FIND A HERBALIST
Herbal Alliance
Find a Herbalist

Privacy Policy

Last Updated: 16th February 2026

1. Introduction

The Herbal Alliance ("we," "us," or "our") is a community of herbal organisations and herbalists dedicated to promoting and supporting herbal medicine. We are committed to protecting and respecting your privacy.

This Privacy Policy explains how we collect, use, and protect your personal data in compliance with the Data Protection Acts 1988–2018 and the General Data Protection Regulation (GDPR) as applicable in the Republic of Ireland.

2. The Data Controller

For the purposes of the GDPR, the Data Controller is: [Your Full Name] trading as The Herbal Alliance. Contact Email: [Your Contact Email] Address: [Your Business Address]

3. Types of Information We Collect

A. Information You Provide Voluntarily

  • For Directory Members (Herbalists): When you register for a listing, we collect your name, business address, email address, phone number, professional qualifications, insurance details, and professional association membership.
  • For Public Users: If you contact us via our website or sign up for our newsletter, we collect your name and email address.

B. Technical & Digital Information

When you visit our website, we automatically collect certain technical data, including:

  • IP address and browser type.
  • Time zone settings and location data.
  • Usage patterns (pages viewed, links clicked) via cookies.
  • Newsletter engagement (open rates and click-through rates).

C. Non-Personal Data

We gather statistical and analytical information on an aggregate basis (e.g., total number of visitors to a specific page). This data cannot be used to identify you.

4. Purposes & Legal Basis for Processing

Under GDPR, we must have a "legal basis" for using your data. We use your data for the following reasons:

  • Contractual Necessity: To provide the directory services you have signed up for as a member.
  • Consent: When you explicitly opt-in to receive our newsletter or marketing communications.
  • Legitimate Interests: To improve our website, monitor security, and understand how our community interacts with our content.
  • Legal Obligation: If we are required by law to hold or disclose information.

5. Storage & Security

  • Security: We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, or alteration.
  • Data Transfers: While we primarily store data within the European Economic Area (EEA), some of our service providers (such as email marketing platforms or website hosts) may process data outside the EEA. We ensure these providers adhere to strict data protection standards (e.g., Standard Contractual Clauses).
  • Internet Risks: No data transmission over the internet is 100% secure. Any transmission is at your own risk.

6. Data Sharing

We do not sell your personal data to third parties. We only share information with:

  • The Public: Member details (name, clinic, qualifications) are displayed publicly in the directory as per your membership agreement.
  • Service Providers: Third-party vendors who provide website hosting, payment processing, or email delivery services.
  • Legal Authorities: If required by law to do so.

7. Data Retention

  • Member Data: We retain your professional information for as long as you maintain an active listing in the directory.
  • Contact/Enquiry Data: Personal data collected via contact forms is typically retained for a maximum of 3 years.
  • Newsletter Data: We keep your email on our list until you choose to "unsubscribe."

8. Your Rights

Under the GDPR, you have the following rights:

  1. Right of Access: You can request a copy of the personal data we hold about you.
  2. Right to Rectification: You can ask us to correct inaccurate or incomplete information.
  3. Right to Erasure ("Right to be Forgotten"): You can request that we delete your data in certain circumstances.
  4. Right to Object: You can object to our processing of your data for direct marketing.
  5. Right to Portability: You can request a copy of your data in a machine-readable format.
  6. Right to Withdraw Consent: Where we rely on consent (e.g., newsletters), you can withdraw it at any time.

To exercise any of these rights, please contact us at [Your Contact Email].

9. Cookies

Our website uses cookies to distinguish you from other users and improve your experience. For detailed information, please refer to our Cookie Policy.

10. Complaints

If you are unhappy with how we handle your personal data, we ask that you contact us first. However, you have the right to lodge a complaint with the Data Protection Commission (DPC) in Ireland:

Data Protection Commission 21 Fitzwilliam Square South Dublin 2, D02 RD28 Web: www.dataprotection.ie