Privacy Policy Effective Date: April 22, 2025

At Blue Lotus Transformations (operated by Blue Lotus Creations), protecting your personal data is of utmost importance to us. This Privacy Policy explains how we collect, use, store, share, and safeguard your information when you interact with our website () or use our products and services. We are committed to complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

By using our website and services, you consent to the practices described in this policy.

 

1. Data We Collect

We may collect and process the following types of personal data:

1.1. Information You Provide Directly

  • Contact Information: Name, email address, phone number, billing and shipping addresses.

  • Purchase Information: Payment details and order history when you buy products or book services like facials, eyelash treatments, or wellness consultations.

  • Health Details: If voluntarily shared for service customization (e.g., allergies, skin concerns).

1.2. Automatically Collected Data

  • Usage Data: Information about your interaction with our website, such as IP address, device type, browser type, geographic location, and browsing activity.

  • Cookies and Similar Technologies: Cookies and tracking tools to improve your browsing experience and personalize content.

 

2. How We Use Your Data

Your data is processed only when there is a legitimate legal basis, such as consent, contract necessity, legitimate interest, or legal obligations. We use your data for the following purposes:

  • Service Fulfillment: Processing orders, managing bookings, and delivering our products and services.

  • Communication: Sending confirmations, updates, marketing emails (if consented), and responding to inquiries.

  • Personalization: Customizing services based on your preferences (e.g., skincare needs).

  • Website Improvements: Analyzing website performance to enhance user experience.

  • Compliance and Protection: Adhering to legal obligations and protecting against fraud or misuse.

 

3. Data Sharing

We may share your information with third parties, but only when necessary and with proper safeguards:

  • Service Providers: Trusted partners for payment processing, shipping, IT support, and marketing tools.

  • Legal Obligations: When required by law, court order, or government authorities.

  • Business Transfers: In cases of mergers, acquisitions, or sales, where your data may transfer to the successor entity.

We ensure that any third-party vendors comply with GDPR requirements.

 

4. Data Storage and Retention

Your personal data is stored securely on our systems or with trusted service providers.

  • Retention Period: We retain your data only as long as necessary to fulfill the purposes outlined in this policy or to comply with legal obligations. For example, transaction data may be kept for tax compliance purposes.

  • Storage Locations: If your data is transferred outside the European Economic Area (EEA), we ensure adequate protections, such as Standard Contractual Clauses (SCCs).

 

5. Security Measures

We employ advanced security measures to protect your personal data, including:

  • Encryption of sensitive information during transmission (e.g., payment details).

  • Secure server infrastructure with access control measures.

  • Regular security audits and staff training on data protection.

While we work to safeguard your data, please note that no system is completely secure.

 

6. Your GDPR Rights

As a data subject, you have the following rights under GDPR:

  • Right to Access: Request a copy of the personal data we hold about you.

  • Right to Rectification: Request corrections to inaccurate or incomplete information.

  • Right to Erasure: Request deletion of your personal data, subject to legal or contractual obligations.

  • Right to Restriction: Request limitations on how we process your data.

  • Right to Data Portability: Receive your data in a structured, machine-readable format for transfer to another provider.

  • Right to Object: Object to processing for direct marketing or other legitimate interests.

  • Right to Withdraw Consent: Revoke previously given consent at any time.

To exercise your rights, contact us at bluechildcreations@gmail.com. We will respond within one month of receiving your request.

 

7. Cookies and Tracking Technologies

Our website uses cookies to:

  • Enhance functionality and user experience.

  • Analyze traffic and website performance.

  • Tailor content and advertising to your preferences.

You can manage or disable cookies through your browser settings. For more details, see our Cookie Policy.

 

8. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices, technology, or legal requirements. Updates will be posted on this page with the revised “Effective Date.” For significant changes, we will notify you directly (e.g., via email).

 

9. Contact Us

For questions, concerns, or data-related requests, please contact us: Blue Lotus Creations 1234 Powell Email: bluechildcreations@gmail.com