Privacy policy

Effective Date: March 31, 2025

Notox Society ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your information when you visit our website, sign up for emails, or purchase digital products.

This policy is GDPR-compliant and applies to all site visitors, regardless of location, including those in the European Economic Area (EEA) and United Kingdom (UK).

1. Who We Are

Notox Society is a digital platform that shares content, products, and resources focused on embracing natural aging and rejecting toxic beauty standards.

Data Controller: Notox Society

Contact Email: steph@notoxsociety.com

2. What Information We Collect

Information You Provide:

- Name and email address (e.g., newsletter sign-up or contact form)

- Billing information (e.g., when purchasing a product—processed securely via third-party providers)

- Any content you submit voluntarily (e.g., surveys, community comments)

Information We Collect Automatically:

- IP address, browser type, device info, referring URLs, and usage data (collected via cookies and analytics tools)

We do not collect or store sensitive personal data (such as race, ethnicity, religion, health data, etc.).

3. Legal Bases for Processing (GDPR)

We process your personal data only when we have a legal basis under GDPR, including:

- Consent: When you sign up for our newsletter or agree to cookies

- Contract: To fulfill orders or provide requested services

- Legitimate Interest: To improve our site, offer support, or send marketing (where legally allowed)

- Legal Obligation: Where required to comply with applicable laws

4. How We Use Your Information

We may use your data to:

- Send email newsletters or updates (with your consent)

- Process orders and deliver digital content

- Respond to inquiries

- Improve website performance and user experience

- Analyze traffic and usage patterns

- Meet legal or regulatory obligations

5. Your Data Protection Rights (EU/UK Residents)

Under the GDPR, you have the right to:

- Access your personal data

- Rectify incorrect or incomplete data

- Erase your data ("right to be forgotten")

- Restrict processing of your data

- Object to processing (e.g., for marketing)

- Data portability (receive your data in a usable format)

- Withdraw consent at any time (for data processed based on consent)

- Lodge a complaint with a data protection authority

To exercise any of these rights, contact us at steph@notoxsociety.com.

6. Data Retention

We retain personal data only as long as necessary for the purposes outlined above, unless a longer retention period is required by law.

If you request deletion of your data, we will securely erase it unless retention is required to comply with legal obligations or resolve disputes.

7. Cookies and Analytics

We use cookies and similar technologies to collect usage data and improve your browsing experience.

You can manage cookie preferences through your browser or via our cookie banner (where required).

We also use analytics services (like Google Analytics) to understand how visitors interact with our site. These services may store information outside of the EU/UK, in compliance with applicable data transfer regulations (see Section 9).

8. Email Marketing

If you opt in to our mailing list, we will send you emails about new content, product launches, and community updates.

You can unsubscribe at any time by clicking the “unsubscribe” link in our emails or by contacting us directly.

We use third-party providers to manage our mailing lists and campaigns. These services store your data securely and are GDPR-compliant.

9. International Data Transfers

We are based outside the EEA/UK, and our service providers may process your data in countries outside of your own.

Where personal data is transferred from the EEA/UK to a third country, we ensure an adequate level of protection, such as:

- Transfers to countries deemed "adequate" by the European Commission

- Standard Contractual Clauses (SCCs) or equivalent safeguards

10. How We Protect Your Information

We implement appropriate security measures to protect your personal data, including secure data transmission, password-protected systems, and limited access controls.

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

11. Third-Party Links

Our site may include links to other websites. We are not responsible for their privacy practices or content. Please review the privacy policies of any third-party websites you visit.

12. Children’s Privacy

This website is not intended for children under 13. We do not knowingly collect data from children. If we learn that a child has provided personal information, we will delete it immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we’ll update the “Effective Date” at the top of this page. You are encouraged to review this policy periodically.

14. Contact Us

For any questions about this policy or your personal data rights, contact us at:

steph@notoxsociety.com

If you are in the EU or UK and believe your data has been handled improperly, you may contact your local Data Protection Authority.