Access Rituals

Privacy Policy

Mystic Nordica

Owner & Data Controller: Katrín Huld Bjarnadóttir
📧 Contact Email: [email protected]

1. Introduction

Mystic Nordica is committed to protecting your privacy and personal data.

This Privacy Policy explains how we collect, use, store, and protect your personal information when you:

  • Visit our website
  • Purchase our products
  • Book or participate in a 1:1 ritual experience
  • Engage with our content or communications

We process your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable laws.

2. What Data We Collect

We may collect and process the following categories of personal data:

Information you provide directly:

  • Name, email address, and contact details
  • Billing and shipping information
  • Purchase and order history
  • Email subscription preferences
  • Information shared through forms, surveys, questionnaires, or 1:1 sessions (such as wellbeing reflections, intentions, or personal experiences)

Information collected automatically:

  • IP address
  • Browser type and device information
  • Website usage data (via cookies and analytics tools such as Google Analytics or Meta/Facebook Pixel)

We do not knowingly collect personal data from individuals under the age of 18.

3. How We Use Your Data

We use your personal data to:

  • Process and fulfill orders (physical and digital)
  • Manage and deliver 1:1 ritual experiences
  • Provide customer support and respond to inquiries
  • Communicate with you regarding purchases, bookings, or updates
  • Send marketing emails (only with your consent)
  • Analyze website performance and improve our services
  • Comply with legal, tax, and accounting obligations
  • Understand preferences and experiences to refine or develop future offerings

4. Legal Basis for Processing

Under GDPR, we process your data based on the following legal grounds:

  • Contractual necessity – to fulfill purchases and services
  • Consent – for marketing communications, cookies, and optional submissions
  • Legitimate interest – to improve services, user experience, and website performance
  • Legal obligation – for financial, tax, and regulatory compliance

5. Data Sharing & Third Parties

We only share personal data with trusted third-party providers necessary to operate our business, such as:

  • Payment processors (e.g., Teya, Stripe, PayPal)
  • Shipping providers
  • Email marketing platforms (e.g., Mailchimp or similar)
  • Booking or scheduling tools
  • Analytics providers (e.g., Google Analytics, Meta/Facebook Pixel)

These providers are required to handle your data securely and in compliance with GDPR or equivalent standards.

We do not sell or rent your personal data.

6. International Data Transfers

Some of our service providers may process data outside the European Economic Area (EEA).

When this occurs, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs)
  • GDPR-compliant agreements with providers

7. Data Storage & Retention

Your data is stored securely using appropriate technical and organizational measures.

We retain personal data only:

  • As long as necessary to fulfill the purposes outlined in this policy
  • To comply with legal, tax, or accounting obligations
  • Until you request deletion (where applicable)

8. 1:1 Session Privacy

We respect the personal and sensitive nature of all 1:1 ritual experiences.

  • Information shared before, during, or after a session is treated with care and respect
  • Sessions are not recorded unless explicitly agreed in advance
  • Personal information is not shared with third parties without your consent, unless required by law

Please note:
Mystic Nordica’s services are not bound by medical or therapeutic confidentiality frameworks.

9. Your Rights (GDPR)

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate or incomplete data
  • Withdraw consent at any time
  • Request deletion of your personal data (“right to be forgotten”)
  • Object to processing or restrict how your data is used
  • Opt out of marketing communications at any time
  • Lodge a complaint with your local data protection authority

To exercise your rights, contact:
📧 [email protected]

10. Cookies & Tracking Technologies

We use cookies and similar technologies to:

  • Ensure website functionality
  • Analyze traffic and user behavior (Google Analytics)
  • Support marketing and advertising (e.g., Meta/Facebook Pixel)

Where required, we request your consent before placing non-essential cookies.

You can manage or disable cookies through your browser settings.

11. Affiliate Links

Some content may include affiliate links.

If you purchase through these links, we may earn a small commission at no additional cost to you.

We only recommend products aligned with our values.

12. Third-Party Links & Services

Our website may contain links to third-party websites or services.

We are not responsible for their privacy practices, and we encourage you to review their policies before sharing personal data.

13. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, misuse, or alteration.

However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

14. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.

15. Contact

If you have any questions about this Privacy Policy or how your data is handled, you are warmly welcome to contact:

📧 [email protected]

Closing

Mystic Nordica is committed to treating your data with care, intention, and respect.

Scroll to Top