Privacy Policy

Last updated: April 2026

This Privacy Policy explains how [LEGAL ENTITY NAME] ("Company," "we," "us," "our"), doing business as HealthGold, collects, uses, shares, and protects your personal information when you visit our website or make a purchase.

1. Information We Collect

Information you provide to us

• Contact information: Name, email address, phone number
• Shipping and billing address
• Payment information: Credit or debit card details — collected and tokenized via our secure payment processor. We do not store raw card numbers on our servers.
• Order history: Products purchased, quantities, and order dates
• Account credentials: If you create an account, your username and password (stored in encrypted form)

Information collected automatically

• Device and browser data: IP address, browser type, operating system, device identifiers
• Usage data: Pages visited, time on page, clicks, referring URL
• Cookies and similar technologies (see Section 6)
• UTM parameters: Source, medium, campaign, content, and term from marketing links

2. How We Use Your Information

Purpose	Lawful Basis
Process and fulfill your order	Contract performance
Manage subscription billing and renewals	Contract performance
Send order confirmation and shipping updates	Contract performance
Respond to customer service inquiries	Legitimate interest
Send promotional emails (if opted in)	Consent
Fraud detection and prevention	Legitimate interest
Compliance with legal obligations	Legal obligation
Analytics and site improvement	Legitimate interest

3. Sharing Your Information

We do not sell your personal information. We share your data only with the following categories of third parties:

• Payment processors (sticky.io, Stripe, or similar): To authorize and settle payments
• Shipping carriers (UPS, USPS, FedEx): To fulfill physical orders
• Digital platform provider: To deliver access to digital products
• Analytics providers (Google Analytics, Utmify, Keitaro): To measure marketing performance
• Email service provider: To send transactional and marketing emails
• Cloud hosting and infrastructure providers: To operate our website
• Law enforcement or regulators: When required by law or to protect our legal rights

All third-party service providers are contractually required to protect your information and use it only for the services they provide to us.

4. Payment Data Security

Your payment card details are tokenized using our PCI-compliant payment processor before transmission. We do not store card numbers, CVV codes, or full card data on our systems. Our checkout is protected by 256-bit SSL/TLS encryption. We maintain PCI DSS compliance as required by our acquiring bank.

5. Data Retention

We retain your personal information for as long as necessary to fulfil the purposes described in this Policy, including for legal, accounting, and regulatory requirements. Order records are typically retained for 7 years. You may request deletion of your data subject to our legal retention obligations (see Section 7).

6. Cookies

We use cookies and similar tracking technologies to:

• Remember items in your shopping cart
• Identify the marketing channel that brought you to our site (UTM parameters)
• Measure website traffic and user behavior (analytics)
• Serve relevant advertising on third-party platforms

You can control cookies through your browser settings. Disabling cookies may affect cart functionality and site performance.

Third-Party Tracking

We use Utmify for UTM-based attribution tracking and Keitaro for traffic distribution analytics. These services collect anonymized session data to help us measure advertising effectiveness. No payment card data is shared with these services.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your personal information (subject to legal retention requirements)
• Opt-out of marketing emails: Use the unsubscribe link in any marketing email
• California residents (CCPA): You have the right to know what personal information we collect and sell. We do not sell personal information. To exercise your rights, contact us at the address below.

To exercise any of these rights, email us at [SUPPORT EMAIL] with the subject line "Privacy Request."

8. Children's Privacy

Our website and products are not directed to children under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected information from a child, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised "Last updated" date. We will notify you of material changes by email or by a prominent notice on our website.

10. Contact Us

For privacy-related inquiries:
[LEGAL ENTITY NAME]
[REGISTERED ADDRESS]
Email: [SUPPORT EMAIL]
Phone: [SUPPORT PHONE]