This Privacy Policy explains how Nexskin Solutions LTD (“Company”, “we”, “us”, “our”) collects, uses, stores, and protects personal data when you access or use https://www.nexskinsolution.com (the “Website”).

We are committed to protecting your privacy and processing personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1.1. For the purposes of the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018, the data controller responsible for the processing of personal data in connection with the Website is:

Nexskin Solutions LTD

167-169 Great Portland Street, Fifth Floor

London, W1W 5PF

United Kingdom

Email: info@nexskinsolution.com

1.2. The Company determines the purposes and means of processing personal data and is responsible for ensuring that such processing is carried out in accordance with applicable data protection laws.

2.1. We may collect and process personal data that you provide directly to us when you access or use the Website, create an account, place an order, communicate with us, or otherwise interact with our services.

2.2. Such personal data may include identification and contact details, such as your name, email address, and account credentials, as well as transaction-related information, including purchase history and order details. Payment information is processed by third-party payment service providers; we do not store full payment card numbers or sensitive authentication data.

2.3. We also automatically collect certain technical and usage information when you access the Website, including IP address, device identifiers, browser type, operating system, referral source, and information about your interactions with the Website. This data is collected for security, analytics, and service optimisation purposes.

2.4. Where you contact us, we may collect and retain the content of your communications and any information you choose to provide in connection with support requests or enquiries.

2.5. We do not intentionally collect or process special category personal data as defined under UK GDPR, nor do we knowingly collect personal data relating to individuals under the age of 18.

2.6. In limited circumstances, we may receive personal data about you from third parties, such as payment service providers or fraud prevention services, where necessary to process transactions, prevent abuse, or comply with legal obligations.

3.1. We process personal data for the purposes of operating, maintaining, and improving the Website and its functionality, including enabling account registration, processing orders and payments, delivering Digital Products, and providing customer support.

3.2. Personal data is also used to manage our contractual relationship with you, including communicating about your account, transactions, service-related notices, updates to our terms or policies, and responding to enquiries or complaints.

3.3. We process personal data to protect the security and integrity of the Website, prevent fraud, detect and investigate unauthorised or unlawful activity, and enforce our Terms of Use and other agreements.

3.4. Where necessary, we process personal data to comply with applicable legal and regulatory obligations, including accounting, tax, consumer protection, and data protection requirements, and to respond to lawful requests from competent authorities.

3.5. We may use aggregated or anonymised data, which does not identify you, for analytics, reporting, and business improvement purposes.

3.6. We do not use personal data for automated decision-making or profiling that produces legal or similarly significant effects on you within the meaning of UK GDPR.

4.1. We process personal data only where we have a lawful basis to do so in accordance with the UK General Data Protection Regulation (“UK GDPR”).

4.2. Processing is carried out where it is necessary for the performance of a contract to which you are a party, or to take steps at your request before entering into such a contract, including the creation and management of accounts, processing of orders, delivery of Digital Products, and provision of customer support.

4.3. We also process personal data where it is necessary for compliance with a legal obligation, including obligations relating to accounting, taxation, consumer protection, and the prevention of fraud or unlawful activity.

4.4. In certain circumstances, personal data is processed where it is necessary for our legitimate interests, including operating and improving the Website, ensuring network and information security, preventing abuse, and protecting the Company against legal, financial, or reputational risk, provided that such interests are not overridden by your fundamental rights and freedoms.

4.5. Where required by law, or where processing is not otherwise justified by another lawful basis, we process personal data based on your consent. Where processing is based on consent, you have the right to withdraw such consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

5.1. Payments made through the Website are processed by independent third-party payment service providers. The Company does not store full payment card numbers, bank account details, or sensitive authentication data, and payment information is handled in accordance with the security and compliance standards of the relevant payment service provider.

5.2. To operate the Website and provide our services, we may share personal data with carefully selected third-party service providers, including payment processors, hosting providers, customer support platforms, analytics providers, and fraud prevention services. Such disclosure is limited to what is necessary for the performance of their services.

5.3. All third-party service providers act either as data processors on our behalf or as independent controllers, as applicable, and are required to process personal data in accordance with applicable data protection laws and appropriate contractual safeguards.

5.4. We do not sell, rent, or otherwise disclose personal data to third parties for their own marketing purposes.

5.5. Where third-party service providers process personal data outside the United Kingdom, such processing is subject to appropriate safeguards in accordance with UK GDPR, as further described in this Privacy Policy.

6.1. Personal data collected through the Website may be transferred to, stored in, or accessed from countries outside the United Kingdom where this is necessary for the operation of the Website or the provision of services by third-party service providers.

6.2. Where personal data is transferred outside the United Kingdom, we ensure that such transfers are carried out in accordance with UK GDPR and are subject to appropriate safeguards. These safeguards may include transfers to countries recognised by the UK as providing an adequate level of data protection, or the use of approved standard contractual clauses or other lawful transfer mechanisms.

6.3. We take reasonable steps to ensure that personal data transferred internationally is afforded a level of protection that is essentially equivalent to that required under UK data protection law.

6.4. Further information about the safeguards applied to international data transfers may be requested using the contact details provided in this Privacy Policy.

7.1. We retain personal data only for as long as is necessary to fulfil the purposes for which it was collected and processed, including the provision of services, management of user accounts, processing of transactions, compliance with legal and regulatory obligations, and the establishment, exercise, or defence of legal claims.

7.2. Retention periods vary depending on the nature of the personal data, the purposes of processing, and applicable legal requirements, including accounting, taxation, and consumer protection laws.

7.3. Where personal data is no longer required for the purposes for which it was collected, and there is no legal obligation to retain it, such data will be securely deleted or anonymised in accordance with our internal data retention and security procedures.

7.4. In certain circumstances, we may retain personal data for longer periods where necessary to comply with legal obligations, resolve disputes, prevent fraud or abuse, or enforce our agreements.

8.1. Subject to the conditions and limitations set out in the UK General Data Protection Regulation (“UK GDPR”), you have certain rights in relation to your personal data.

8.2. These rights include the right to request access to the personal data we hold about you, to request rectification of inaccurate or incomplete personal data, and to request the erasure of personal data where there is no lawful basis for its continued processing.

8.3. You also have the right, in certain circumstances, to request the restriction of processing of your personal data, to object to the processing of personal data where it is based on legitimate interests, and to request the portability of personal data that you have provided to us.

8.4. Where processing of personal data is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.

8.5. To exercise any of your rights, you may contact us using the details provided in this Privacy Policy. We may require verification of your identity before responding to a request, and we will respond within the time limits prescribed by UK GDPR.

8.6. You also have the right to complain to the Information Commissioner’s Office (ICO) if you believe that your personal data has been processed in breach of applicable data protection laws.

9.1. We implement appropriate technical and organizational measures designed to protect personal data against unauthorized or unlawful processing, accidental loss, destruction, alteration, or disclosure.

9.2. Such measures include, where appropriate, access controls, encryption, secure hosting environments, and internal policies governing the handling of personal data. Access to personal data is restricted to authorized personnel and service providers who require such access for legitimate business purposes.

9.3. While we take reasonable steps to safeguard personal data, no system of transmission or storage is completely secure. Accordingly, we cannot guarantee the absolute security of your personal data, and you acknowledge and accept this risk when using the Website.

9.4. In the event of a personal data breach that is likely to result in a risk to the rights and freedoms of individuals, we will comply with our obligations under UK GDPR, including notification to the Information Commissioner’s Office and affected individuals where required.

10.1. The Website uses cookies and similar technologies to ensure its proper functioning, improve performance, analyze usage, and enhance the user experience.

10.2. Cookies are small text files stored on your device when you access the Website. They may be set by the Company or by third-party service providers whose services are used on the Website.

10.3. We use cookies that are strictly necessary for the operation of the Website, as well as cookies used for analytics and performance purposes. Where required by applicable law, non-essential cookies are used only with your consent.

10.4. You may manage or disable cookies through your browser settings at any time. Please note that disabling certain cookies may affect the availability or functionality of the Website.

10.5. Further information about the types of cookies used, their purposes, and how to manage your preferences may be provided in a separate Cookie Policy, where applicable.

11.1. The Website and its services are not intended for, and are not directed at, individuals under the age of eighteen (18).

11.2. We do not knowingly collect or process personal data relating to children. If we become aware that personal data of a person under the age of 18 has been collected or processed without an appropriate legal basis, we will take steps to delete such data without undue delay.

11.3. If you believe that we may have collected personal data from or about a child, please get in touch with us using the details provided in this Privacy Policy so that appropriate action can be taken.

12.1. We may update this Privacy Policy from time to time to reflect changes in our practices, legal or regulatory requirements, or the operation of the Website.

12.2. Any changes to this Privacy Policy shall become effective immediately upon publication on the Website, unless a later effective date is expressly stated.

12.3. You are responsible for reviewing this Privacy Policy periodically. Continued use of the Website after any changes constitutes your acknowledgement of, and agreement to, the updated Privacy Policy.

13.1. If you have any questions, requests, or concerns regarding this Privacy Policy or our processing of personal data, you may contact us using the details below.

Nexskin Solutions LTD

167-169 Great Portland Street,

Fifth Floor, London, W1W 5PF

Email: info@nexskinsolution.com

13.2. We will handle all enquiries and data subject requests in accordance with applicable data protection laws and within the timeframes prescribed by the UK General Data Protection Regulation.