Privacy Policy

BeePro Cosmetics Privacy Policy

Last updated: 5 May 2025

BeePro Cosmetics (“BeePro”, “we”, “us” or “our”) is a UK-based e-commerce business operating on the Shopify platform. We are committed to protecting your privacy and processing your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 . This Privacy Policy explains what personal information we collect, how we use and share it, and your rights in relation to that data. BeePro Cosmetics is the “data controller” of the personal data collected through our website (meaning we determine how and why your data is used).

We only collect and use personal data for purposes that are necessary to provide our services (processing orders and managing newsletter subscriptions), and we handle all information lawfully, fairly, and transparently. Please read this policy carefully to understand our practices regarding your information.

Data We Collect

We adhere to the principle of data minimisation, collecting only the information we need for specific purposes . The types of personal data we collect include:

  • Identity and Contact Data: Information you provide when placing an order or creating an account, such as your name, billing and delivery address, email address, and phone number . This is collected during checkout or account registration so we can process your purchase and communicate with you. We do not collect any sensitive personal data such as your race, religion, health information, or similar categories.

  • Order Details: Information about the products you order and purchase history. This includes the items you’ve ordered, order numbers, dates of purchase, and any relevant notes (e.g. gift messages). We maintain this information to fulfill your orders and assist with customer service (like returns or inquiries).

  • Payment Information: When you make a purchase, you will provide payment details (such as credit or debit card information or payment account details) at checkout. Importantly, BeePro Cosmetics does not store your full card details on our own servers. Payments on our site are processed securely by third-party payment processors (e.g. Visa, MasterCard, American Express, PayPal, Apple Pay, Google Pay, UnionPay). These providers handle your card information in an encrypted manner compliant with the Payment Card Industry Data Security Standard (PCI-DSS) . We only receive limited information about the transaction (such as a confirmation that payment was approved, the card type, and possibly the last 4 digits of your card).

  • Marketing Data: If you sign up for our newsletter or marketing emails, we collect your email address (and optionally your name) for the purpose of sending you our news and offers. We will only collect this if you voluntarily subscribe or explicitly opt-in to marketing. (See Newsletter and Marketing below for more details.)

  • Technical and Usage Data: Like most websites, our site automatically collects certain information about your device and browsing actions through cookies and similar technologies. This may include your Internet Protocol (IP) address, browser type and version, device identifiers, pages you visit on our site, and how you arrived at our site. For example, when you visit our site, Shopify (our website host) may automatically log your IP address and device details, and use cookies to remember your session . This data helps us ensure the site works correctly, provides you a smooth shopping experience (e.g. remembering what’s in your cart), and to understand and improve website performance. (See Cookies and Tracking below for more information.)

We do not knowingly collect personal data from children. Our website and services are intended for adults. If you are under 13 years old, please obtain consent from a parent or guardian before providing any personal information.

How We Use Your Data

We use your personal data only for the purposes for which it was collected, and only where we have a valid legal basis (see Legal Bases below). In particular, BeePro Cosmetics uses your information for:

  • Order Processing and Service Delivery: Primarily, we use your personal details to process and fulfill your orders. This includes confirming your order, taking payment, shipping the products to you, and communicating with you about delivery . For example, we will use your name and address to ship your package, and your email or phone number to send order confirmations or delivery updates. We also may use your details to handle returns, refunds, or customer support queries regarding your purchases.

  • Account Management: If you create an account on our website, we use your information to maintain and administer your account (e.g. to allow you to view past orders, save preferences, and expedite future checkout). This makes your shopping experience more convenient.

  • Communication: We may use your contact information to communicate with you about your orders or inquiries. For instance, if there is an issue with your order or we need to provide you with an update, we will contact you via email or phone. We will not send you marketing emails unless you have opted in, apart from communications necessary to provide our services or respond to you.

  • Marketing (With Consent): If you have subscribed to our newsletter or otherwise given consent, we will use your email address to send you our newsletter and promotional materials about new products, special offers, or beauty tips. These communications are optional and sent only to subscribers. You can opt out at any time (see Newsletter and Marketing below) .

  • Legal Compliance: We process and retain certain data as required by applicable laws and regulations. For example, we keep transaction records to comply with tax, accounting, and financial reporting obligations . This may involve using your order information in our accounting records and storing invoices. We may also use or disclose personal data where necessary to meet legal obligations, such as responding to lawful requests by public authorities or to comply with consumer protection laws.

  • Improvement and Analytics: We may use technical and usage data to understand how customers use our website and to improve our services and user experience. For example, we might analyze which products are frequently viewed or how users navigate our site, in order to optimize site layout or product offerings. Such analysis is typically done on an aggregate basis and does not focus on individual users. Where analytics cookies are used, we will obtain your consent as required (see Cookies and Tracking).

  • Fraud Prevention and Security: We may process personal data as necessary to prevent fraud, fraudulent transactions, or other illegal activities on our site. This includes using certain information to verify that transactions are not fraudulent and monitoring for suspicious activity. It also includes ensuring the security of our website, network and information systems. We do this based on our legitimate interest in protecting our business and customers from fraud and security threats.

We will not use your personal information for any purpose that is incompatible with the original purposes described above without first obtaining your consent, unless otherwise permitted or required by law. If we ever need to process your data for a new purpose, we will update this Privacy Policy and notify you when appropriate.

Legal Bases for Processing

Under UK data protection law, we must have a valid lawful basis to process your personal data . This means that for each use of your data, we rely on one or more of the following legal grounds as defined in Article 6 of the UK GDPR:

  1. Performance of a Contract – Most of the data we collect from you is used to carry out our contract with you, i.e. to provide the products or services you have requested. When you place an order with BeePro, a contract is formed for us to deliver that order. We need to process your personal data (like your name, address, and payment info) to fulfill our obligations under that contract – for example, to accept payment and deliver the items to you . If you contact us for customer support or use our services, we process your data as necessary to perform and manage the services you expect.

  2. Consent – We will ask for your consent in situations where we want to use your data in a way that is not strictly necessary for the contract or our legal obligations. The clearest example is when we send you marketing communications: we will only use your email for newsletters or promotional emails if you have actively opted in and given consent for that specific purpose . You have the right to withdraw your consent at any time (see Your Rights below), and if you do so, we will stop the processing that was based on consent. Another example is cookies for analytics/marketing – we rely on your consent to place non-essential cookies on your device.

  3. Legal Obligation – We may process your personal data where we are required to by law. This includes retaining certain information to comply with UK tax law, accounting rules, or other legal mandates . For instance, UK tax regulations generally require businesses to keep transaction records for a number of years. If we receive an official request (like a court order or an investigation by authorities), we might need to process or disclose personal data to comply with that legal obligation.

  4. Legitimate Interests – In some cases, we process your data to pursue our legitimate business interests, but only where such use is not overridden by your own rights and interests. We believe our use of personal data for improving our services, ensuring IT security, and fraud prevention falls under this category. For example, we have a legitimate interest in understanding how customers use our website so we can improve navigation and product offerings, and in securing our site against attacks or misuse. When we rely on legitimate interests, we always balance our interests against your rights and expectations to ensure we’re being fair and transparent . You have the right to object to processing based on legitimate interests in certain cases (see Your Rights).

If you have questions about the legal basis of a specific processing activity, feel free to contact us for more information. We will also gladly explain how the UK GDPR allows our processing of your personal data in each case.

Cookies and Tracking Technologies

Like most online retailers, our website uses cookies and similar tracking technologies to function effectively and to enhance your experience. Cookies are small text files that are placed on your device when you visit our site. We use the following categories of cookies:

  • Necessary Cookies: These are essential for the operation of our website and enable core functionality such as the shopping cart and checkout process. Without these cookies, you wouldn’t be able to place items in your cart or proceed through checkout. For example, Shopify (our website host) uses a cookie to store information about your session (so the site “remembers” your cart contents as you browse) . These cookies do not gather information about you that is used for marketing, and they generally expire when your session ends or shortly thereafter.

  • Analytics and Performance Cookies: We (or our service providers) use these cookies to collect information about how visitors use our site, such as which pages are visited most often and if any errors occur. This data helps us improve how the website works and understand user interests. For instance, we use Shopify’s built-in analytics and may use tools like Google Analytics to gather aggregate statistics on site usage. The information collected is typically anonymised or aggregated – it does not directly identify you. We treat these cookies as “non-essential”, which means we will only set them on your device if you consent. By law in the UK and EU, users must opt-in to optional analytics cookies , so we provide a cookie consent banner to allow you to accept or decline these when you first visit our site.

  • Functional Cookies: These cookies remember choices you make and data you provide to personalize your experience. For example, a functional cookie may remember your preferred language or region, or keep you logged in to your account between visits. These cookies enhance the user experience but are not strictly necessary. We may use them to make the site more convenient for you (for instance, to pre-fill your email in the newsletter sign-up if you’ve entered it before). We consider these as essential to providing the service you requested, or we will ask consent where required.

We do not currently use any advertising or targeting cookies on BeePro Cosmetics’ website. This means we are not tracking you across other websites for advertising purposes, and we do not serve third-party ads on our site that would use your data.

Cookie Consent: When you first visit our website, you will see a cookie consent notice. We respect your choices – we will not set any non-essential cookies (like analytics cookies) unless you explicitly allow them. If you opt out of certain cookies, those will remain disabled. You can manage your cookie preferences at any time by using our cookie settings tool (if available) or by adjusting your browser settings to refuse cookies. Please note that if you disable all cookies (including necessary ones) via your browser, some features of our site may not work properly (for example, your shopping cart may not be remembered).

Managing Cookies: Most web browsers allow you to control cookies through their settings. You can delete cookies that have already been set and instruct your browser not to accept new cookies. Each browser is different, so check the “Help” or “Settings” section of your browser to learn how to change your cookie preferences. For more detailed information on cookies and how to manage them, you can visit resources like AllAboutCookies.org (this is an external site). Keep in mind that removing or blocking cookies can impact your user experience and some functionality.

By using our site with your browser set to accept cookies, you consent to our use of cookies as described in this section, unless you disable them. We will update our practices and this policy if we implement any additional cookies or tracking tools in the future.

Data Sharing and Disclosure

We treat your personal data with care and confidentiality. We never sell your personal information to third parties for their own marketing or other purposes. However, in order to run our business and provide services to you, we do share your data with certain trusted third parties, under strict conditions and only for the purposes described in this policy. The main categories of recipients are:

  • Shopify (Website Hosting and Platform): BeePro Cosmetics’ online store is built on Shopify Inc.’s e-commerce platform. Shopify provides us with the online storefront and shopping cart system that we use to sell our products to you. This means that information you enter on our website (your name, address, order details, etc.) is stored on Shopify’s servers and databases. Shopify stores your data securely on servers behind firewalls . In effect, Shopify acts as a “data processor” for us, processing customer information on our behalf. Shopify is contractually obligated to keep your data safe and confidential. We recommend reviewing Shopify’s own privacy policy if you wish to learn more about how they handle personal data. (Shopify is a globally trusted e-commerce provider and is GDPR-compliant.)

  • Payment Processors: We use third-party payment gateways to handle online payments, as mentioned earlier. This includes credit card networks and payment providers such as Visa, MasterCard, American Express, and payment platforms like PayPal, Apple Pay, Google Pay, UnionPay, etc. When you make a payment on our site, your payment details are securely transmitted directly to these payment processors. They process your payment on their secure systems; we do not see or store your full card data. These payment providers adhere to high security standards (for example, they are PCI-DSS compliant for handling card information) . We may receive some limited information back from them (such as a confirmation of payment, transaction ID, and in some cases a token or partial card number) to record the transaction. Payment processors may be based outside the UK; however, they all have their own privacy policies and are responsible for complying with data protection laws. We only partner with reputable payment providers to ensure your payment info is handled safely.

  • Delivery and Logistics Partners: In order to deliver your purchases to you, we share the necessary shipping information with courier or postal services. This typically includes your name, delivery address, and contact phone number and/or email (so the delivery company can provide tracking updates or contact you if needed for delivery) . For example, if your order is being delivered by Royal Mail, we will provide Royal Mail with your name, address and in some cases email/phone for tracking notifications. Our delivery partners are authorised to use your information only to perform delivery services and must handle it in accordance with data protection laws.

  • Email Service Providers: We may use an email delivery service or marketing platform (for example, an email newsletter service like MailChimp, Klaviyo, or Shopify Email) to send out our newsletters and marketing emails. If you are subscribed to our communications, your email address and name might be stored in such a service’s database for the sole purpose of sending emails on our behalf. These providers act as data processors and are not allowed to use your information for their own purposes. They simply help us manage our mailing list and dispatch messages. They are required to protect your data and keep it secure.

  • Analytics and Utilities: We use certain third-party tools to help us analyze website performance and customer behavior (such as Google Analytics), and to perform other business functions (such as an accounting software for our financial records). Whenever personal data is shared with these service providers, we ensure it’s limited to what is necessary. For instance, analytics tools may receive anonymized information or IP addresses (which might be truncated or masked). Our accountants or professional advisors may see your order details when helping us with financial/legal compliance, but they are bound by confidentiality and legal obligations as well.

  • Legal and Regulatory Disclosures: We may disclose your personal data when required to do so by law or when such disclosure is necessary to comply with a legal obligation. For example, we might have to provide information in response to a court order, subpoena, or a lawful request by law enforcement or regulatory authorities. We may also share information if we believe in good faith that it is necessary to: investigate or protect against fraudulent activities or violations of our Terms and Conditions, protect the rights and safety of BeePro, our customers, or others, or as evidence in litigation in which we are involved . Any such disclosure will be strictly assessed and made in accordance with data protection law.

In all cases where we share your data with service providers or partners, we do so under appropriate confidentiality and data protection agreements. These companies are only given the information they need to perform their specific services, and they are expected to handle your data with the same level of care and security that we do. We do not permit them to use your data for any unrelated purposes.

If you would like more details about the third parties we use or share data with, please contact us and we can provide further information.

Newsletter and Marketing Communications

If you explicitly subscribe to our BeePro Cosmetics Newsletter or opt in to receive promotional communications, we will use your personal data (primarily your email address and possibly your name) to send you newsletters and marketing emails. Here’s how we handle marketing communications:

  • Opt-In Consent: We operate on a consent basis for marketing. This means we will only send you newsletters or promotional emails if you have given us clear and affirmative permission to do so . For example, by ticking a checkbox to subscribe, or by entering your email in a sign-up form and confirming your subscription. We will make sure it’s clear what you are agreeing to. If you place an order, we might ask if you want to join our mailing list, but you will not be added unless you choose to. We do not automatically enroll customers in marketing emails without consent.

  • Content of Emails: Our marketing emails may include news about BeePro (such as new product launches, restocks, or store updates), exclusive discounts, promotions, beauty tips, or recommendations for you. We aim to send a few relevant emails per month and avoid overwhelming your inbox. Every marketing email will clearly state that it is from BeePro Cosmetics and will provide a way for you to unsubscribe.

  • Unsubscribe / Withdraw Consent: You have the right to stop receiving marketing communications from us at any time. Every email we send has an “unsubscribe” link at the bottom; clicking that will automatically remove you from our mailing list. You can also withdraw your consent by contacting us directly (via email or the contact form) and requesting to unsubscribe. If you withdraw consent or unsubscribe, we will promptly cease sending you marketing emails . (Do note that even if you opt out of marketing emails, we may still send you transactional messages about your orders, such as order confirmations or shipping notices, as those are not marketing but rather service-related.)

  • Third-Party Marketing Services: As mentioned, we may use a third-party email service to manage our newsletter. That provider will hold your email address solely to send emails on our instruction. They may also collect statistics on email open rates or link clicks to help us understand engagement (for example, to see if customers found a particular newsletter interesting). This information is used internally to improve our content. No third party besides our chosen email service will receive your email for marketing purposes, and we do not share our marketing list with other companies.

  • Existing Customers: If you have made a purchase from us, we may, in compliance with applicable laws, send you information about similar products or services that might interest you. This is sometimes known as a “soft opt-in” for existing customers. For example, after a purchase, we might email you a one-time offer for a related product or invite you to review the item. You will always have the ability to opt out of such communications, either via an unsubscribe link or by contacting us. We will always respect your choice.

We ensure that our marketing practices comply with the UK’s Privacy and Electronic Communications Regulations (PECR) and other relevant laws. If you have any issue with marketing emails you receive from BeePro, please let us know and we will address it promptly.

Data Retention

We will not keep your personal data for longer than necessary for the purposes we collected it, unless we are required to keep it longer by law. UK GDPR’s “storage limitation” principle means we should delete or anonymize personal data when we no longer need it . In practice, our retention periods for personal data are as follows:

  • Order and Transaction Data: When you place an order with us, we will retain the personal information related to that order (such as your name, contact details, and order details) for as long as necessary to fulfill the order and then as required to comply with legal obligations. We generally keep sales records for at least 6 years after the end of the financial year in which the transaction took place . This retention period is in line with UK tax and accounting laws (which often require businesses to keep records for six years) and helps us handle any disputes, returns, or inquiries regarding your order. After that period, we will review and securely delete or anonymize data that we no longer need.

  • Account Information: If you register an account on our website, we will retain your account details (like your name, email, login credentials and saved preferences) for as long as your account remains active. If you choose to close your account or it remains inactive for an extended period, we will either delete the information or archive it in a secure manner. We may retain hashed or irreversibly anonymized data (which no longer identifies you) for statistical analysis, but we remove personally identifiable details. We might also retain certain information if necessary for legal reasons (e.g. if there are unresolved issues related to the account).

  • Newsletter/Marketing Subscription: We keep your contact details on our marketing list until you unsubscribe or withdraw your consent. If you unsubscribe from marketing, we will remove you from our active mailing list immediately and will not send further marketing emails. We may, however, keep a record of your email address on a suppression list (a list of unsubscribed addresses) to ensure we honor your opt-out and do not accidentally send you emails in the future. This suppression list is kept indefinitely (as it’s in our legitimate interest to permanently respect opt-out requests), but it is used only for that purpose.

  • Customer Service Communications: If you contact us (by email, contact form, or phone), we may retain correspondence (including your contact info and the content of your inquiry) for a period of time. Typically, we keep routine customer service communications for up to 2 years after resolving your issue, in case you have follow-up questions or to train and improve our customer service. For any complaints or legal disputes, we might need to keep relevant information for longer as evidence, until the issue is fully resolved and any statutory limitation periods have passed.

  • Technical Logs and Analytics: Web server logs (which may include IP addresses) are generally retained for a short period (a few weeks up to a few months) for security monitoring and troubleshooting, then automatically deleted. Analytics data may be stored longer in aggregate form; for example, Google Analytics retains aggregated website visit data for a certain period (e.g., 26 months), but this data is not identifiable to you personally. You can clear cookies from your own browser at any time to remove tracking data on your side.

Once the applicable retention period has elapsed, or if we no longer need the data, we will ensure your personal data is securely deleted, destroyed or anonymised so that it can no longer be associated with you. For example, we may wipe electronic files, shred paper records, and/or use technical methods to permanently anonymize data. We also regularly review the data we hold and erase or anonymize information that is no longer needed.

If you have questions about our specific retention periods for any type of data, please contact us. We can provide more detail or adjust our practices to meet any legal requirements or requests for erasure, as appropriate.

Data Security

BeePro Cosmetics takes the security of your personal information very seriously. We have implemented a variety of technical and organizational measures to protect your data from unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Secure Hosting & Encryption: Our website is hosted on Shopify’s secure platform. All pages on our site use HTTPS encryption, which means that any information you submit (such as your personal details or payment information) is encrypted in transit. Shopify stores your data on secure servers protected by firewalls . In other words, your data is safeguarded within Shopify’s data centers using advanced security measures. We also ensure that any sensitive data is encrypted at rest where applicable.

  • Payment Security: As noted, we do not store your card details ourselves. Our payment processing partners handle card data securely and are PCI-DSS compliant . This industry-standard security certification ensures that payment processors maintain a high level of security for card transactions. When you enter payment information on our site, that data is transmitted directly to the payment gateway over an encrypted connection; we never see your full card number or CVV. This greatly reduces the risk of your financial information being compromised through our site.

  • Access Control: Internally, we restrict access to personal data to only those team members and service providers who need it to perform their duties (for example, our fulfillment team will have access to your name and address to pack and ship your order, but they will not see your payment details). Our staff are trained on data protection and understand the importance of confidentiality. All access to systems containing personal data is password-protected and limited. Where possible, we use two-factor authentication and other best practices to prevent unauthorized access.

  • Monitoring and Testing: We (and Shopify) monitor the platform for potential vulnerabilities and attacks. Shopify continuously updates its infrastructure with security patches and employs measures like intrusion detection and prevention systems. We also keep our website’s software (including any apps or plugins) up to date to protect against known security issues. Regular backups are performed to ensure data integrity. Additionally, we utilize secure network protocols and, if applicable, antivirus/anti-malware tools to further guard against threats.

  • Physical Security: To the extent any personal data is stored or accessed in physical form (e.g., printed order invoices or on devices), we have measures to keep them secure. Our office computers are encrypted and password-protected. Paper records (if any) are stored in locked cabinets and are shredded when no longer needed. Shopify’s data centers themselves have robust physical security controls.

  • Data Breach Procedures: Despite all precautions, no system is 100% immune to security incidents. We have a data breach response plan in place. This means that if we suspect or become aware of a data breach involving personal data, we will immediately take steps to contain and investigate it. Depending on the severity, we will inform any affected individuals and notify regulatory authorities like the ICO within the timeframes required by law. We will also advise you on any steps you should take to protect yourself, if relevant.

While we strive to protect your personal data, it’s important to note that no website or internet transmission is completely secure. You can also play a part in keeping your data safe: please use a strong, unique password for your account on our site, never share your account details with others, and contact us immediately if you suspect any unauthorized use of your account or a security breach. We will never ask you for your password via email or phone.

Our commitment to security is ongoing – we regularly review and update our security practices to adapt to new threats and technological developments. If you have any concerns about the security of your data, feel free to reach out to us.

International Data Transfers

The personal data we collect is primarily stored and processed in the United Kingdom or other locations in the European Economic Area (EEA). However, some of the third parties we work with (like Shopify and other service providers) are based outside of the UK/EEA, so your personal data may be transferred to or accessed from other countries. For example, Shopify’s servers might be located in Canada or the United States, and if you use PayPal or other international payment methods, your data will travel to their global servers.

When your data is transferred outside the UK (or EEA), we remain responsible for ensuring adequate protection of your personal information. The UK GDPR has rules in place to make sure that personal data, when exported to another country, still receives a similar level of protection as it would within the UK . We take the following steps for international data transfers:

  • Adequacy Decisions: Some countries have been officially recognized by the UK government as having data protection laws equivalent to the UK/EU standard (these are called “adequate” countries). For instance, the European Union/EEA countries are deemed adequate, and Canada (commercial organizations) is also considered adequate under GDPR. If your data is transferred to such a country, it can legally flow as it would within the UK.

  • Standard Contractual Clauses (SCCs): For transfers to countries without an adequacy decision (for example, the United States in many cases), we use standard contractual clauses or the UK’s International Data Transfer Agreement/Addendum in our contracts with those service providers. These are legal agreements approved by regulators that bind the recipient to protect your data to UK standards. In essence, the contract compels the non-UK recipient to uphold privacy protections equivalent to those required by UK law.

  • Other Safeguards: We may also rely on other permitted transfer mechanisms such as an International Data Transfer Agreement, or require the entity receiving the data to have certifications like the EU-U.S. Data Privacy Framework (if applicable) or Binding Corporate Rules. We additionally assess on a case-by-case basis that any overseas recipient of data has appropriate technical measures (encryption, security practices) in place.

By implementing these measures, we ensure that your rights and protections travel with your data, wherever it goes. You can rest assured that whether your data is processed in the UK, the USA, or elsewhere, we treat it with the same care and security.

If we transfer data outside the UK/EEA in specific scenarios not covered here, we will inform you and ensure a valid legal transfer mechanism is used. If you would like more information about international data transfers or specific destinations of your data, please contact us (see the Contact section below) and we will be happy to provide details.

Your Rights

As a customer or user of our site, you have certain rights under the UK GDPR and Data Protection Act 2018 regarding your personal data. These rights empower you and give you control over your information . Your rights include:

  • Right to Be Informed – You have the right to be informed about the collection and use of your personal data. This Privacy Policy, along with any notices we provide when you give us your data, is intended to keep you informed . If you have any questions about how your data is used beyond what is described here, you can always ask us.

  • Right of Access – You can request a copy of the personal data we hold about you, as well as information about how we process it. This is commonly known as a Subject Access Request. Upon verification of your identity, we will provide you with a copy of the data and details on its source, purpose, and recipients, free of charge (unless the request is manifestly unfounded or excessive). For example, you can ask for a copy of the information you provided to us and details of your order history .

  • Right to Rectification – If any personal data we have about you is inaccurate or incomplete, you have the right to have it corrected or updated . For instance, if you notice we have misspelled your name or an old address on file, you can request that we fix it. We will rectify inaccurate data without undue delay.

  • Right to Erasure – Also known as the “right to be forgotten,” this right allows you to request deletion of your personal data in certain circumstances . You can ask us to erase your data, for example, if the information is no longer needed for the purpose it was collected, or if you initially consented to a use of your data but have now withdrawn consent. We will honor valid erasure requests provided that we do not have an overriding legal reason to retain the data (for example, we may need to keep certain transaction records for tax law compliance). We will also inform you if any exemption applies that allows us to keep some data .

  • Right to Restrict Processing – You have the right to request that we limit the processing of your data in certain situations . This means we would store your data but not actively use it until the restriction is lifted. You might exercise this right if you contest the accuracy of the data (while we verify it), or if you object to our processing and we are considering your request. For example, if you believe we should no longer be using your data, you can ask us to “freeze” it while we assess. If processing is restricted, we will inform you before lifting the restriction.

  • Right to Data Portability – For data you have provided to us, you have the right to receive it in a structured, commonly used, machine-readable format, and/or have that data transmitted to another controller where technically feasible . This right applies when processing is based on your consent or on a contract and is carried out by automated means. In practice, this could mean you can ask us for an export of the personal data you provided when you signed up or placed orders, so you can import it into another service.

  • Right to Object – You may object to our processing of your personal data in certain circumstances. Notably, you have an absolute right to object to direct marketing at any time – if you object, we will stop using your data for marketing purposes immediately. You can also object if you feel our reliance on legitimate interests (or that of a third party) for processing your data impacts your rights. If you lodge an objection, we will stop processing the personal data in question unless we have compelling legitimate grounds to continue that override your rights, or the processing is needed for legal claims . We will always honor an objection to marketing, and for other objections, we will carefully assess your request.

  • Rights related to Automated Decision-Making – You have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects or similarly significant effects on you . In plain terms, this means if we ever use algorithms to make decisions about you with no human involvement (for example, an automated credit approval or profiling your behavior to make decisions), you have the right to request human intervention, express your point of view, and contest the decision. Currently, BeePro Cosmetics does not make any such automated decisions about customers that have legal or significant effects. Any personalization we do (like recommending products) is not legally significant and has human oversight.

  • Right to Withdraw Consent – If we are processing any of your data based on your consent (such as sending newsletters or certain cookie usage), you have the right to withdraw that consent at any time . Withdrawal of consent will not affect the lawfulness of processing done before you withdrew, but it means we will stop the specific activity going forward. For example, you can unsubscribe from our emails (withdrawing consent for marketing), and we will cease sending them.

  • Right to Complain – If you have concerns or believe we have violated your data protection rights, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s independent supervisory authority for data protection matters . The ICO can be contacted via their website or by phone (see Contact section below for details). We would, however, appreciate the chance to address your concerns before you approach the ICO, so please consider reaching out to us first. We take your privacy very seriously and will do our best to resolve any issue.

To exercise any of your rights, please contact us using the information in the Contact Us section below. We may need to verify your identity before fulfilling certain requests (to ensure we don’t disclose data to the wrong person). We will respond to your requests as soon as possible, and at most within one month as required by law. If your request is complex or if you have made multiple requests, we may extend this period by up to an additional two months, but we will inform you of this and explain why . There is normally no fee for exercising your rights; we will charge only if the request is manifestly unfounded or excessive, in which case we will explain our reasoning.

We are committed to upholding your rights and assisting you in exercising control over your personal data.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please do not hesitate to contact us. We are here to help.

Data Protection Contact for BeePro Cosmetics:

  • Email: hello@beeprocosmetics.com

  • Postal Address: BeePro Cosmetics Ltd UK, Office 1, Izabella House, 24-26 Regent Place, Birmingham, B1 3NJ, United Kingdom.

When you contact us, please provide sufficient information for us to identify you and understand your request. If you are contacting us to exercise one of Your Rights described above, it would be helpful to state the right you wish to exercise and the details of your request. We may ask you to verify your identity (for example, by confirming details of your recent orders or other info we have on file) before executing your request, to ensure we protect your data from unauthorized access.

We will respond to all legitimate inquiries without undue delay and do our best to address your concerns. Your feedback is welcome – if you think we can improve our privacy practices, let us know.

Complaints: As noted, you have the right to lodge a complaint with the ICO if you believe we have mishandled your data. The ICO’s contact details are:

  • Website: www.ico.org.uk (online contact forms are available)

  • Telephone: 0303 123 1113 (ICO helpline)

  • Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, UK.

The ICO can provide advice or take complaints on data protection issues. For most concerns, they will encourage you to resolve the issue with the data controller (us) first before they investigate, so we do kindly request you give us the opportunity to fix the problem.

Updates to This Policy

We may update or change this Privacy Policy from time to time to reflect changes in our business practices, legal requirements, or for other operational reasons. When we make updates, we will change the “Last updated” date at the top of this policy. If the changes are significant, we may also notify you by email (if you have an account or have provided your email) or by a prominent notice on our website.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website after any changes to this policy will be deemed acceptance of those changes, so please do review any updated policy.

Thank you for reading our Privacy Policy. We value your trust and are committed to safeguarding your personal data. If you have any questions or concerns, please contact us using the details provided above.