Privacy Policy
THE GREAT HIMALAYAN TEA
Last Updated: January 25, 2025
Summary of Key Points (At a Glance)
We collect only the data necessary to sell, export, and improve premium Himalayan tea.
Payment details are never stored by us and are processed securely by PCI-DSS compliant payment gateways.
Customer data may be transferred internationally using industry-standard legal safeguards.
You retain full control over your personal data, including access, correction, and deletion rights.
We comply with GDPR (EU), UK GDPR, CCPA/CPRA (California), and the Nepal Privacy Act, 2018.
Who We Are
THE GREAT HIMALAYAN TEA
Premium Tea Producer & Global Exporter
Lalitpur, Nepal
📧 Email: info@greathimalayantea.com
We cultivate, source, and export high-quality Himalayan teas to customers worldwide through direct-to-consumer and wholesale channels.
Scope of This Policy
This Privacy Policy applies to visitors to our website, individual (B2C) customers, business and wholesale (B2B) clients, subscribers to our newsletters and marketing communications, and users of our QR-based traceability systems.
Categories of Personal Data We Collect
Active Data (Provided Directly by You)
Identity data such as name, title, and company name (for wholesale clients); contact data including email address, phone number, and billing and shipping address; financial and transaction data such as order details, invoices, and tax information (payment card data is handled exclusively by third-party gateways); and account data such as login credentials and preferences.
Passive Data (Collected Automatically)
Technical data including IP address, browser type, device identifiers, and operating system; usage and behavioral data such as pages viewed, tea preferences, and browsing patterns; and cookies or similar technologies used for analytics, security, and user experience optimization.
Profiling & Personalisation Transparency
We may analyze browsing behavior and purchase history to personalize content, recommendations, and marketing communications. Such profiling does not produce legal or similarly significant effects. You may opt out of personalized marketing at any time.
Sensitive & Regulated Data (Limited and Conditional)
In limited circumstances such as wholesale credit checks or international customs compliance, we may collect government-issued identification numbers (National ID, Tax ID, VAT number). Such data is collected only where legally required, handled with enhanced safeguards, and retained strictly for compliance purposes.
Legal Basis for Processing Personal Data
We process personal data based on contractual necessity to process orders, ship products, manage accounts, and provide customer support; legitimate interests to improve tea blends, personalize recommendations, prevent fraud, and enhance marketing effectiveness; legal obligations under Nepali export laws, taxation rules, customs regulations, and financial reporting requirements; and consent for newsletters, promotional emails, and optional marketing communications.
How We Use Your Data
Your data is used to fulfill tea orders, manage global shipping, process payments and invoices, provide customer service, improve product offerings and website experience, and send updates, offers, and educational content where consent has been provided.
Global Supply Chain & Third-Party Data Sharing
We share limited personal data with trusted logistics partners including international carriers such as DHL, FedEx, and Aramex, local Nepali delivery partners, and customs or export authorities where legally required.
We also work with secure technology providers such as e-commerce platforms (WooCommerce or Shopify), analytics services (Google Analytics), and email or CRM providers (Klaviyo, Mailchimp, or equivalents). All third parties process data under contractual confidentiality and data-protection obligations.
No Sale of Personal Data
We do not sell personal data. We only share personal data with service providers and authorities strictly for business operations, logistics, regulatory compliance, and legal obligations.
Payment Security & Financial Data Handling
All payment transactions are processed through PCI-DSS compliant external gateways such as Stripe, PayPal, or Payoneer. THE GREAT HIMALAYAN TEA does not store or process raw payment card details. All data transmissions are protected using SSL/TLS encryption.
International Data Transfers
As a global exporter, personal data may be collected in the EU, UK, United States, or other regions, processed in Nepal, and stored on secure international cloud infrastructure. We rely on Standard Contractual Clauses and equivalent legal mechanisms and apply technical, organizational, and contractual safeguards to protect data across borders.
Advanced & Innovative Data Uses
QR codes on our tea packaging may collect limited interaction data to provide origin, farmer, and sustainability information. No sensitive personal data is collected through QR scans.
We may use AI-assisted systems to recommend teas based on flavor preferences and browsing behavior. These systems do not produce legal or similarly significant effects, and users may opt out of personalized recommendations at any time.
B2B / Wholesale Data Processing
For wholesale clients, we process business contact details, trade documentation, and credit or compliance-related information where required. This data is used strictly for commercial, contractual, and regulatory purposes.
Your Privacy Rights
Depending on your location, you may have rights including access, correction, deletion, restriction, objection to processing, data portability, withdrawal of consent, and non-discrimination for exercising your rights, in accordance with GDPR, UK GDPR, CCPA/CPRA, and the Nepal Privacy Act, 2018.
To exercise your rights, please email us at info@greathimalayantea.com with the subject line “Privacy Request”. We may request verification of identity before processing your request. We will respond within 30 days or within the timeframe required by applicable law.
Data Retention & Deletion
Financial and tax records are retained for up to seven years or as required by law. Customer accounts are retained while active. Marketing data is retained until consent is withdrawn. Upon valid deletion requests, data is securely erased unless legal retention obligations apply.
Cookies & Tracking Technologies
We use essential cookies required for website functionality and security, analytics cookies to understand site usage and improve performance, and optional marketing or personalization cookies where applicable. You can manage or disable cookies through your browser settings. Disabling certain cookies may affect website functionality.
Data Security Measures
We implement SSL/TLS encryption, role-based access controls, secure cloud infrastructure, and regular system monitoring and audits to protect personal data.
Changes to This Policy
We may update this Privacy Policy to reflect legal, regulatory, or operational changes. Updates will be posted on this page with a revised “Last Updated” date. If changes materially affect your rights, we will provide additional notice via the website or email where appropriate.
Contact Information
We are here to help. Reach out to the Great Himalayan Tea team via email at info@greathimalayantea.com, call us at +977 9840176615, or visit our office in Lalitpur, Nepal.