Skip to main content
Blemish Care

Welcome to Blemish Care Cosmetics

Login Create Account

Legal

Privacy Policy

Last updated: January 1, 2026

NDPR Compliant

This privacy policy complies with the Nigeria Data Protection Regulation (NDPR) and the Nigeria Data Protection Act 2023.

At Blemish Care Cosmetics, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data in compliance with the Nigeria Data Protection Regulation (NDPR).

1. Information We Collect

We collect information that you provide directly to us when you:

  • Create an account: Name, email address, phone number, and password
  • Place an order: Shipping address, billing address, and payment information
  • Subscribe to our newsletter: Email address and name
  • Contact us: Name, email, phone number, and message content
  • Leave a review: Name, rating, and review content

We also automatically collect certain information when you visit our website, including your IP address, browser type, device information, pages visited, and referring URLs. This data is collected through cookies and similar technologies.

2. How We Use Your Information

We use the information we collect to:

  • Process and fulfil your orders, including shipping and payment processing
  • Send order confirmations, shipping updates, and delivery notifications via email and SMS
  • Respond to your inquiries and provide customer support
  • Send marketing communications and promotional offers (with your explicit consent)
  • Improve our website, products, and services through analytics
  • Prevent fraud, detect security threats, and ensure platform integrity
  • Comply with legal obligations under Nigerian law

3. Data Storage & Security

We implement industry-standard security measures to protect your personal information, including:

  • SSL Encryption: All data transmitted between your browser and our servers is encrypted using 256-bit SSL technology
  • Secure Payment Processing: Payment information is processed through Paystack, a PCI-DSS Level 1 compliant payment processor. We never store your card details on our servers
  • Access Controls: Employee access to personal data is restricted on a need-to-know basis
  • Regular Audits: We conduct periodic security assessments of our systems

Your personal data is stored on secure servers within Nigeria and may be processed by trusted third-party service providers who operate under strict data processing agreements.

4. Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience. These include:

  • Essential Cookies: Required for website functionality, shopping cart, and checkout process
  • Analytics Cookies: Help us understand how visitors use our website so we can improve it
  • Marketing Cookies: Used to deliver relevant advertisements and track campaign effectiveness
  • Preference Cookies: Remember your settings and preferences for a better experience

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect website functionality.

5. Third-Party Services

We do not sell, trade, or rent your personal information to third parties. We may share your information with trusted service providers who assist us in:

  • Payment Processing: Paystack (for secure payment handling)
  • Shipping & Logistics: GIG Logistics, DHL, and local courier services (for order delivery)
  • Email Services: For transactional and marketing communications
  • Analytics: For website performance monitoring

These service providers are contractually obligated to protect your data and use it only for the purposes we specify.

6. Your Rights

Under the NDPR and applicable Nigerian data protection laws, you have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate or incomplete data
  • Erasure: Request deletion of your personal data (subject to legal obligations)
  • Restriction: Request limitation of processing of your data
  • Portability: Receive your data in a structured, commonly used format
  • Objection: Object to processing of your data for direct marketing purposes
  • Withdraw Consent: Withdraw consent for marketing communications at any time

To exercise any of these rights, please contact us at hello@blemishcare.com. We will respond to your request within 30 days.

7. NDPR Compliance

Blemish Care Cosmetics is committed to complying with the Nigeria Data Protection Regulation (NDPR) issued by the National Information Technology Development Agency (NITDA) and the Nigeria Data Protection Act 2023.

In accordance with the NDPR, we:

  • Obtain your consent before collecting and processing personal data
  • Collect only data that is necessary for the specified purposes
  • Store your data securely and protect it from unauthorised access
  • Do not retain personal data longer than necessary
  • Provide mechanisms for you to exercise your data rights
  • Report any data breaches to the relevant authorities as required by law

8. Changes & Contact

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. Changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

For questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Free Shipping

On orders over ₦25,000

Secure Payment

256-bit SSL encryption

100% Authentic

Genuine products only

Easy Returns

7-day return policy