Privacy Policy | Protecting Your Data & Crystal Purchases

Crystals Healing Limited
72 Conifer Way, Wembley, HA0 3QR, London, UK
Phone: +44 020 349 02109
Email: contact@crystalshealing.co.uk

• Identity – name, email, phone, billing and shipping addresses.
• Order data – purchases, payment method (tokenised), refunds, support history.
• Usage data – IP address, device, browser, pages viewed, time on site.
• Cookies – preferences, basket, analytics and advertising identifiers.
• Marketing – newsletter opt‑ins, preferences.

We do not knowingly collect data from children under 13.

• To process orders and deliver products – contract performance.
• To manage your account and provide support – contract performance / legitimate interests.
• To improve our site and services – legitimate interests (analytics, debugging).
• To prevent fraud and secure the site – legitimate interests / legal obligations.
• To send marketing – consent (email/SMS). You can opt out anytime.

We use essential cookies for the shop to function, plus analytics and advertising cookies with your consent. You can change or withdraw consent in our cookie banner at any time. Learn more about Google technologies here: policies.google.com/technologies/ads.

We may use providers such as Google Analytics/Ads, Meta and email/SMS platforms. These partners may set cookies and receive limited usage data (IP, device, pages viewed) to measure performance and show relevant ads. We do not sell your personal data.

Payments are processed by secure third‑party gateways (e.g., Shopify Payments, PayPal, Klarna, Clearpay, Laybuy). We do not store full card details. Providers act as independent controllers for their processing. Review their privacy notices before paying.

We share data with trusted service providers who help us run the shop (hosting/CDN, payments, fulfilment, email/SMS, analytics, customer support). They process data under contracts and follow our instructions. We may also share data if required by law or to defend our legal rights.

Your data may be transferred outside the UK/EEA. When this happens, we use safeguards such as adequacy decisions or Standard Contractual Clauses.

We keep personal data only as long as needed: orders (6 years for tax), customer service records (up to 3 years), marketing data until you unsubscribe or withdraw consent, and cookies per their lifetimes.

• Access your data and get a copy.
• Correct inaccurate data.
• Delete data in certain cases.
• Restrict or object to processing.
• Data portability.
• Withdraw marketing consent at any time.

To exercise rights, email contact@crystalshealing.co.uk. We respond within one month.

We do not knowingly collect data from children under 13. If you believe a child provided data, contact us and we will remove it.

Our website may contain links to other websites. Their privacy practices may differ. Please review their policies.

If you have concerns, contact us first. You also have the right to complain to the UK Information Commissioner’s Office (ICO): ico.org.uk/make-a-complaint/.

We may update this policy. We will post the new version here with a new “Last updated” date.