GDPR Policy

At Her Thought Lounge (herthoughtlounge.com), we are committed to protecting your privacy and ensuring that your personal data is handled in a transparent and secure way. This GDPR Policy explains how we collect, use, and safeguard personal information in compliance with the General Data Protection Regulation (GDPR) (EU Regulation 2016/679).

1. Who We Are

Her Thought Lounge (“we,” “our,” or “us”) is responsible for the processing of your personal data as a Data Controller under GDPR.

If you have any questions regarding this policy, you can contact us at:

Email: herthoughtlounge@gmail.com

2. What Personal Data We Collect

Depending on your interaction with our website, we may collect the following categories of personal data

  • Account & Profile Information: Name, email address, login credentials (if you create an account).
  • Contact Information: Email address, phone number (if provided through contact forms).
  • Transaction Data: Payment details (processed securely through third-party payment providers), billing/shipping address.
  • Technical Data: IP address, browser type, device information, cookies, and analytics data.
  • Content You Provide: Comments, reviews, or other information submitted through our website.

We do not knowingly collect data from children under the age of 16 without parental consent.

3. How We Use Your Personal Data

We use your personal data for the following purposes

  • To provide and manage our services.
  • To process payments and deliver purchased products or services.
  • To respond to inquiries and customer support requests.
  • To send newsletters, updates, and marketing communications (with your consent).
  • To improve website functionality and user experience.
  • To comply with legal obligations.

4. Legal Basis for Processing

We process personal data only when we have a lawful basis under GDPR, including:

  • Consent: When you have given clear consent (e.g., for marketing emails).
  • Contract: When processing is necessary to perform a contract (e.g., delivering purchased items).
  • Legal Obligation: When required by law.
  • Legitimate Interests: When processing is necessary for our legitimate business interests (e.g., improving services), provided it does not override your rights.

5. How We Share Your Data

We may share your data with trusted third parties only when necessary:

  • Service Providers: Hosting providers, payment processors, analytics providers.
  • Legal Authorities: If required by law, regulation, or legal process.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets.

We never sell your personal data to third parties.

6. International Data Transfers

If your data is transferred outside the European Economic Area (EEA), we ensure it is protected through:

  • Adequacy decisions by the European Commission.
  • Standard Contractual Clauses (SCCs).
  • Other appropriate safeguards under GDPR.

7. Data Retention

We retain personal data only as long as necessary for the purposes outlined in this policy, unless a longer retention period is required by law. When data is no longer needed, we securely delete or anonymize it.

8. Your GDPR Rights

As a data subject, you have the following rights:

  • Right of Access: Obtain a copy of your personal data.
  • Right to Rectification: Request correction of inaccurate data.
  • Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data.
  • Right to Restrict Processing: Limit how your data is used.
  • Right to Data Portability: Receive your data in a structured, machine-readable format.
  • Right to Object: Object to processing based on legitimate interests or direct marketing.
  • Right to Withdraw Consent: Withdraw consent at any time.

To exercise these rights, please contact us at [Insert contact email]. We will respond within the legally required timeframe (typically one month).

9. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to improve user experience and analyze site performance. You can manage or disable cookies through your browser settings. For more details, please refer to our cookie policy.

10. Data Security

We implement appropriate technical and organizational measures to safeguard personal data, including encryption, secure servers, and access controls. However, no online transmission is 100% secure, and we cannot guarantee absolute security.

11. Complaints

If you are unhappy with how we process your personal data, please contact us first. You also have the right to lodge a complaint with your local Data Protection Authority (DPA) within the EU.

12. Updates to This Policy

We may update this GDPR Policy from time to time. Any changes will be posted on this page with the updated date. We encourage you to review this policy periodically.

her thought lounge
Find everyday outfits, capsule wardrobe tips, seasonal trends, and signature pieces that help you feel like yourself.

CATEGORIES

GO TO

LEGAL

Copyright © 2025 | Her Thought Lounge | All Rights Reserved