GDPR Policy

At Notes of Hope, we are committed to protecting your privacy and ensuring that your personal data is handled responsibly, transparently, and in compliance with the General Data Protection Regulation (GDPR).

This policy explains how we collect, use, store, and protect your personal data when you interact with our website, products, and services.

1. Data We Collect

We may collect the following types of personal data:

Contact details (name, email address, phone number, postal address)

Order information (products purchased, payment details, billing/shipping address)

Account information (if you create an account with us)

Communications (messages you send via our contact form, email, or social media)

Technical data (IP address, browser type, device information, cookies)

2. How We Use Your Data

We process your data for the following purposes:

To process and deliver your orders.

To respond to your inquiries and provide customer support.

To send you updates, offers, and newsletters (if you opt-in).

To improve our website, products, and services.

To comply with legal and tax obligations.

3. Lawful Basis for Processing

Under GDPR, we process personal data on one or more of the following lawful bases:

Contract – To fulfill your order or service request.

Consent – Where you have agreed to receive marketing communications.

Legal obligation – To comply with applicable laws and regulations.

Legitimate interests – For business purposes that do not override your rights.

4. Your Data Protection Rights

You have the right to:

Access your personal data.

Request correction of your data.

Request deletion of your data (“right to be forgotten”).

Restrict or object to processing.

Withdraw consent at any time (for marketing communications).

Request a copy of your data in a portable format.

To exercise these rights, contact us at antoinyce@notesofhopenc.com.

5. Data Storage and Retention

We store your data securely and only for as long as necessary to fulfill the purposes for which it was collected, or as required by law.

6. Third-Party Services

We may share your personal data with trusted third-party service providers (e.g., payment processors, shipping carriers, email marketing platforms) to fulfill your orders and improve our services. All third parties are required to keep your data secure and use it only for agreed purposes.

7. Cookies and Tracking

Our website uses cookies to enhance user experience, analyze website performance, and provide personalized content. You can manage cookie preferences in your browser settings.

8. International Transfers

If your data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place to protect your personal information.

9. Changes to This Policy

We may update this GDPR Policy from time to time. Any updates will be posted on this page with the revised effective date.