Privacy policy

Privacy Policy

In this policy 'Apothaka Ltd', ‘we’, ‘us’ or ‘our’ refers to the owner of this website, and ‘you’ or ‘your’ refers to the user or viewer of this website. 

Apothaka Ltd is committed to ensuring the privacy and protection of visitors to this website www.apothaka.com.  Please read this privacy policy in order to understand what information we collect, how we use it and under what circumstances we disclose it.

All products and services are made available subject to the terms set out in this statement of our privacy policy.  By using this website or purchasing goods from us, you are consenting to the collection, use and transfer of your information under the terms of this policy.  We reserve the right to change this policy at any time.  Any changes will be posted to this page.

When you are using this website, Apothaka Ltd is the data controller. Apothaka is a UK based company and therefore, when visiting our website, personal data that we may collect through cookies or online forms will leave the EU for the UK.

The lawful basis for processing: 

The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:

Consent: in particular situations, we can collect and process your data with your consent e.g. when you sign up to receive email newsletters (you can unsubscribe at any time)

Contractual obligations: e.g. when you order through this site, we need your shipping address to deliver your order and these details will need to be shared with our delivery partners

Legal compliance: e.g. we can pass on details of people involved in fraud or other criminal activity affecting our business to law enforcement

Legitimate interest: in some situations we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests e.g. using your purchase history to send you personalised offers, help us develop new products or run our loyalty programme, or sending you marketing emails if you choose to opt in.

Access:

You may browse this website without any data being collected from you.  However, in order to enjoy a tailored browsing and shopping experience we offer you the ability to register for an account. 

Age of consent:

By using this site, you are confirming that you are legally capable of entering into a legally binding contract and that you are over 18 years of age.

Collecting your personal data:

We collect your personal data in the following situations:

  • When you visit our websites, and use your account to buy products
  • When you make an online purchase and check out as a guest (then we we just collect transaction-based data)
  • When you create an account with us
  • When you sign up to our email newsletter
  • When you shop online, we capture information through cookies and similar technologies, you can manage these when you visit our site
  • When you engage with us on social media
  • When you join the Glow Getters loyalty programme 
  • When you contact us by any means with queries, complaints etc
  • When you choose to complete any surveys we send you 
  • When you comment on or review our products 
  • When you’ve given a third party permission to share with us the information they hold about you

How we use your personal data:

We want to give you the best possible customer experience. One way to achieve that is to get the richest picture we can of who you are by combining the data we have about you. We use this information to offer you promotions and products that are most likely to interest you. In the case of loyalty programme members, we’ll also offer you relevant rewards.

The data privacy law allows this as part of our legitimate interest in understanding our customers and providing the highest levels of service. If you wish to change how we use your data, you’ll find details in the ‘Your rights & information requests’ section below.

If you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide some services you’ve asked for.

Ordering:

When you add items to your cart a file is created on the server which stores details of your purchases.  This file is linked uniquely to your browsing session and cannot be viewed by anyone else.

When you complete your order we ask for personal information about you, such as your full name, address, e-mail address, phone number and card details.  This data will only be shared with our payment service provider and delivery partners, and only for the purposes of processing and shipping your order.

By submitting information to Apothaka Ltd, you are consenting to the collection and use of this information by Apothaka Ltd, our payment service provider and delivery partners in the fulfilment of your order, and you are accepting the risks associated with the Internet and will not hold us responsible or liable for any loss of your information unless we have breached our duty of care to you.

Payment:

Data relating to debit or credit card payments is processed by Shopify, who store your debit or credit card data.  This data is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS).  Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction.  After this is complete, your purchase transaction information is deleted. 

All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.  PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.  You may also want to read Shopify’s Terms of Service and Privacy Policy so you can understand the manner in which your personal information will be handled by them.

Your account:

When you register for an account with apothaka.com, we require that you give us a valid email address.  This is so that our system can verify your registration and issue you with a personal password to allow you access to your member area.

You can use your member account to store your personal data for the purposes of making orders with apothaka.com.

You are responsible for maintaining the confidentiality of your password and account and any activities that occur under your account.  It is advised that you take all necessary precautions when accessing your account within a public place, on a public network, or using a shared device.

Apothaka Ltd shall not be liable to any person for any loss or damage which may arise as a result of any failure by you to protect your password or account. 

You can check the personal information we hold by logging into your account, or emailing us.  If you find any inaccuracies, please contact us and we will delete or correct it promptly.

Your data:

Personally identifiable information (such as name, address, email address, telephone number and requirements) is collected only from users who place an order, use the online enquiry form or online chat.  Personal contact details will be used for the purpose of communication and fulfilling your order or request only and is kept strictly confidential.

If we ask you for personal information for a secondary reason, such as for our own marketing purposes, we will either ask you directly for your express consent, or provide you with an opportunity to say no (see also Newsletter Subscription section).

We do not collect information about you from other sources, such as public records or bodies, or private organisations. 

We will only use the information that we collect about you lawfully (in accordance with the Data Protection Act 2018 / UK GDPR).  

We do not share any personal data with any third party organisation or institution, except for the purposes of processing your order as detailed above, or if required to do so by law.

How we protect your data:

Our store is hosted on Shopify Inc.  They provide us with the online e-commerce platform that allows us to sell our products to you.  Your data is stored through Shopify’s data storage, databases and the general Shopify application.  They store your data on a secure server behind a firewall. 

If you provide us with your debit or credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption.  You will know when the web page you are using is secure as the letters 'https' will replace 'http' in the browser address window, and a padlock will appear either next to your browser address window or at the bottom of your browser window.

Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

Who we may share your personal data with:

We sometimes share your personal data with trusted third parties. In order to keep your data safe and protect your privacy:

  • We provide only the information they need to perform their specific services
  • They may only use your data for the exact purposes we specify in our contract with them
  • We work closely with them to ensure that your privacy is respected and protected at all times
  • If we stop using their services, any of your data held by them will either be deleted or rendered anonymous

Examples of the kind of third parties we work with are:

  • IT companies who support our website and other business systems
  • Operational companies such as delivery couriers
  • Direct email marketing companies who help us manage our communications with you
  • Facebook/Google to show you products that might interest you while you’re browsing the internet. This is based on either your marketing consent or your acceptance of cookies on our websites 
  • Data insight companies to ensure your details are up to date and accurate  

Other information collection & usage:

We may collect assorted anonymous information from visitors to our site, for example: the IP address from which you accessed our site, the duration of your visit, the type of browser you used to access our site, if you linked to this site from another website, the pages you visited, the date and time you accessed our site and other statistical information.  We may use this information for such purposes as improving our website, monitoring traffic and usage patterns or for other general business purposes.

External websites:

This privacy policy covers the usage of apothaka.com only. Where we have linked to external or third party sites, or an external site has linked to our website, a different privacy policy may apply.  Therefore, we cannot be responsible for the protection or privacy of any information you provide if you choose to visit these sites.  We recommend you read the privacy policy and terms of use applicable to the website in question.

Your rights & information requests:

You have the right to request:

  • Access to the personal data we hold about you, free of charge in most cases
  • The correction of your personal data when incorrect, out of date or incomplete
  • The deletion of the data we hold about you, in specific circumstances; for example, when you withdraw consent or object, and we have no legitimate overriding interest, or once the purpose for which we hold the data has come to an end 
  • Restriction of the use of your personal data, in specific circumstances, generally while we are deciding on an objection you have made 
  • That we stop processing your personal data, in specific circumstances; for example, when you have withdrawn consent, or object for reasons related to your individual circumstances
  • That we stop using your personal data for direct marketing (either through specific channels, or all channels)
  • That we stop any consent-based processing of your personal data after you withdraw that consent
  • If we choose not to action your request, we will explain the reasons for our refusal 

You may request details of personal information which we hold about you under the Data Protection Act 2018. If you would like a copy of the information held on you, you can request this here: https://www.apothaka.com/pages/request-personal-data

If at any point you would like your details removed from our records, please send an email to hello@apothaka.com or fill in the relevant form at https://www.apothaka.com/pages/request-personal-data.

Cookie Policy

This policy explains what cookies are, how we use them and how you can switch them off. 

In this policy ‘Apothaka Ltd’, ‘we’, ‘us’ or ‘our’ refers to the owner of this website, and ‘you’ or ‘your’ refers to the user or viewer of this website.

Cookies are small text files that are saved to your computer’s hard drive, phone or other web enabled device.  They track your movements while you are on our website, enabling us to enhance and simplify your visit to our site.  They also recognise you when you visit our website again.  We do not use cookies to store personal information (such as your card details, name or date of birth), or to disclose information to third parties.  Cookies are not programs and therefore cannot contain viruses or other malicious software.

By using our site, you consent to the use of these cookies.

We use cookies for the following reasons:

  • to enable you to set up an account, and sign in securely to your account,
  • to enable you to place orders,
  • to store items you place into your shopping cart while you browse our site, and
  • to remember items you have been looking at so that you can quickly and easily go back to an item you looked at previously.

There are two types of cookies; permanent and temporary (session cookies).  Permanent cookies are stored as a file on your computer or mobile device for a time period no longer the 12 months.  Session cookies are stored temporarily and are removed automatically from your computer when you close your browser session.

Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.

 _session_id, unique token, sessional, allows Shopify to store information about your session (referrer, landing page, etc).

 _shopify_visit, no data held, persistent for 30 minutes from the last visit, used by our website provider’s internal stats tracker to record the number of visits

 _shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, counts the number of visits to a store by a single customer.

cart, unique token, persistent for 2 weeks, stores information about the contents of your cart.

 _secure_session_id, unique token, sessional

 storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.

This website also uses the third party cookies listed below:

Google Analytics - These are used to compile data about how visitors browse our website. All the data remains anonymous, and is used to create a report that helps us improve the usability of the website.  These cookies do not store personally identifiable information and are not used for any advertising purposes.

If you would like any further information concerning any third party cookies used, please check directly with the relevant third-party website for more information. 

The Help menu in most common browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie and how to disable cookies altogether. 

Please note that if you choose to disable cookies, you will not be able to take advantage of all features on our site, such as adding items to your Shopping Cart or proceeding to Checkout.

 

List of charities Apothaka donated to since launch:

The Joseph School – Haiti

50% of Haitian children don't have the opportunity to attend school. The Joseph School believes that through education students will teach and empower hundreds— transforming the future of Haiti.
The money went towards health assessments & medical needs, a food programme which provides locally grown food for the students’ meals, and some desperately needed books.

DENS - Dacorum, Herts

This wonderful local charity supports and empowers those in my area that face homelessness, poverty & social exclusion, by providing access to temporary accommodation, food and provisions as well as supporting them with the development of skills and confidence to build a better future.

NHS Health heroes (Healing Hands – Hemel Hempstead & Kings College ICU staff)

Apothaka donated a number of larger hand cream samples to a local initiative in the area, Healing Hands, which gets much needed skincare products to front line NHS workers. A batch went to Hemel Hospital and in total, Apothaka has donated over 70 samples, including some to local NHS staff in Berkhamsted and to King's College ICU staff (thanks to Yasmine @peels_masks_and_scrubs who has been doing an amazing job of getting goodie bags to the wonderful staff there)

Young Minds UK

My incredible daughter raised over £1,000 for Young Minds a few years ago when she did a 5-mile run, aged 8. Given how the pandemic has affected the mental health of so many, it felt like the right choice to support Young Minds this year.

Stephen Lawrence charitable trust (now called Blueprint for all)– London

Blueprint for all (formerly Stephen Lawrence Charitable Trust) works with young people and communities to create an inclusive society in which everyone, regardless of their race, ethnicity or background can thrive.

Their programmes provide inspiration, opportunities and support to talented young people, enabling them to succeed. They work with innovative organisations and businesses to address disparity of opportunity, so everyone’s talents, skills and perspectives are valued. And we empower communities across the UK to tackle inequality and discrimination for long term, sustainable change.

Incredible Brilliant Youth - London

Incredible Brilliant Youth is a fun, innovative youth organisation that was set up in July 2012 to help empower and improve the confidence of young people aged 11-30 through courses, workshops and talks on self esteem, beauty, education and employment. To date they have worked with over 2000 people across the South of England.

After the success of the IBY Complete Hair and Makeup Artist course in the Summer, all six graduates went on to paid work on photoshoots, adverts, TV shows and films. How amazing is that, especially in an industry that's been hit so hard by COVID19?!

Emergency Medical Aid for Ukraine

My Slovakian friend, Michaela Ruby is working closely with an amazing Slovakian charity ADRA which is based at the border helping with emergency medial aid purchases and transport to Ukraine. Apothaka, together with Luneia Skincare donated a proportion of sales from a collaboration to these efforts.