Privacy Policy

Privacy Policy for NIBARAA

Effective Date: 15th December 2024

At NIBARAA, we respect and value your privacy. This Privacy Policy outlines the types of personal data we collect, how we use and store it, how we ensure its security, and your rights regarding your personal information under the General Data Protection Regulation (GDPR).

By accessing or using our website, www.nibaraa.com (the “Website”), you agree to the terms of this Privacy Policy. If you do not agree with any part of this policy, please do not use the Website.

1. Data Controller

The data controller for your personal data is:

Business Name: NIBARAA
Email: [email protected]
Address: 13 Underhill Walk, West Midlands, B69 4SA, United Kingdom

2. Information We Collect

We collect and process the following types of personal data when you visit our Website or use our services:

Personal Identification Information:

  • Name
  • Email address
  • Postal address
  • Phone number
  • Payment information (such as credit card details)

Non-personal Identification Information:

  • Browser type and version
  • IP address
  • Device information
  • Pages visited on the Website
  • Time and date of your visit
  • Referring website or source

We may collect this information directly from you (e.g., when you register an account, make a purchase, or contact us) or automatically (e.g., through cookies or similar technologies).

3. How We Use Your Data

We use the personal data we collect for the following purposes:

  • To process your orders and provide you with the products and services you request.
  • To communicate with you regarding your orders, inquiries, and any other customer support-related matters.
  • To send you marketing communications if you have opted in to receive them (you can unsubscribe at any time).
  • To improve the functionality and user experience of our Website.
  • To comply with legal obligations and enforce our terms of service.

We will only use your personal data for the purposes outlined above and will not process your data for any other purposes without your explicit consent.

4. Legal Basis for Data Processing

We process your personal data under the following legal bases:

  • Consent: You have provided consent for us to process your data for specific purposes (e.g., subscribing to our newsletter).
  • Contractual Necessity: Processing is necessary for the performance of a contract (e.g., processing your order).
  • Legal Obligation: We are required to process your data to comply with legal obligations (e.g., tax laws or record-keeping requirements).
  • Legitimate Interests: We may process your data based on our legitimate interests, such as improving our services or preventing fraud, provided your rights and freedoms are not overridden.

5. How We Share Your Data

We do not sell or rent your personal data to third parties. However, we may share your data with the following categories of recipients, as necessary:

  • Service Providers: We may share your data with trusted third-party service providers who assist us with our operations, such as payment processors, hosting providers, and shipping companies.
  • Legal Compliance: We may disclose your data if required by law, or if we believe such action is necessary to comply with legal obligations, protect our rights, or prevent fraud.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your personal data may be transferred as part of the transaction.

We will ensure that any third parties we share your data with are GDPR-compliant and protect your data in accordance with this Privacy Policy.

6. Data Retention

We will retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, or reporting requirements. Once the data is no longer necessary, it will be securely deleted or anonymized.

7. Data Security

We take the security of your personal data seriously and implement appropriate technical and organizational measures to protect it from unauthorized access, alteration, disclosure, or destruction. This includes the use of encryption, secure servers, and access controls.

However, please note that no method of transmission over the internet or electronic storage is 100% secure, and while we strive to protect your personal data, we cannot guarantee its absolute security.

8. Your Rights Under the GDPR

As a data subject, you have the following rights under the GDPR:

  • Right of Access: You have the right to request access to the personal data we hold about you.
  • Right to Rectification: You have the right to request that we correct any inaccuracies in your personal data.
  • Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your personal data, subject to certain exceptions.
  • Right to Restriction of Processing: You have the right to request that we limit the processing of your personal data in certain situations.
  • Right to Data Portability: You have the right to request that we transfer your personal data to another service provider in a structured, commonly used, and machine-readable format.
  • Right to Object: You have the right to object to the processing of your personal data, including for marketing purposes.
  • Right to Withdraw Consent: If you have provided consent for us to process your personal data, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month, though this period may be extended in complex cases.

9. Cookies

We use cookies and similar tracking technologies to enhance your user experience, analyze website traffic, and for marketing purposes. You can control the use of cookies through your browser settings. However, disabling cookies may impact your experience on our Website.

For more information about our use of cookies, please refer to our Cookie Policy.

10. International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we will ensure that appropriate safeguards are in place to protect your data, in accordance with the GDPR. This may include using Standard Contractual Clauses or relying on other legal mechanisms approved by the European Commission.

11. Children’s Privacy

Our Website is not intended for use by children under the age of 16, and we do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such data as quickly as possible.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we update this policy, we will post the revised version on our Website and update the effective date. We encourage you to review this Privacy Policy periodically.

13. Complaints to Supervisory Authorities

If you believe that we are processing your personal data in a manner that is not compliant with the GDPR, you have the right to lodge a complaint with a supervisory authority. In the United Kingdom, the supervisory authority responsible for enforcing data protection laws is the Information Commissioner’s Office (ICO).

You can contact the ICO at:

Information Commissioner’s Office (ICO)
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, United Kingdom
Website: https://ico.org.uk
Phone: 0303 123 1113

14. Third-Party Links

Our Website may contain links to third-party websites or services that are not operated by us. This Privacy Policy does not apply to third-party websites, and we have no control over, and assume no responsibility for, the content or privacy practices of any third-party sites.

We encourage you to review the privacy policies of any third-party websites you visit to understand their data collection practices.

15. Your Obligations

You are responsible for ensuring that the information you provide to us is accurate, complete, and up-to-date. If your personal information changes (for example, if you move address or change your contact details), please inform us promptly so that we can keep our records up to date.

If you provide us with personal data about other individuals (e.g., when making a purchase for someone else), you confirm that you have the necessary consent from those individuals to provide their data to us.

16. Data Minimization and Purpose Limitation

We commit to processing your personal data only to the extent necessary for the purposes outlined in this Privacy Policy. We will not process your data for purposes that are incompatible with the original purpose for which it was collected, unless you have consented to such processing.

17. Automated Decision-Making

We do not use automated decision-making processes, including profiling, that significantly affect you, unless explicitly stated. If such processes are introduced in the future, we will inform you and provide the necessary details as required by the GDPR.

18. Disclaimer

This Privacy Policy is subject to change and should be reviewed regularly. By continuing to use the Website after any modifications to this policy, you acknowledge your acceptance of those changes.

If any part of this Privacy Policy is deemed invalid, illegal, or unenforceable by any court of competent jurisdiction, the remaining provisions shall continue in full force and effect.

19. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us at:

Email: [email protected]
Address: 13 Underhill Walk, West Midlands, B69 4SA, United Kingdom

By using our Website, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy.