Privacy Policy (GDPR)

Privacy Policy (GDPR)

GREEN THERAPY is committed to protecting the privacy of its clients and users. This policy describes how we collect, use, and protect your personal data, in accordance with the General Data Protection Regulation (GDPR - EU 2016/679).

1. Data Controller

GREEN THERAPY
Carrer Torrent de les flors, 42, 08024 Gracia, Barcelona
Email: greentherapytheshop@gmail.com

2. Data Collected

We collect the following data:
- Personal Information: last name, first name
- Contact Information: postal address, email address, telephone number
- Payment Data (processed securely by our payment provider)
- Browsing Data: IP address, cookies

3. Purposes of Processing

Your data is used to:
- Process and track your orders
- Manage your customer account
- Send you marketing communications (with your consent)
- Improve our website and services
- Comply with our legal obligations

4. Legal Basis for Processing

The processing of your data is based on:
- The performance of the contract (order processing)
- Your consent (marketing communications)
- Our legitimate interest (improving our services)
- Compliance with our legal obligations

5. Data Retention Period

Your data is retained for the period necessary for the purpose for which it was collected, and for a maximum of 3 years after your last purchase or contact.

6. Your Rights

In accordance with the GDPR, you have the following rights:
- Right of access: obtain a copy of your data
- Right to rectification: correct inaccurate data
- Right to erasure: request the deletion of your data
- Right to data portability: receive your data in a structured format
- Right to object: object to the processing of your data
- Right to restriction of processing: limit the processing of your data

To exercise your rights, contact us at: greentherapytheshop@gmail.com


7. Data Sharing

Your data may be shared with our service providers (Shopify, shipping companies, payment providers) only for the purpose of fulfilling your orders. We never sell your data to third parties.

8. Security

We implement all necessary technical and organizational measures to protect your data against unauthorized access, loss, or disclosure.

9. Contact and Complaints

For any questions regarding your personal data, contact us at [email address]. You also have the right to lodge a complaint with the competent supervisory authority (AEPD in Spain: www.aepd.es).