top of page

Privacy Policy for Gaveira Hair & Skin

In accordance with the Protection of Personal Information Act (POPIA)
Last Updated: December 2025

Gaveira Hair & Skin (“Gaveira”, “we”, “our”, “us”) is committed to safeguarding your personal information and ensuring that your privacy is protected. This Privacy Policy explains how we collect, use, store, share, and protect your personal information in accordance with the Protection of Personal Information Act 4 of 2013 (POPIA).

By using our website, purchasing our products, or interacting with us, you consent to the processing of your personal information as described in this policy.

1. What Personal Information We Collect

We collect personal information as defined under POPIA, including:

​

1.1 Information You Provide to Us

  • Full name

  • Email address

  • Phone number

  • Billing and delivery address

  • Payment information (processed securely via third-party providers)

  • Account login details

  • Product preferences

  • Communication history

​​

1.2 Information Collected Automatically

When you browse our website, we may collect:

  • IP address

  • Browser type and device information

  • Behavioural and usage data (pages viewed, time spent, referral source)

  • Cookies and tracking data

​​

1.3 Special Personal Information

We do not intentionally collect special personal information such as health data, religious beliefs, or biometric information unless expressly provided and required for customer support.

2. Purpose of Collecting Personal Information (POPIA Section 13)

We process your personal information only for lawful and relevant purposes, including:

  • Fulfilling and delivering orders

  • Processing payments securely

  • Managing customer accounts

  • Responding to enquiries and providing customer support

  • Improving our website and services

  • Sending marketing communications (only with your consent)

  • Detecting and preventing fraud

  • Complying with legal obligations

​

We will not use your personal information for any purpose not described above without notifying you and obtaining consent where required.

3. How We Store and Protect Your Information

We take reasonable organisational and technical measures to protect your personal information from:

  • Loss

  • Unauthorised access

  • Accidental destruction

  • Misuse

​

This includes encryption, secure servers, access control, and third-party compliance measures.

However, no system is completely secure, and we cannot guarantee absolute protection.

4. Sharing and Disclosure of Personal Information

We do not sell your personal information.

We may share your information with trusted third parties who assist us in providing our services:

​

4.1 Service Providers

  • Payment processors

  • Courier & logistics companies

  • Email and marketing platforms

  • Website hosting providers

  • IT support teams

  • All service providers are contractually required to comply with POPIA and to process information only for the purpose for which it was supplied.

​

4.2 Legal Compliance

We may disclose your information:

  • If required by law

  • To protect our rights or enforce our terms

5. Your POPIA Rights

Under POPIA, you have the following rights:

  • Right to Access: Request a record of the personal information we hold about you.

  • Right to Correction: Ask us to update, correct, or complete your information.

  • Right to Object: Object to the processing of your personal information in certain circumstances.

  • Right to Deletion: Request that we delete personal information when legally permissible.

  • Right to Withdraw Consent: Withdraw consent for marketing or other optional processing activities.

  • Right to Lodge a Complaint: With the Information Regulator at complaints.IR@justice.gov.za.

​​

To exercise these rights, contact us at: orders@ghsonline.co.za

6. Cookies and Tracking Technologies

We use cookies to improve functionality and enhance your browsing and shopping experience.
You may adjust cookie settings in your browser, but certain website features may not function properly if cookies are disabled.

7. Retention of Personal Information

We retain your personal information only for as long as necessary to:

  • Fulfil the purposes outlined in this policy

  • Comply with legal and tax requirements

  • Resolve disputes and maintain records

Once no longer required, information is safely deleted or de-identified.

8. Cross-Border Transfer of Information

Some of our service providers (such as payment gateways and cloud hosting platforms) are located outside South Africa.
We ensure that any cross-border transfer of personal information complies with POPIA by requiring that recipients have adequate data protection measures in place.

9. Direct Marketing (POPIA Section 69)

We only send marketing communications if:

  • You have given explicit consent, or

  • You are an existing customer and we are marketing similar products or services.

You may opt out of marketing at any time by clicking “unsubscribe” or by contacting us directly.

10. Third-Party Websites

Our website may contain links to external sites.
We are not responsible for their privacy practices or content.

11. Children’s Privacy

Our products and services are not intended for individuals under 18.
We do not knowingly collect personal information from minors.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.
Changes will be posted here with an updated “Last Updated” date.
Continued use of our website indicates acceptance of these changes.

13. Contact Information (Information Officer)

In terms of POPIA, we appoint an Information Officer responsible for compliance.

Information Officer: [Insert Name]
Email: [Insert Email Address]
Phone: [Insert Phone Number]
Physical Address: [Insert Business Address]

bottom of page