Privacy Policy

Last updated: [03.09.2026]

Your privacy matters to us. This Privacy Policy explains how we collect, use, store, and share your personal information when you visit our website, place an order, or interact with our services. It is written to align with industry standards, e‑commerce best practices, and the data‑processing requirements of our product‑sourcing and order‑routing partners.

1. Information We Collect

We collect only the information necessary to operate our store, fulfill your orders, and maintain a secure and reliable shopping experience.

1.1 Information You Provide Directly

  • Name
  • Email address
  • Billing and shipping address
  • Phone number (optional)
  • Order details
  • Customer support messages

1.2 Information Collected Automatically

When you browse our website, we may collect:

  • IP address
  • Browser type and device information
  • Pages visited and time spent on the site
  • Cookies and similar tracking technologies

This information helps us improve site performance, security, and user experience.

2. How We Use Your Information

Your information is used for legitimate business purposes, including:

  • Processing and fulfilling your orders
  • Communicating order updates
  • Providing customer support
  • Managing your account
  • Operating and improving our website
  • Preventing fraud and ensuring platform security
  • Complying with legal and regulatory obligations

We do not use your information for unrelated marketing without your consent.

3. Order Fulfillment and Third‑Party Processing

To fulfill your order efficiently, we work with trusted third‑party service providers who assist with:

  • Product sourcing
  • Inventory synchronization
  • Order routing to suppliers
  • Shipping and logistics
  • Payment processing
  • Website hosting and analytics

These partners receive only the information required to perform their specific function.
They are not permitted to use your data for marketing or unrelated purposes, and they must handle your information securely and in accordance with applicable privacy laws.

This includes systems that connect to our store through secure REST API permissions to synchronize product data, inventory levels, and order details.

4. Payment Information

We do not store or have access to your full payment details.
All payments are processed by secure, PCI‑compliant payment processors (e.g., Stripe, PayPal, WooCommerce Payments).
Your financial information is encrypted and handled according to industry standards.

5. Cookies and Tracking Technologies

We use cookies to:

  • Enable essential website functionality
  • Maintain your shopping cart
  • Remember your preferences
  • Analyze website performance
  • Improve your browsing experience

You may disable cookies in your browser settings, though some features may not function properly.

6. Data Sharing

We share your information only when necessary:

  • Order fulfillment: suppliers, sourcing partners, and logistics providers
  • Payment processing: secure payment gateways
  • Technical operations: hosting, analytics, and security services
  • Legal compliance: when required by law or government request

We do not sell, rent, or trade your personal information.

7. Data Retention

We retain your information only as long as necessary to:

  • Fulfill your orders
  • Provide customer support
  • Maintain accurate business and tax records
  • Comply with legal obligations

When data is no longer required, it is securely deleted or anonymized.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold
  • Request corrections
  • Request deletion
  • Restrict or object to certain processing
  • Request a copy of your data (data portability)
  • Withdraw consent where applicable

To exercise these rights, contact us at [contact@gemsleaf.com].

9. Data Security

We implement technical and organizational measures to protect your information from unauthorized access, loss, misuse, or alteration.
While no system is completely secure, we follow industry best practices to safeguard your data.

10. International Data Transfers

Some of our service providers may operate in other countries.
When your information is transferred internationally, we ensure appropriate safeguards are in place to protect your data in accordance with applicable privacy laws.

11. Children’s Privacy

Our website is not intended for individuals under the age of 16.
We do not knowingly collect personal information from children.
If such information is discovered, it will be deleted promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements.
The “Last Updated” date at the top of this page indicates the most recent revision.

13. Contact Us

For questions or concerns regarding this Privacy Policy, you may contact us at:

[Gemsleaf]
Email: [support@gemsleaf.com]