Privacy Policy | Protecting Your Data & Crystal Purchases
Crystals Healing – Privacy Policy
Last updated: 21 September 2025
At Crystals Healing, we respect your privacy. This notice explains what personal data we collect, how we use it, and your rights under UK GDPR.
Tap a section to read more.
1. Who we are (Data Controller)
Crystals Healing Limited
72 Conifer Way, Wembley, HA0 3QR, London, UK
Phone: +44 020 349 02109
Email: contact@crystalshealing.co.uk
2. Data we collect
- Identity – name, email, phone, billing and shipping addresses.
- Order data – purchases, payment method (tokenised), refunds, support history.
- Usage data – IP address, device, browser, pages viewed, time on site.
- Cookies – preferences, basket, analytics and advertising identifiers.
- Marketing – newsletter opt‑ins, preferences.
We do not knowingly collect data from children under 13.
3. How we use your data (purposes & lawful bases)
- To process orders and deliver products – contract performance.
- To manage your account and provide support – contract performance / legitimate interests.
- To improve our site and services – legitimate interests (analytics, debugging).
- To prevent fraud and secure the site – legitimate interests / legal obligations.
- To send marketing – consent (email/SMS). You can opt out anytime.
4. Cookies and similar technologies
We use essential cookies for the shop to function, plus analytics and advertising cookies with your consent. You can change or withdraw consent in our cookie banner at any time. Learn more about Google technologies here: policies.google.com/technologies/ads.
5. Analytics, ads and third parties
We may use providers such as Google Analytics/Ads, Meta and email/SMS platforms. These partners may set cookies and receive limited usage data (IP, device, pages viewed) to measure performance and show relevant ads. We do not sell your personal data.
6. Payments
Payments are processed by secure third‑party gateways (e.g., Shopify Payments, PayPal, Klarna, Clearpay, Laybuy). We do not store full card details. Providers act as independent controllers for their processing. Review their privacy notices before paying.
7. Sharing your data
We share data with trusted service providers who help us run the shop (hosting/CDN, payments, fulfilment, email/SMS, analytics, customer support). They process data under contracts and follow our instructions. We may also share data if required by law or to defend our legal rights.
8. International transfers
Your data may be transferred outside the UK/EEA. When this happens, we use safeguards such as adequacy decisions or Standard Contractual Clauses.
9. Data retention
We keep personal data only as long as needed: orders (6 years for tax), customer service records (up to 3 years), marketing data until you unsubscribe or withdraw consent, and cookies per their lifetimes.
10. Your rights
- Access your data and get a copy.
- Correct inaccurate data.
- Delete data in certain cases.
- Restrict or object to processing.
- Data portability.
- Withdraw marketing consent at any time.
To exercise rights, email contact@crystalshealing.co.uk. We respond within one month.
11. Children’s privacy
We do not knowingly collect data from children under 13. If you believe a child provided data, contact us and we will remove it.
12. Links to other sites
Our website may contain links to other websites. Their privacy practices may differ. Please review their policies.
13. Complaints
If you have concerns, contact us first. You also have the right to complain to the UK Information Commissioner’s Office (ICO): ico.org.uk/make-a-complaint/.
14. Changes to this notice
We may update this policy. We will post the new version here with a new “Last updated” date.