Legal
Privacy Policy
Last updated: 18 June 2026
This Privacy Policy explains how AURA Beauty collects, uses, shares and protects your personal data when you visit aurabeauty.ie or buy from us, and the rights you have under the EU General Data Protection Regulation (GDPR).
1. Who we are
AURA Beauty (“we”, “us”, “our”) is the data controller responsible for your personal data. We operate the online store at aurabeauty.ie.
- Registered entity: [Registered company name — pending]
- Company registration number: [Company registration number (CRO) — pending]
- VAT number: [VAT registration number — pending]
- Registered address: [Registered office address — pending]
- Privacy contact: privacy@aurabeauty.ie
2. Personal data we collect
- Identity & contact: name, email, phone, billing and shipping address.
- Order data: products purchased, order value, order history.
- Payment data: processed securely by Stripe. We never see or store your full card number.
- Account data: login credentials (passwords are stored hashed), preferences, wishlist.
- Quiz & marketing data: skin type and concern answers, newsletter subscription status.
- Technical & usage data: IP address, device/browser, pages viewed and interactions — collected via cookies and similar technologies, subject to your consent.
3. How and why we use your data (legal bases)
| Purpose | Legal basis (GDPR Art. 6) |
|---|---|
| Process and deliver your orders, returns and refunds | Performance of a contract |
| Send transactional emails (confirmation, shipping, tracking) | Performance of a contract |
| Customer support and account management | Performance of a contract / legitimate interests |
| Marketing emails, quiz results and offers | Consent (withdrawable at any time) |
| Analytics and advertising measurement | Consent (via the cookie banner) |
| Fraud prevention and security | Legitimate interests |
| Accounting and tax compliance | Legal obligation |
4. Who we share data with
We share personal data only with the service providers (sub-processors) needed to run the store. Each acts under contract and processes data only on our instructions:
| Provider | Purpose | Region |
|---|---|---|
| Stripe | Payment processing | EU / global |
| CJ Dropshipping | Order fulfilment & shipping | Global |
| Brevo (Sendinblue) | Transactional & marketing email | EU |
| Cloudinary | Image hosting & delivery | EU / global |
| Google Analytics 4 | Analytics (consent-based) | Global |
| Meta Pixel | Advertising measurement (consent-based) | Global |
| Microsoft Azure | Website hosting & infrastructure | EU (West Europe) |
We never sell your personal data.
5. International transfers
Some providers process data outside the European Economic Area. Where this happens, transfers are protected by appropriate safeguards such as the European Commission’s Standard Contractual Clauses or an adequacy decision.
6. How long we keep your data
- Order and invoice records: 7 years (tax and accounting law).
- Account and marketing data: until you delete your account or withdraw consent.
- Account deletion requests: personal data erased within 30 days, except data we must keep by law.
7. Your rights under the GDPR
You have the right to:
- Access a copy of your personal data;
- Rectify inaccurate or incomplete data;
- Erase your data (“right to be forgotten”);
- Restrict or object to processing;
- Data portability;
- Withdraw consent at any time, without affecting prior processing.
To exercise any right, email privacy@aurabeauty.ie. We respond within 30 days.
8. Cookies
We use cookies and similar technologies as described in our Cookie Policy. Non-essential cookies (analytics, advertising) load only after you consent via the cookie banner.
9. Security
We use encryption in transit (HTTPS/TLS), hashed passwords, access controls and reputable infrastructure providers to protect your data. No method of transmission is completely secure, but we take reasonable measures to safeguard it.
10. Children
Our store is not intended for anyone under 16. We do not knowingly collect data from children.
11. Changes to this policy
We may update this policy from time to time. Material changes will be posted here with a new “last updated” date.
12. Complaints
If you have a concern, please contact us first at privacy@aurabeauty.ie. You also have the right to lodge a complaint with the Irish Data Protection Commission (dataprotection.ie) or your local supervisory authority.