Free shipping on orders above USD 300
Aroma Labs
AROMA LABS

Privacy policy

Last updated: July 1, 2025

Aroma Lab (“we,” “us,” or “our”) is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, share, and safeguard your information when you visit aroma-labs.com (or any related subdomain or mobile site, the “Site”), place an order, create an account, sign up for our newsletter, or otherwise interact with us online. We operate globally and comply with all applicable privacy laws, including the EU General Data Protection Regulation (GDPR), California’s Consumer Privacy Act (CCPA), and relevant UAE data-protection regulations.

1. Data Controller

Aroma Lab FZCO
Office XX, Jumeirah Lakes Towers
Dubai, United Arab Emirates
Email: privacy@aroma-labs.com

2. Information We Collect

  1. Account & Order Data

    • Name, email address, mailing address, phone number

    • Username, password

    • Order history, purchase amounts, payment method (tokenized via Shopify/PCI-compliant gateway)

  2. Newsletter & Marketing

    • Email address, subscription preferences

  3. Analytics & Usage

    • IP address, device and browser information, pages viewed, referral/source, timestamps

    • Collected via cookies, web beacons, Google Analytics, Shopify analytics

  4. Cookies & Tracking

    • Necessary cookies (site functionality)

    • Performance & analytics cookies

    • Marketing & advertising cookies (third-party ad platforms)

  5. Other Sources

    • Customer service communications (email, chat transcripts)

    • Publicly available data (social media profiles if you interact via those channels)

3. How We Use Your Information

  • Order Fulfillment: process and ship your orders; send confirmations and updates.

  • Account Management: authenticate you, maintain your profile, enable self-service.

  • Personalization & Marketing: send newsletters, promotions, product recommendations (with your consent where required).

  • Analytics & Site Improvement: understand how you use the Site to enhance functionality and content.

  • Legal & Compliance: prevent fraud, comply with our legal obligations (tax, customs, dispute resolution).

4. Legal Basis for Processing (GDPR)

  • Contractual Necessity: to fulfill your orders and manage your account.

  • Legitimate Interests: improving our Site performance, fraud prevention, direct marketing to existing customers.

  • Consent: marketing communications, non-essential cookies (you may withdraw consent at any time).

  • Legal Obligation: record-keeping for tax, compliance with regulatory requests.

5. Your Rights

Under GDPR (EU Residents): access, rectify, erase, restrict processing, data portability, object to processing, withdraw consent, lodge a complaint with a supervisory authority.

Under CCPA (California Residents): know what personal information is collected, request deletion, opt out of sale, non-discrimination for exercising your rights.

All Users: unsubscribe from marketing emails via the link in any communication; manage cookie preferences via our cookie banner.

To exercise your rights, contact us at privacy@aroma-labs.com.

6. Cookies & Similar Technologies

We use cookies and web beacons to operate our Site and deliver a seamless user experience. On your first visit you can accept or reject optional cookies. You may change your preferences at any time in our Cookie Settings (linked in the footer).

7. Third-Party Services

We share data only as necessary with trusted providers, including:

  • Shopify: e-commerce platform, order management, payment processing

  • Google Analytics: site-usage analytics (IP anonymization enabled)

  • Mailchimp (or similar): newsletter delivery and management

  • Payment gateways: Stripe, PayPal (tokenized payment information)

  • Shipping carriers: DHL, FedEx, Aramex (shipping and tracking)

Each third party is contractually bound to handle your data in compliance with applicable privacy laws.

8. Data Retention & Transfer

  • We retain order and account data for as long as necessary to fulfill transactions and comply with legal and tax obligations (generally up to 7 years).

  • Analytical and marketing data are retained for up to 2 years, unless you withdraw consent earlier.

  • Your data may be stored or processed in the UAE, EU, US, or other countries where our service providers operate. We ensure adequate safeguards (standard contractual clauses or approved frameworks) for all international transfers.

9. Security

We implement administrative, technical, and physical safeguards to protect your data from unauthorized access, disclosure, alteration, and destruction. Our systems are regularly audited and updated to follow industry best practices (ISO-inspired controls).

10. Children’s Privacy

Our Site is not directed to children under 16. We do not knowingly collect personal data from minors. If you believe we have inadvertently done so, please contact us to request deletion.

11. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. The “Last updated” date at the top will indicate when any changes become effective. We encourage you to review this policy periodically.

12. Contact Us

For questions, data-access requests, or concerns about this policy, please email privacy@aroma-labs.com or write to:

Aroma Lab FZCO
Office XX, Jumeirah Lakes Towers
Dubai, United Arab Emirates

Thank you for trusting Aroma Lab with your fragrance journey. We respect your privacy and are committed to keeping your personal data safe.