Privacy policy
PRIVACY POLICY
My Gaea Organics
Last Updated: January 6, 2026
1. INTRODUCTION
This Privacy Policy describes how My Gaea Organics ("Company," "we," "us," or "our") collects, uses, discloses, and protects your personal information when you visit, interact with, or make a purchase from mygaeaorganics.com (the "Site").
By using the Site, you agree to the collection and use of information in accordance with this Privacy Policy and our Terms & Conditions.
Key Points:
β’ We do not sell your personal information
β’ We use industry-standard security measures
β’ You have rights to access, correct, and delete your data
β’ We comply with applicable U.S. privacy laws including CCPA, CPRA, and state-level regulations
2. PERSONAL INFORMATION WE COLLECT
A. Information You Provide to Us (Order & Contact Information)
When you make or attempt to make a purchase, create an account, sign up for our email list, or contact us through the Site, we may collect:
Purchase Information:
β’ Name
β’ Billing address
β’ Shipping address
β’ Email address
β’ Phone number
β’ Payment information (processed securely by third-party payment processors)
Account Information:
β’ Username and password
β’ Order history
β’ Saved shipping addresses
β’ Communication preferences
Communication Information:
β’ Email correspondence
β’ Customer service inquiries
β’ Product reviews and testimonials
β’ Survey responses
Adverse Event Reports:
β’ Health information you voluntarily provide when reporting product reactions (as required by FDA MoCRA regulations)
Payment Security:
We do not store complete credit card numbers on our servers. All payment processing is handled by PCI-DSS compliant third-party payment processors.
B. Information Collected Automatically (Device & Usage Information)
When you visit the Site, we automatically collect certain information about your device and browsing activity, including:
Device Information:
β’ IP address
β’ Browser type and version
β’ Device type (mobile, tablet, desktop)
β’ Operating system
β’ Time zone and language settings
β’ Screen resolution
Usage Information:
β’ Pages viewed and time spent on pages
β’ Referring and exit pages
β’ Date and time of access
β’ Click patterns and navigation paths
β’ Search queries on our Site
β’ Products viewed and added to cart
Technology Used:
This information is collected using:
β’ Cookies β Small text files stored on your device
β’ Log files β Server records of Site activity
β’ Web beacons, pixels, and tags β Tracking technologies embedded in pages and emails
β’ Local storage β Browser-based data storage
Cookie Management:
You may disable cookies through your browser settings, but doing so may affect Site functionality, including your ability to complete purchases or stay logged into your account.
For more information about cookies and how to manage them, visit: www.allaboutcookies.org
C. Information from Third-Party Sources
We may receive information about you from:
β’ Shopify β Our e-commerce platform provider
β’ Payment processors β Transaction verification data
β’ Shipping carriers β Delivery status and tracking information
β’ Analytics providers β Aggregated demographic and interest data
β’ Fraud prevention services β Risk assessment data
β’ Social media platforms β If you interact with us on social media or use social login features
D. Definition of Personal Information
"Personal Information" includes all Order Information, Device Information, Communication Information, and any other data that identifies you or can be reasonably linked to you.
3. HOW WE USE YOUR PERSONAL INFORMATION
We use your Personal Information for the following purposes:
A. Order Fulfillment & Customer Service
β’ Process and fulfill orders
β’ Send order confirmations and shipping notifications
β’ Provide customer support
β’ Process returns, refunds, and exchanges
β’ Respond to inquiries and requests
B. Account Management
β’ Create and maintain your account
β’ Save your preferences and order history
β’ Enable faster checkout for repeat customers
C. Security & Fraud Prevention
β’ Screen orders for fraud or security risks
β’ Verify your identity
β’ Detect and prevent unauthorized access
β’ Protect against malicious activity
β’ Comply with payment card industry standards
D. Site Improvement & Analytics
β’ Analyze Site usage and performance
β’ Understand customer preferences and behavior
β’ Improve and optimize our website functionality
β’ Test new features and designs
β’ Troubleshoot technical issues
E. Marketing & Communications
β’ Send promotional emails and newsletters (with your consent)
β’ Provide personalized product recommendations
β’ Notify you of new products, sales, or special offers
β’ Conduct surveys and request feedback
β’ Display targeted advertisements
You may opt out of marketing communications at any time by clicking "unsubscribe" in any email or contacting Info@MyGaeaOrganics.com.
F. Legal & Regulatory Compliance
β’ Comply with applicable laws and regulations
β’ Respond to lawful requests from authorities
β’ Report serious adverse events to the FDA (as required by MoCRA)
β’ Maintain business records for tax and accounting purposes
β’ Enforce our Terms & Conditions
β’ Protect our legal rights and interests
G. Business Operations
β’ Manage inventory and supply chain
β’ Perform accounting and financial reporting
β’ Conduct internal audits and quality control
β’ Train staff and improve customer service
4. SHARING YOUR PERSONAL INFORMATION
We share Personal Information only as necessary to operate our business and provide our services. We do not sell your Personal Information to third parties.
A. Service Providers
We share information with trusted third-party service providers who perform services on our behalf, including:
E-commerce Platform:
β’ Shopify β Website hosting, shopping cart, and order management
β’ Privacy Policy: https://www.shopify.com/legal/privacy
Payment Processing:
β’ Payment processors (e.g., Stripe, PayPal, Square) β Secure payment processing
β’ These providers have their own privacy policies and are PCI-DSS compliant
Shipping & Fulfillment:
β’ Shipping carriers (e.g., USPS, UPS, FedEx) β Package delivery and tracking
β’ We share your name, shipping address, and contact information
Analytics & Marketing:
β’ Google Analytics β Website traffic and user behavior analysis
β’ Email marketing platforms (e.g., Mailchimp, Klaviyo) β Email campaigns and newsletters
β’ Social media platforms (e.g., Facebook, Instagram) β Advertising and remarketing
Fraud Prevention:
β’ Fraud detection services β Risk assessment and transaction verification
Customer Support:
β’ Help desk software β Customer service ticketing and communication
All service providers are contractually obligated to protect your information and use it only for the purposes we specify.
B. Legal Obligations & Protection of Rights
We may disclose Personal Information when required by law or to protect our rights:
β’ To comply with legal processes (subpoenas, court orders, warrants)
β’ To respond to lawful requests by government authorities
β’ To investigate suspected fraud or illegal activity
β’ To protect the rights, property, or safety of My Gaea Organics, our customers, or others
β’ To enforce our Terms & Conditions or other agreements
β’ To report serious adverse events to the FDA as required by law
C. Business Transfers
If My Gaea Organics is involved in a merger, acquisition, sale of assets, bankruptcy, or other business transaction, your Personal Information may be transferred as part of that transaction. You will be notified via email and/or prominent notice on our Site of any such change in ownership or control.
D. With Your Consent
We may share your information for other purposes with your explicit consent, such as:
β’ Featuring your testimonial or review on our website (with your name or username)
β’ Reposting your social media content (when you tag us or use our branded hashtags)
β’ Sharing your information with partners for co-marketing initiatives
E. Aggregated & De-Identified Data
We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you. This includes:
β’ Statistical data about Site traffic and sales
β’ Industry benchmarking and research
β’ Demographic trends and insights
5. BEHAVIORAL ADVERTISING & ANALYTICS
We may use your Personal Information to provide targeted advertisements or marketing communications we believe may be of interest to you based on your browsing behavior, purchase history, and preferences.
A. How Behavioral Advertising Works
When you visit our Site or interact with our emails, we and our advertising partners may use cookies and similar technologies to:
β’ Track which pages you visit and products you view
β’ Display relevant ads on other websites you visit
β’ Measure the effectiveness of our advertising campaigns
β’ Create audiences of similar users for advertising purposes
B. Third-Party Advertising Partners
We work with the following types of advertising partners:
β’ Google Ads β Search and display advertising
β’ Facebook/Instagram Ads β Social media advertising
β’ Retargeting platforms β Ads that follow you across websites
C. Opt-Out Options
You can opt out of targeted advertising through:
Platform-Specific Opt-Outs:
β’ Google Ads: https://www.google.com/settings/ads
β’ Facebook: https://www.facebook.com/settings/?tab=ads
β’ Instagram: Through your Facebook ad settings
Industry Opt-Out Tools:
β’ Digital Advertising Alliance: http://optout.aboutads.info
β’ Network Advertising Initiative: http://optout.networkadvertising.org
β’ Your device settings (iOS: "Limit Ad Tracking" / Android: "Opt out of Ads Personalization")
Browser Settings:
β’ Enable "Do Not Track" in your browser
β’ Use browser extensions that block tracking (e.g., Privacy Badger, uBlock Origin)
β’ Clear cookies regularly
Note: Opting out does not mean you'll stop seeing ads entirelyβyou'll still see generic ads that aren't based on your browsing behavior.
6. DO NOT TRACK SIGNALS
Please note that we do not currently alter our data collection and usage practices when we receive "Do Not Track" signals from your browser, as there is no consistent industry standard for compliance and interpretation of DNT signals.
However, you can still control tracking through the opt-out methods described in Section 5 above.
7. YOUR PRIVACY RIGHTS
Depending on your location, you may have certain rights regarding your Personal Information.
A. General Rights (All U.S. Customers)
Right to Access:
You may request a copy of the Personal Information we hold about you.
Right to Correction:
You may request that we correct inaccurate or incomplete information.
Right to Deletion:
You may request that we delete your Personal Information, subject to certain legal exceptions (e.g., we must retain records for tax purposes, fraud prevention, or legal compliance).
Right to Opt Out of Marketing:
You may unsubscribe from promotional emails at any time.
Right to Non-Discrimination:
We will not discriminate against you for exercising your privacy rights.
B. California Privacy Rights (CCPA / CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).
Your California Rights Include:
1. Right to Know
You have the right to request:
β’ What categories of Personal Information we collect
β’ The specific pieces of Personal Information we have about you
β’ The categories of sources from which we collect information
β’ Our business or commercial purposes for collecting information
β’ The categories of third parties with whom we share information
2. Right to Delete
You may request deletion of your Personal Information, subject to certain exceptions (e.g., completing transactions, fraud prevention, legal compliance, internal uses).
3. Right to Correct
You may request correction of inaccurate Personal Information.
4. Right to Opt Out of Sale or Sharing
We do not sell your Personal Information. However, some of our advertising partnerships may constitute "sharing" under California law. You can opt out using the methods in Section 5.
5. Right to Limit Use of Sensitive Personal Information
We do not use sensitive Personal Information (such as health data from adverse event reports) for purposes other than those permitted by law.
6. Right to Non-Discrimination
We will not deny goods or services, charge different prices, or provide a different level of service for exercising your CCPA rights.
Categories of Personal Information We Collect:
|
Category |
Examples |
Collected? |
|
Identifiers |
Name, email address, mailing address, phone number, IP address, account username |
β Yes |
|
Commercial Information |
Purchase history, products viewed, shopping cart contents |
β Yes |
|
Internet/Network Activity |
Browsing history on our Site, interactions with our website and emails |
β Yes |
|
Geolocation Data |
Approximate location based on IP address, shipping address |
β Yes |
|
Inferences |
Preferences, characteristics, behavior patterns used for marketing |
β Yes |
|
Sensitive Personal Information |
Health information (only when voluntarily provided in adverse event reports) |
β Limited |
How to Exercise Your California Rights:
To submit a request, contact us at:
β’ Email: Info@MyGaeaOrganics.com
β’ Subject Line: "California Privacy Rights Request"
β’ Include: Your name, email address, mailing address, and specific request
Verification Process:
We will verify your identity before processing requests by matching the information you provide with information in our records. For deletion requests, we may require additional verification.
Authorized Agents:
You may designate an authorized agent to make requests on your behalf. The agent must provide written authorization, and we may still require you to verify your identity directly.
Response Time:
We will respond to verified requests within 45 days. If we need additional time (up to 90 days total), we will notify you.
C. Other State Privacy Rights
Virginia, Colorado, Connecticut, Utah, and Other States:
If you reside in Virginia, Colorado, Connecticut, Utah, or another state with comprehensive privacy laws, you may have similar rights to those described above, including rights to access, correct, delete, and opt out of targeted advertising and profiling.
To exercise these rights, contact us using the same process as California residents.
8. DATA RETENTION
We retain Personal Information only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.
Retention Periods:
|
Type of Information |
Retention Period |
|
Order & Purchase Data |
7 years (for tax, accounting, and legal compliance) |
|
Account Information |
Until you request deletion or account closure, plus 30 days |
|
Marketing Communications |
Until you unsubscribe, plus 30 days |
|
Customer Service Records |
3 years after last interaction |
|
Adverse Event Reports |
As required by FDA regulations (typically 3+ years) |
|
Website Analytics |
26 months (Google Analytics default) |
|
Security Logs |
90 days to 1 year |
Deletion:
When we no longer need your information, we will securely delete or anonymize it. However, we may retain certain information as required by law or for legitimate business purposes (e.g., fraud prevention, dispute resolution).
9. DATA SECURITY
We implement reasonable administrative, technical, and physical safeguards to protect your Personal Information from unauthorized access, disclosure, alteration, and destruction.
Security Measures Include:
Technical Safeguards:
β’ SSL/TLS encryption for data transmission
β’ Secure, encrypted storage of sensitive data
β’ Regular security updates and patches
β’ Firewall protection and intrusion detection
β’ PCI-DSS compliant payment processing
Administrative Safeguards:
β’ Access controls and authentication requirements
β’ Employee training on data privacy and security
β’ Confidentiality agreements with staff and vendors
β’ Regular security audits and assessments
Physical Safeguards:
β’ Secure facilities with restricted access
β’ Protection of physical records and devices
Limitations:
However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your Personal Information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account password.
Data Breach Notification:
In the event of a data breach that compromises your Personal Information, we will notify you and applicable regulatory authorities as required by law, typically within 30-60 days of discovering the breach.
10. MINORS & CHILDREN'S PRIVACY
Age Restriction:
The Site is not intended for individuals under the age of 18, and we do not knowingly collect Personal Information from minors under 18.
COPPA Compliance:
We comply with the Children's Online Privacy Protection Act (COPPA). We do not knowingly collect personal information from children under 13 years of age.
Parental Notice:
If you are a parent or guardian and believe your child under 13 has provided us with Personal Information, please contact us immediately at Info@MyGaeaOrganics.com. We will promptly delete such information from our records.
Product Use:
Our products are formulated for adult use unless specifically labeled otherwise. Parents and guardians are solely responsible for determining whether any product is appropriate for use on children.
11. INTERNATIONAL USERS & DATA TRANSFERS
U.S.-Based Operations:
My Gaea Organics is based in the United States, and our servers and service providers are primarily located in the U.S.
Data Transfers:
If you access the Site from outside the United States, please be aware that your Personal Information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction.
By using our Site, you consent to the transfer of your information to the United States and the processing of that information as described in this Privacy Policy.
International Orders:
We may currently offer shipping within the United States and may offer international shipping in the future. Availability of shipping destinations and methods will be displayed at checkout or otherwise communicated on our Site.
If you place an order for delivery outside the United States (when available), you acknowledge that your Personal Information may be processed and shared with third parties (such as payment processors and shipping carriers) to complete your transaction and deliver your order.
12. THIRD-PARTY LINKS
Our Site may contain links to third-party websites, plugins, or applications (including social media platforms, payment processors, and shipping carriers).
We Are Not Responsible:
We are not responsible for the privacy practices or content of these third-party sites. When you click on a link to a third-party site, you are subject to that site's privacy policy.
Recommendation:
We encourage you to read the privacy policies of any third-party sites you visit.
13. EMAIL COMMUNICATIONS & CONSENT
Types of Emails We Send:
Transactional Emails (You Cannot Opt Out):
β’ Order confirmations
β’ Shipping notifications
β’ Delivery updates
β’ Password resets
β’ Responses to your inquiries
β’ Adverse event follow-ups
β’ Product recall notices
Marketing Emails (You Can Opt Out):
β’ Promotional offers and sales
β’ New product announcements
β’ Newsletters
β’ Abandoned cart reminders
β’ Product recommendations
Your Consent:
By providing your email address, you consent to receive both transactional and marketing emails. You may unsubscribe from marketing emails at any time without affecting transactional communications.
How to Unsubscribe:
β’ Click the "Unsubscribe" link at the bottom of any marketing email
β’ Email us at Info@MyGaeaOrganics.com with "Unsubscribe" in the subject line
β’ Log into your account and update your communication preferences
CAN-SPAM Compliance:
We comply with the CAN-SPAM Act and will process unsubscribe requests within 10 business days.
14. COOKIES & TRACKING TECHNOLOGIES
What Are Cookies?
Cookies are small text files placed on your device when you visit our Site. They help us recognize you, remember your preferences, and improve your experience.
Types of Cookies We Use:
|
Cookie Type |
Purpose |
Duration |
|
Essential Cookies |
Enable basic Site functionality (shopping cart, checkout, login) |
Session or up to 1 year |
|
Analytics Cookies |
Track Site usage and performance (Google Analytics) |
Up to 26 months |
|
Marketing Cookies |
Enable targeted advertising and remarketing |
Up to 1 year |
|
Preference Cookies |
Remember your settings and preferences |
Up to 1 year |
Managing Cookies:
Browser Settings:
Most browsers allow you to:
β’ View and delete cookies
β’ Block all cookies
β’ Block third-party cookies only
β’ Receive alerts when cookies are being set
Browser-Specific Instructions:
β’ Chrome: Settings β Privacy and Security β Cookies
β’ Firefox: Settings β Privacy & Security β Cookies and Site Data
β’ Safari: Preferences β Privacy β Cookies and Website Data
β’ Edge: Settings β Cookies and Site Permissions
Impact of Disabling Cookies:
If you disable cookies, some features of our Site may not function properly, including:
β’ Shopping cart functionality
β’ Account login
β’ Checkout process
β’ Personalized recommendations
Other Tracking Technologies:
Web Beacons/Pixels:
Small graphic images embedded in emails and web pages that track whether you've opened an email or visited a page.
Local Storage:
Browser-based storage that allows us to save data locally on your device for improved performance.
Session Replay Tools:
We may use tools that record user sessions (mouse movements, clicks, scrolling) to understand how visitors interact with our Site. These recordings are anonymized and do not capture sensitive information like passwords or payment details.
15. SOCIAL MEDIA & USER-GENERATED CONTENT
Social Media Interactions:
When you interact with us on social media platforms (Facebook, Instagram, TikTok, etc.) or use social sharing features on our Site, those platforms may collect information about you according to their own privacy policies.
Content You Share:
If you tag us, use our branded hashtags, or submit content (reviews, testimonials, photos) that you authorize us to use:
β’ You grant us permission to repost, share, or feature your content
β’ We may use your content on our website, social media, or marketing materials
β’ We will credit you when reasonably possible
β’ You can request removal by contacting Info@MyGaeaOrganics.com
Privacy Settings:
Please review your privacy settings on social media platforms to control what information is shared with us and other third parties.
16. ADVERSE EVENT REPORTING & HEALTH INFORMATION
FDA Requirement:
Under the Modernization of Cosmetics Regulation Act (MoCRA), we are required to collect and report serious adverse events to the FDA.
What We Collect:
If you report a product reaction or adverse event, we may collect:
β’ Description of the reaction or injury
β’ Medical information you voluntarily provide
β’ Photos of the reaction and product
β’ Healthcare provider information (if applicable)
How We Use This Information:
β’ To investigate and respond to your concern
β’ To report serious adverse events to the FDA as required by law
β’ To improve product safety
β’ To identify potential product issues
Confidentiality:
We handle adverse event reports with strict confidentiality. Health information is stored securely and shared only as required by law or with your explicit consent.
Your Responsibility:
If you experience a serious adverse event (infection, significant injury, hospitalization), you must report it to us immediately at Info@MyGaeaOrganics.com.
17. CHANGES TO THIS PRIVACY POLICY
Updates:
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
Notification of Material Changes:
When we make material changes that significantly affect how we collect, use, or share your Personal Information, we will:
β’ Update the "Last Updated" date at the top of this policy
β’ Notify you via email (if you have provided an email address)
β’ Post a prominent notice on our Site
β’ Provide at least 30 days' notice before material changes take effect
Material Changes Include:
β’ New uses or disclosures of Personal Information
β’ Changes to your rights
β’ Changes to our data retention practices
β’ Addition of new categories of Personal Information collected
Your Continued Use:
Your continued use of the Site after the effective date of changes constitutes your acceptance of the updated Privacy Policy.
Reviewing Changes:
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
Version History:
Previous versions of this Privacy Policy are available upon request by emailing Info@MyGaeaOrganics.com.
18. CONTACT INFORMATION & PRIVACY REQUESTS
General Inquiries:
If you have questions, concerns, or feedback about this Privacy Policy or our privacy practices, please contact:
My Gaea Organics
Email: Info@MyGaeaOrganics.com
Website: www.mygaeaorganics.com
Privacy Rights Requests: To exercise your privacy rights (access, correction, deletion, opt-out), please email us with:
Subject Line: "Privacy Rights Request" or "California Privacy Rights Request"
Include in Your Request:
β’ Your full name
β’ Email address associated with your account or orders
β’ Mailing address
β’ Phone number (optional)
β’ Specific request (e.g., "I request access to my personal information" or "I request deletion of my account")
β’ Any relevant order numbers or account details
Verification:
For your security, we will verify your identity before processing requests by matching the information you provide with our records.
Response Time:
We will respond to verified requests within 45 days. If we need additional time (up to 90 days total), we will notify you of the extension and the reason.
Authorized Agents:
If you are submitting a request through an authorized agent, the agent must provide:
β’ Written authorization signed by you
β’ Proof of their identity
β’ We may still require you to verify your identity directly with us
19. DATA PROTECTION OFFICER
While we are not required by law to have a Data Protection Officer (DPO), privacy inquiries should be directed to:
Privacy Contact:
Info@MyGaeaOrganics.com
Attention: Privacy Inquiry
We will respond to privacy-related inquiries within 10 business days.
20. ADDITIONAL STATE-SPECIFIC RIGHTS
Nevada Residents
Nevada residents have the right to opt out of the sale of certain covered information. We do not sell your covered information as defined under Nevada law. If you have questions, contact Info@MyGaeaOrganics.com.
Virginia, Colorado, Connecticut, and Utah Residents
If you are a resident of Virginia, Colorado, Connecticut, or Utah, you have rights similar to those described in Section 7, including:
β’ Right to access your Personal Information
β’ Right to correct inaccuracies
β’ Right to delete your Personal Information
β’ Right to opt out of targeted advertising
β’ Right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects
To exercise these rights, follow the process described in Section 18.
Appeals Process:
If we deny your privacy request, you have the right to appeal. To appeal, email Info@MyGaeaOrganics.com with "Privacy Appeal" in the subject line within 30 days of receiving our decision. We will respond to appeals within 60 days.
SUMMARY OF KEY POINTS
β We collect your name, contact information, order details, and browsing data
β We use your information to process orders, improve our Site, and send marketing (with your consent)
β We share information with service providers (Shopify, payment processors, shipping carriers) but do not sell your data
β We protect your information with industry-standard security measures
β You have rights to access, correct, delete, and opt out of marketing
β We comply with CCPA, CPRA, COPPA, CAN-SPAM, and FDA regulations
β We retain data only as long as necessary for business and legal purposes
β You can contact us at Info@MyGaeaOrganics.com with questions or requests
END OF PRIVACY POLICY