Privacy policy

PRIVACY POLICY

Last Updated: March 10, 2026

This Privacy Policy describes how hersena.com ("we," "us," or "our") collects, uses, and discloses your personal information when you visit or make a purchase from our store.

CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. We will post the updated policy on this page with a new "Last Updated" date. We encourage you to review this policy periodically.

PERSONAL INFORMATION WE COLLECT

When you visit our store, we collect certain information about your device, your interaction with our site, and the information necessary to process your purchases. We may also collect additional information if you contact us for customer support.

Information We Collect Automatically:

Device & Browser Information:

  • IP address
  • Browser type and version
  • Operating system
  • Device type (mobile, desktop, tablet)
  • Screen resolution
  • Referring website
  • Pages visited and time spent on our site

Cookies & Tracking Technologies:

  • Session cookies (to keep you logged in)
  • Preference cookies (to remember your settings)
  • Analytics cookies (to understand how you use our site)
  • Advertising cookies (for retargeting and ad measurement)

Information You Provide to Us:

When You Make a Purchase:

  • Name
  • Email address
  • Billing address
  • Shipping address
  • Payment information (processed securely by our payment providers)
  • Phone number (optional, for delivery updates)

When You Create an Account:

  • Name
  • Email address
  • Password (encrypted)
  • Order history
  • Saved addresses

When You Contact Us:

  • Name
  • Email address
  • Phone number
  • Message content
  • Any attachments or photos you send

User-Generated Content:

  • Product reviews
  • Photos or videos you submit
  • Comments or feedback

HOW WE USE YOUR PERSONAL INFORMATION

We use your personal information for the following purposes:

To Provide Our Services:

  • Process and fulfill your orders
  • Send order confirmations and shipping updates
  • Process payments securely
  • Provide customer support
  • Manage your account

To Communicate With You:

  • Send transactional emails (order updates, shipping notifications)
  • Respond to your inquiries and support requests
  • Send marketing emails (if you opt in) about new products, promotions, and updates
  • Send abandoned cart reminders (if you've added items but didn't complete checkout)

To Improve Our Store:

  • Analyze website traffic and user behavior
  • Understand customer preferences and shopping patterns
  • Test new features and optimize user experience
  • Conduct market research

For Marketing & Advertising:

  • Show you targeted ads on social media and other websites
  • Measure the effectiveness of our advertising campaigns
  • Send personalized product recommendations
  • Run promotions and special offers

For Security & Fraud Prevention:

  • Detect and prevent fraudulent transactions
  • Protect against unauthorized access
  • Comply with legal obligations
  • Enforce our Terms of Service

COOKIES

We use cookies and similar tracking technologies to:

  • Keep you logged in to your account
  • Remember your preferences and settings
  • Analyze how you use our website
  • Show you relevant advertisements
  • Measure marketing campaign performance

Types of Cookies We Use:

  • Essential cookies: Required for the website to function (e.g., shopping cart, checkout)
  • Analytics cookies: Help us understand website traffic (Google Analytics)
  • Marketing cookies: Used for advertising and retargeting (Facebook Pixel, TikTok Pixel, Google Ads)

Managing Cookies: You can control cookies through your browser settings. However, disabling certain cookies may affect website functionality.

HOW WE SHARE YOUR PERSONAL INFORMATION

We share your personal information with third-party service providers who help us operate our business. We do NOT sell your personal information to third parties for monetary gain.

Service Providers We Work With:

E-commerce Platform:

  • Shopify
    • Hosting, shopping cart, checkout, payment processing
  • Privacy Policy: https://www.shopify.com/legal/privacy

Payment Processors:

  • Shopify Payments, PayPal, Stripe
    • Secure payment processing
  • Note: We do not store your full credit card information

Shipping & Fulfillment:

  • Shipping carriers (e.g., USPS, FedEx, DHL) - Order delivery and tracking
  • Fulfillment partners
    • Order processing and packaging

Email & SMS Marketing:

  • Klaviyo or SendWILL
    • Marketing campaigns, abandoned cart emails, customer segmentation
  • You can unsubscribe at any time

Analytics & Advertising:

  • Google Analytics
    • Website traffic analysis
  • Facebook Pixel
    • Ad targeting and measurement
  • TikTok Pixel
    • Ad targeting and measurement
  • Google Ads
    • Advertising campaigns

Customer Reviews:

  • Loox
    • Product review collection and display

Customer Support:

  • Email service providers
    • To respond to your inquiries

Legal Disclosures:

We may disclose your information if required by law or in response to:

  • Court orders or legal processes
  • Government or regulatory requests
  • Protection of our rights, property, or safety
  • Investigation of fraud or security issues

Business Transfers:

If our business is sold, merged, or acquired, your personal information may be transferred to the new owner as part of the transaction.

USER-GENERATED CONTENT

If you submit product reviews, photos, videos, or other content to our store:

  • Your content may be publicly displayed on our website and social media
  • Your name or username may be shown alongside your content
  • We may use your content for marketing purposes
  • You grant us a non-exclusive license to use, reproduce, and display your content

Note: Do not include sensitive personal information in public reviews or comments.

THIRD-PARTY WEBSITES AND LINKS

Our website may contain links to third-party websites (e.g., social media platforms, payment providers, shipping carriers). We are not responsible for the privacy practices of these external sites. Please review their privacy policies before providing any personal information.

CHILDREN'S PRIVACY

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will delete it promptly.

If you believe we have collected information from a child, please contact us at hello@hersena.com.

DATA SECURITY AND RETENTION

Security Measures:

We implement industry-standard security measures to protect your personal information, including:

  • SSL/TLS encryption for data transmission
  • Secure payment processing (PCI-DSS compliant)
  • Encrypted password storage
  • Regular security audits
  • Access controls (only authorized personnel can access your data)

Important: No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

Data Retention:

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy:

  • Order and transaction data: 7 years (required for tax, accounting, and legal compliance)
  • Marketing data: Until you unsubscribe or request deletion
  • Analytics and cookies: 26 months (anonymized thereafter)
  • Account information: Until you request account deletion
  • Customer support records: 3 years
  • Legal/dispute records: As required by law

YOUR RIGHTS UNDER GDPR (EU CUSTOMERS)

If you are a resident of the European Economic Area (EEA), you have the following data protection rights under the General Data Protection Regulation (GDPR):

Your Rights:

✅ Right to Access: Request a copy of the personal data we hold about you

✅ Right to Rectification: Request correction of inaccurate or incomplete data

✅ Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data (subject to legal obligations)

✅ Right to Restrict Processing: Request that we limit how we use your data

✅ Right to Data Portability: Receive your data in a structured, machine-readable format (e.g., CSV, JSON)

✅ Right to Object: Object to our processing of your data, especially for direct marketing purposes

✅ Right to Withdraw Consent: Withdraw your consent at any time where we rely on consent (e.g., marketing emails)

✅ Right to Lodge a Complaint: File a complaint with your local data protection authority

Legal Basis for Processing Your Data:

We process your personal information based on the following legal grounds:

  • Performance of a contract: To fulfill your orders and provide customer service
  • Legitimate interests: Fraud prevention, analytics, business operations, and improving our services
  • Your consent: Marketing communications, cookies, and optional data collection
  • Legal obligations: Tax records, accounting requirements, and compliance with laws

Data Retention Periods:

  • Order and transaction data: 7 years (tax and legal requirements)
  • Marketing data: Until you unsubscribe or request deletion
  • Analytics and cookies: 26 months (anonymized thereafter)
  • Account information: Until you request account deletion

How to Exercise Your Rights:

To exercise any of these rights, please contact us at hello@hersena.com with "GDPR Request" in the subject line. We will respond within 30 days.

Identity Verification: We may ask you to verify your identity before processing your request to protect your privacy.

CALIFORNIA PRIVACY RIGHTS (CCPA)

If you are a California resident, you have specific rights regarding your personal information under the California Consumer Privacy Act (CCPA):

Your Rights:

✅ Right to Know: Request information about:

  • Categories of personal information we collect
  • Sources from which we collect it
  • Business purposes for collecting or sharing it
  • Categories of third parties with whom we share it
  • Specific pieces of personal information we hold about you

✅ Right to Delete: Request deletion of your personal information (subject to certain exceptions)

✅ Right to Opt-Out: Opt out of the "sale" or "sharing" of your personal information

✅ Right to Correct: Request correction of inaccurate personal information

✅ Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights (e.g., denying service, charging different prices)

Categories of Personal Information We Collect:

Category Examples Collected?
Identifiers Name, email, postal address, IP address, device ID ✅ Yes
Commercial Information Purchase history, product preferences, browsing behavior ✅ Yes
Internet/Electronic Activity Website interactions, cookies, log data ✅ Yes
Geolocation Data Approximate location based on IP address ✅ Yes
Inferences Preferences and characteristics derived from your activity ✅ Yes
Sensitive Personal Information Payment details (processed by third parties, not stored by us) ⚠️ Limited

Do We "Sell" Your Personal Information?

No, we do NOT sell your personal information to third parties for monetary consideration.

However, under the CCPA's broad definition, sharing data with advertising partners (e.g., Facebook Pixel, Google Ads) for targeted advertising may be considered a "sale" or "sharing."

You can opt out of this by:

  • Disabling cookies in your browser
  • Using our "Do Not Sell My Personal Information" link (if available)
  • Emailing us at hello@hersena.com

Third Parties We Share Data With:

We share your information with service providers for business purposes, including:

  • Payment processing: Shopify Payments, PayPal, Stripe
  • Order fulfillment and shipping: Shipping carriers, fulfillment partners
  • Email and SMS marketing: Klaviyo, SendWILL
  • Analytics: Google Analytics
  • Advertising: Facebook Pixel, TikTok Pixel, Google Ads
  • Customer reviews: Loox

How to Submit a CCPA Request:

Email us at hello@hersena.com with "California Privacy Request" in the subject line.

Include:

  • Your full name
  • Email address associated with your account
  • Order number (if applicable)
  • Specific request (access, delete, opt-out, correct)

Response Time: We will verify your identity and respond within 45 days (may be extended by 45 days if needed).

Authorized Agent: You may designate an authorized agent to make requests on your behalf by providing written authorization.

THIRD-PARTY SERVICES AND TOOLS

We use the following third-party services that may collect and process your data. Each service has its own privacy policy:

Service Purpose Privacy Policy
Shopify E-commerce platform, hosting, payments https://www.shopify.com/legal/privacy
Shopify Payments / PayPal / Stripe Payment processing See respective provider policies
Klaviyo / SendWILL Email & SMS marketing https://www.klaviyo.com/legal/privacy
Google Analytics Website analytics https://policies.google.com/privacy
Facebook Pixel Advertising & analytics https://www.facebook.com/privacy/policy
TikTok Pixel Advertising & analytics https://www.tiktok.com/legal/privacy-policy
Loox Product reviews https://loox.io/privacy
Shipping Carriers Order delivery & tracking See respective carrier policies

We recommend reviewing the privacy policies of these third-party services to understand how they handle your data.

INTERNATIONAL DATA TRANSFERS

Your personal information may be transferred to and processed in countries outside of your home country, including:

  • United States (where Shopify and many service providers are based)
  • Israel (where our business operates)
  • Other countries where our service providers operate

These countries may have different data protection laws than your home country. We ensure that appropriate safeguards are in place (e.g., Standard Contractual Clauses, Privacy Shield frameworks where applicable) to protect your data.

CONTACT US

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

Email: hello@hersena.com
Subject Line: Privacy Inquiry / GDPR Request / CCPA Request
Response Time: Within 24-48 hours (business days)

For EU Residents:
If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.

For California Residents:
California Consumer Hotline: 1-800-952-5210
Website: https://oag.ca.gov/privacy/ccpa

Thank you for trusting HerSena with your personal information. We are committed to protecting your privacy and ensuring transparency in how we handle your data.