguards to protect your data.

5. Data Security

We take security seriously and implement technical and organizational measures to protect your data, including:

  • SSL encryption for secure transactions
  • Restricted access to personal data
  • Secure storage solutions
  • Regular security audits

Despite these efforts, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

6. Your Rights Under GDPR

As a user within the European Economic Area (EEA), you have the following rights:

  • Right to Access – Request a copy of your personal data.
  • Right to Rectification – Correct inaccurate or incomplete data.
  • Right to Erasure – Request deletion of your data under certain conditions.
  • Right to Restrict Processing – Limit how we use your data.
  • Right to Data Portability – Receive your data in a structured, commonly used format.
  • Right to Object – Object to data processing, including direct marketing.
  • Right to Withdraw Consent – If processing is based on consent, you can withdraw it at any time.

To exercise these rights, contact us at [email protected].

7. Data Retention

We retain your personal data:

  • As long as necessary to fulfill the purpose for which it was collected.
  • For legal compliance (e.g., tax laws requiring retention of invoices for 5 years).
  • Until you request deletion, subject to legal limitations.

8. Cookies and Tracking Technologies

We use cookies to enhance your browsing experience. These include:

  • Essential cookies (necessary for Website functionality)
  • Analytics cookies (to understand user behavior)
  • Marketing cookies (for personalized advertising)

You can manage cookie preferences in your browser settings.

9. Third-Party Links

Our Website may contain links to third-party sites. We are not responsible for their privacy practices, and we encourage you to read their privacy policies.

10. International Data Transfers

As we are based in Bahrain, your data may be transferred outside the EEA. We ensure all data transfers comply with GDPR safeguards, such as:

  • Standard Contractual Clauses (SCCs) for third-party data transfers.
  • Data Protection Agreements with our service providers.

11. Updates to This Privacy Policy

We may update this policy periodically. The latest version will always be available on our Website, with the “Last Updated” date reflecting changes.

12. Contact Information

If you have any questions or requests regarding this Privacy Policy, you can contact us:

Healing Crystal Vibes
Address: Road 2014, Hoora 320, Bahrain
Email: [email protected]

By using our Website, you acknowledge that you have read and understood this Privacy Policy.