Privacy Policy

1. Who We Are

This Privacy Policy applies to the website located at nepaya.co (the "Site"), operated by Chime of Wellness LLP, doing business as Nepaya ("Nepaya," "we," "us," or "our"). Our products are sold exclusively through Amazon.com.

For privacy-related questions, contact us at: hello@nepaya.co

2. Information We Collect

We collect only the minimum information necessary to operate this website and respond to your inquiries.

2.1 Information You Provide Directly

• Contact inquiries: If you email us at hello@nepaya.co, we receive your name, email address, and the content of your message.
• Newsletter sign-ups (if applicable): Your email address and any optional preferences you share.

2.2 Information Collected Automatically

When you visit our Site, standard web server logs and analytics tools may automatically collect:

• IP address (used in anonymised form for analytics)
• Browser type and version
• Device type and operating system
• Pages visited and time spent on each page
• Referring URL (the website that linked you to ours)
• Date and time of your visit

2.3 Cookies and Tracking Technologies

Our Site may use cookies and similar tracking technologies. These include:

• Essential cookies: Necessary for basic site functionality. Cannot be disabled.
• Analytics cookies: Help us understand how visitors use the Site (e.g., Google Analytics). We use IP anonymisation where possible. You may opt out via your browser settings or Google's opt-out tool at tools.google.com/dlpage/gaoptout.

You can control cookie preferences through your browser settings. Disabling cookies may affect some site functionality.

3. How We Use Your Information

We use the information we collect to:

• Respond to your questions, comments, or customer service requests
• Send newsletters or product updates, if you have opted in
• Analyse Site traffic and usage to improve the visitor experience
• Comply with applicable laws and legal obligations
• Detect, prevent, and address technical issues or security threats

We do not use your information for automated decision-making or profiling that produces legal or similarly significant effects.

4. Purchases on Amazon

All product purchases are processed through Amazon.com. When you click a "Buy on Amazon" link on our Site, you leave nepaya.co and are subject to Amazon's own Privacy Notice and Terms of Service. We do not receive, store, or process any payment information, shipping addresses, or Amazon account data. We strongly encourage you to review Amazon's Privacy Notice at amazon.com/privacy.

5. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties. We may share your information only in the following limited circumstances:

• Service providers: Trusted third-party vendors who assist us in operating our website (e.g., hosting providers, email service providers, analytics platforms). These parties are contractually obligated to keep your information confidential and use it only for the services they provide to us.
• Legal requirements: If required by law, court order, or governmental authority, or to protect the rights, property, or safety of Nepaya, our users, or the public.
• Business transfers: In the event of a merger, acquisition, or sale of assets, personal information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.

6. California Privacy Rights (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you specific rights regarding your personal information:

• Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the sources, our business purposes for collecting it, and any third parties with whom we share it.
• Right to Delete: You may request that we delete your personal information, subject to certain exceptions permitted by law.
• Right to Opt-Out of Sale: We do not sell your personal information. You do not need to opt out of a sale that does not occur.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. We will not deny you services, charge different prices, or provide a different quality of service because you exercised a privacy right.

To exercise your CCPA rights, please contact us at hello@nepaya.co. We will respond within 45 days of a verifiable consumer request, as required by law. We may need to verify your identity before fulfilling your request.

7. Children's Privacy (COPPA)

Our Site is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us immediately at hello@nepaya.co. We will delete such information from our records promptly upon verification.

In accordance with the Children's Online Privacy Protection Act (COPPA), if we discover that we have collected personal information from a child under 13 without verifiable parental consent, we will delete that information immediately.

8. Data Security

We implement commercially reasonable technical and organisational security measures to protect your personal information from unauthorised access, disclosure, alteration, or destruction. These measures include HTTPS encryption for all data transmitted to and from our Site.

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. If a data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify affected individuals as required by applicable law.

9. Data Retention

We retain personal information only for as long as necessary to fulfil the purposes described in this Policy, to comply with our legal obligations, resolve disputes, and enforce our agreements. Contact form submissions are typically retained for no longer than 24 months. Analytics data is retained in anonymised or aggregated form.

10. Third-Party Links

Our Site contains links to third-party websites, including Amazon.com, Instagram, Facebook, and TikTok. These links are provided for your convenience. We have no control over the content or privacy practices of those sites, and this Privacy Policy does not apply to them. We encourage you to review the privacy policies of any third-party sites you visit.

11. Social Media

Our Site links to our social media profiles on Instagram, Facebook, and TikTok. If you interact with those pages, those platforms' respective privacy policies apply. We may receive aggregated, anonymised insights (e.g., post reach, demographic breakdowns) but do not receive your individual personal information without your direct disclosure.

12. Your Choices

• Email communications: You may opt out of marketing emails at any time by clicking the unsubscribe link in any email we send, or by emailing us at hello@nepaya.co.
• Analytics opt-out: You may opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on.
• Cookies: Most browsers allow you to refuse cookies or alert you when cookies are being sent. Consult your browser's Help section for instructions.

13. Do Not Track

Some browsers transmit "Do Not Track" (DNT) signals to websites. Because there is currently no common standard for how websites should respond to DNT signals, our Site does not currently respond to DNT signals differently than it responds to other browsers.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Effective Date" at the top of this page. We encourage you to review this Policy periodically. Your continued use of the Site after any changes constitutes your acceptance of the updated Policy.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please contact us:

• Email: hello@nepaya.co
• Brand: Nepaya / Chime of Wellness LLP
• Website: nepaya.co

We will respond to all legitimate privacy inquiries within 30 days.