Advertisement

Shopping Cart

Featured Products

Privacy Policy

Effective Date: March 2, 2026
Last Updated: March 2, 2026

Herbistry420 (“we,” “us,” or “our”) operates the website herbistry420.com (the “Site”). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our Site, subscribe to our newsletter, make a purchase, or interact with us in any way.

By using our Site, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use our Site.

1. Information We Collect

Personal Information You Provide

We collect personal information that you voluntarily provide when you:

  • Create an account: Name, email address, username, and password
  • Make a purchase: Billing and shipping address, phone number, and payment information (processed securely by our third-party payment providers — we do not store your credit card details)
  • Subscribe to our newsletter: Email address
  • Contact us: Name, email address, and any information you include in your message
  • Leave a comment: Name, email address, website (optional), and comment content

Information Collected Automatically

When you visit our Site, we automatically collect certain information, including:

  • Device and browser information: IP address, browser type and version, operating system, device type
  • Usage data: Pages visited, time spent on pages, referring URLs, click patterns, and navigation paths
  • Location data: Approximate geographic location based on IP address
  • Cookies and similar technologies: See Section 4 below for details

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide and maintain our services: Process orders, manage your account, and deliver content
  • Communicate with you: Send order confirmations, respond to inquiries, and provide customer support
  • Send marketing communications: Newsletter updates, promotional offers, and new content notifications (with your consent)
  • Improve our Site: Analyze usage patterns, troubleshoot issues, and optimize user experience
  • Prevent fraud and abuse: Detect spam, protect against unauthorized access, and maintain security
  • Comply with legal obligations: Meet regulatory requirements and respond to lawful requests

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data based on the following legal grounds:

  • Consent: When you subscribe to our newsletter, accept cookies, or opt in to marketing communications
  • Contractual necessity: When processing is required to fulfill an order or provide services you requested
  • Legitimate interest: For fraud prevention, Site security, analytics, and improving our services
  • Legal obligation: When we are required by law to process your data

4. Cookies and Tracking Technologies

Our Site uses cookies and similar tracking technologies to enhance your experience, analyze traffic, and serve relevant content. We use the Complianz cookie consent management plugin to provide you with control over which cookies are set on your device.

Types of Cookies We Use

  • Essential cookies: Required for the Site to function properly (e.g., session management, shopping cart, security)
  • Analytics cookies: Google Analytics (via Google Site Kit) collects anonymized usage data to help us understand how visitors interact with our Site
  • Advertising cookies: Third-party ad networks may place cookies to deliver relevant advertisements and measure ad performance
  • Functional cookies: Remember your preferences, such as language and region settings

Managing Cookies

You can manage your cookie preferences at any time through our cookie consent banner (powered by Complianz) or by adjusting your browser settings. Please note that disabling certain cookies may affect Site functionality.

Google Analytics

We use Google Analytics (integrated via Google Site Kit) to collect information about how visitors use our Site. Google Analytics uses cookies to gather data such as pages visited, session duration, and traffic sources. This data is processed in aggregate form. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

5. Third-Party Services

We work with trusted third-party service providers to operate our Site and business. These providers may have access to your personal information only to perform tasks on our behalf and are obligated to protect it:

  • Payment processors (Stripe and PayPal): Handle payment transactions securely. We do not store your credit card or payment account details on our servers. Please review Stripe’s Privacy Policy and PayPal’s Privacy Policy for more information.
  • Google Analytics / Google Site Kit: Website analytics and performance tracking. See Google’s Privacy Policy.
  • Advertising networks: Third-party ad providers may collect data through cookies and tracking pixels to deliver targeted advertisements. These providers operate under their own privacy policies.
  • Affiliate programs: We participate in affiliate marketing programs and may earn commissions when you click affiliate links and make purchases. Affiliate partners may use cookies to track referrals.
  • CleanTalk (anti-spam): Analyzes form submissions and comments to prevent spam. See CleanTalk’s Privacy Policy.
  • WP Rocket (caching): Improves Site performance through caching. WP Rocket operates on our server and does not transmit personal data externally.
  • WooCommerce: Powers our online store. Order data is stored securely on our servers. See Automattic’s Privacy Policy.

6. Data Sharing and Disclosure

We do not sell your personal information. We may share your data only in the following circumstances:

  • Service providers: With trusted third parties who assist us in operating our Site, conducting our business, or serving you (as listed above), under strict confidentiality agreements
  • Legal requirements: When required by law, court order, or governmental authority
  • Protection of rights: To protect the rights, property, or safety of Herbistry420, our users, or the public
  • Business transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction

7. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this policy:

  • Account data: Retained for as long as your account is active, plus a reasonable period afterward for legal compliance
  • Order data: Retained for the period required by applicable tax and accounting laws (typically 7 years)
  • Newsletter subscriptions: Retained until you unsubscribe
  • Analytics data: Retained according to Google Analytics data retention settings (default 14 months)
  • Cookies: Vary by type — see our cookie consent banner for specific durations

8. Your Privacy Rights

Rights Under the GDPR (EEA and UK Residents)

If you are in the European Economic Area or United Kingdom, you have the following rights under the General Data Protection Regulation:

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure (“right to be forgotten”): Request deletion of your personal data
  • Right to restrict processing: Request that we limit how we use your data
  • Right to data portability: Receive your data in a structured, machine-readable format
  • Right to object: Object to processing based on legitimate interest or for direct marketing purposes
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us through our contact page. We will respond to your request within 30 days. You also have the right to lodge a complaint with your local data protection authority.

Rights Under the CCPA (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) grant you the following rights:

  • Right to know: Request disclosure of the categories and specific pieces of personal information we have collected about you
  • Right to delete: Request deletion of your personal information
  • Right to correct: Request correction of inaccurate personal information
  • Right to opt out of sale or sharing: We do not sell your personal information. However, certain third-party cookies used for advertising may constitute “sharing” under the CCPA. You can opt out via our cookie consent banner.
  • Right to non-discrimination: We will not discriminate against you for exercising your privacy rights

To submit a CCPA request, please contact us through our contact page. We will verify your identity and respond within 45 days.

9. Email Communications and Newsletter

We comply with the CAN-SPAM Act and applicable email marketing laws. When you subscribe to our newsletter or provide your email during checkout, you may receive:

  • Newsletter updates with new content, reviews, and educational articles
  • Promotional offers and product recommendations
  • Order-related transactional emails

Your rights regarding email:

  • Every marketing email includes an unsubscribe link at the bottom
  • You can unsubscribe at any time, and we will process your request within 10 business days
  • Unsubscribing from marketing emails does not affect transactional emails related to your orders

10. Age Restrictions

Our Site is intended for adults aged 21 and older only. Herbistry420 publishes content related to cannabis education and reviews, which is restricted to adults of legal age.

We do not knowingly collect personal information from anyone under the age of 21. In compliance with the Children’s Online Privacy Protection Act (COPPA), we do not knowingly collect data from children under 13. If we discover that we have inadvertently collected personal information from a minor, we will promptly delete that information. If you believe a minor has provided us with personal data, please contact us immediately through our contact page.

11. Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

  • SSL/TLS encryption for all data transmitted between your browser and our Site
  • Secure payment processing through PCI-compliant third-party providers (Stripe and PayPal)
  • Regular software updates and security patches
  • Anti-spam protection via CleanTalk
  • Access controls to limit who can view personal data

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to maintaining industry-standard protections.

12. International Data Transfers

Our Site is operated from the United States. If you are accessing our Site from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country.

For users in the EEA or UK, we rely on the following mechanisms for international data transfers:

  • Your explicit consent when you use our Site and accept cookies
  • Standard Contractual Clauses (SCCs) where applicable with our service providers
  • EU-U.S. Data Privacy Framework certifications held by our third-party providers (such as Google and Stripe)

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes:

  • We will update the “Last Updated” date at the top of this page
  • For significant changes, we may notify you via email or a prominent notice on our Site
  • Your continued use of the Site after changes are posted constitutes acceptance of the updated policy

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

For GDPR-related inquiries, you may also contact your local data protection authority if you believe your rights have not been adequately addressed.

This Privacy Policy applies solely to information collected through herbistry420.com. It does not apply to information collected offline or through third-party websites linked from our Site.