Privacy policy

Privacy Policy for Gordon's Healthy Living LLC

Effective Date: November 15, 2025 Last Updated: November 15, 2025

At Gordon's Healthy Living LLC ("we," "us," or "our"), we are committed to protecting your privacy and safeguarding your personal information. This Privacy Policy explains how we collect, use, disclose, and protect data when you visit gordonshealthyliving.com (the "Site"), purchase our natural herbal supplements, subscribe to our newsletter, or interact with our services (collectively, the "Services"). By using the Services, you consent to the practices described below.

We comply with applicable U.S. privacy laws, including the California Consumer Privacy Act (CCPA), and provide additional rights to California residents (see Section 9). For users in the EU/UK, we process data in accordance with the General Data Protection Regulation (GDPR) where applicable.

1. Information We Collect

We collect information in three ways: directly from you, automatically via technology, and from third parties.

A. Information You Provide

  • Account & Order Data: Name, email, phone, shipping/billing address, payment details (via Shopify Payments — we do not store full card numbers).

  • Newsletter & Contact Forms: Email, name, preferences, or messages.

  • Reviews & Feedback: Content you submit (e.g., product reviews).

  • Surveys/Promotions: Optional responses.

B. Automatically Collected Data

  • Usage Data: IP address, browser type, device info, pages viewed, time spent, referring site.

  • Cookies & Tracking:

    • Essential Cookies: Enable cart, checkout, login (Shopify core).

    • Analytics Cookies: Google Analytics — tracks anonymized behavior (e.g., popular products).

    • Marketing Cookies: Meta Pixel, email retargeting (e.g., abandoned cart reminders).

    • You can manage cookies via browser settings or our Cookie Banner (on first visit).

C. Third-Party Sources

  • Payment Processors: Shopify, PayPal — transaction confirmations.

  • Shipping Carriers: USPS, UPS — delivery updates.

  • Analytics/Marketing: Google, Meta — aggregated insights.

2. How We Use Your Information

Purpose

Data Used

Legal Basis (GDPR)

Process orders & fulfill shipments

Name, address, payment, order

Contract

Send order updates & tracking

Email, phone

Contract

Provide customer support

Email, order history

Legitimate Interest

Send newsletters & promotions

Email, name, purchase history

Consent

Improve Site & personalize experience

Browsing, cart, past orders

Legitimate Interest

Prevent fraud & ensure security

IP, device, behavior patterns

Legitimate Interest

Comply with law (e.g., tax, recalls)

All relevant data

Legal Obligation

We do not sell your personal data (as defined under CCPA).

3. How We Share Your Information

We share data only when necessary:

Recipient

Purpose

Safeguards

Shopify Inc.

Hosting, payments, order processing

SOC 2, PCI-DSS

Shipping Carriers (USPS, UPS)

Fulfill deliveries

Contracted

Payment Processors

Secure transactions

Tokenized

Email Provider (e.g., Klaviyo)

Send newsletters, order emails

GDPR-compliant

Analytics Tools (Google, Meta)

Measure performance

Anonymized

Legal Authorities

Comply with subpoenas, audits

As required

We never share health data (e.g., inferred from purchases) with advertisers.

4. Data Security

We use industry-standard protections:

  • Encryption: SSL/TLS for all data in transit.

  • Secure Hosting: Shopify’s PCI-DSS Level 1 compliant platform.

  • Access Controls: Limited employee access; two-factor authentication.

  • Regular Audits: Vulnerability scans and penetration testing.

However, no system is 100% secure. We are not liable for unauthorized breaches beyond our control.

5. Data Retention

We keep your data only as long as needed:

Data Type

Retention Period

Order & account data

7 years (tax compliance) or until account deletion

Abandoned carts

30 days

Newsletter subscribers

Until unsubscribe

Analytics (aggregated)

Up to 26 months (Google Analytics)

You may request deletion at any time (subject to legal holds).

6. Your Privacy Rights

All Users

  • Access: Request a copy of your data.

  • Correction: Update inaccurate info.

  • Deletion: Ask us to delete your data (with exceptions).

  • Opt-Out of Marketing: Unsubscribe via email footer or account.

California Residents (CCPA)

  • Right to Know: What data we collect, use, share.

  • Right to Delete: Remove your data.

  • Right to Opt-Out of Sale: We do not sell data.

  • Non-Discrimination: No penalty for exercising rights.

Submit requests via:

  • Email

  • Form: Privacy Request Portal (under contact us)

We verify identity (e.g., order #, email) and respond within 45 days.

EU/UK Residents (GDPR)

  • Right to Restrict/Object: Limit processing.

  • Data Portability: Receive data in machine-readable format.

  • Withdraw Consent: For marketing.

Contact our Data Protection Officer: Email

7. Children's Privacy

The Site is not intended for children under 13 (or 16 in some jurisdictions). We do not knowingly collect data from minors. If discovered, we delete it immediately.

8. International Data Transfers

Data is processed in the United States. For EU/UK users:

  • Shopify uses Standard Contractual Clauses (SCCs).

  • You consent to transfer by using the Services.

9. Changes to This Policy

We may update this Policy. Changes are posted here with a new "Last Updated" date. Material changes will be emailed to subscribers.

10. Contact Us

Gordon's Healthy Living LLC 4180 Lakeside Drive Tamarac, FL 33319 Email