Complimentary shipping on orders over ₦150,000.
Bag (0)
Legal

Privacy policy.

What we collect, how we use it, and the controls you have. Last updated May 26, 2026.

Privacy policy

Last updated: 26 May 2026.

Caramink Beauty ("Caramink", "we", "our", "us") is the data controller for personal data processed through this storefront and the Caramink studio. This policy describes how we handle that data in line with the Nigeria Data Protection Act, 2023 (NDPA) and the regulations issued by the Nigeria Data Protection Commission (NDPC).

1. Who we are

  • Legal name: Caramink Beauty
  • Email: [email protected]
  • Phone: +234 (0) 901 010 0123 (Caramink will publish CAC, NAFDAC, HEFAMAA, and DPO registration numbers here as they are issued.)

If we are designated a "data controller of major importance" under the NDPA, our Data Protection Officer can be reached at [email protected].

2. What personal data we process

We process only what is necessary to run the storefront, fulfil orders, and provide clinical services:

  • Identity & contact — name, email, phone, password hash, date of birth where required by law.
  • Order & payment — items, prices, delivery address, partial payment-method metadata. Full card details never touch our servers; payments are processed by our designated provider.
  • Booking & clinical — services booked, preferred date/time, optional clinical history (allergies, current medication, prior procedures). Clinical information is held under tighter access controls and longer retention.
  • Loyalty & membership — points balance, point grants, membership status and end-date.
  • Device & usage — IP address, browser, pages visited, basic analytics.
  • Communications — emails or messages you send us and our responses.

3. Lawful basis for processing (NDPA s.25)

We process each category only on a lawful basis under the NDPA:

  • Consent — newsletter sign-up, marketing texts, optional analytics.
  • Performance of a contract — taking and fulfilling your orders and bookings.
  • Legal obligation — tax, NAFDAC reporting, clinical record-keeping.
  • Vital interest — clinical screening to safely provide infusion or body-modification services.
  • Legitimate interest — fraud prevention, security, service improvement, balanced against your rights.

You can withdraw consent at any time by emailing [email protected]; that does not affect the lawfulness of processing before the withdrawal.

4. Who we share data with

We share the minimum data needed, only with:

  • Payment processor — to charge and refund.
  • Logistics partners — to deliver orders.
  • Hosting and email/SMS providers — to operate the site and send transactional messages.
  • Licensed clinicians and pharmacists acting for Caramink — to provide booked services under their MDCN / PCN obligations.
  • NAFDAC, NDPC, FCCPC, HEFAMAA, tax authorities, courts — when legally required.

We do not sell your personal data.

5. International transfers (NDPA s.41)

Some of our processors (e.g. cloud hosting, email providers) may store data outside Nigeria. Where that happens, we rely on:

  • transfers to jurisdictions the NDPC has whitelisted as providing adequate protection, or
  • standard contractual safeguards approved by the NDPC, or
  • your explicit informed consent for the specific transfer.

6. Retention

  • Account data — kept while your account is active; deleted on request unless we must keep it for tax or clinical reasons.
  • Order & invoice records — kept for six (6) years to satisfy Nigerian tax obligations.
  • Clinical records (bookings, consents, photos) — kept for seven (7) years as standard clinical practice requires.
  • Marketing opt-ins — kept until you unsubscribe.

7. Your rights under the NDPA

You have the right to:

  1. Access your personal data and ask what we hold.
  2. Rectify inaccurate data.
  3. Erase ("right to be forgotten") subject to legal hold exceptions.
  4. Restrict or object to processing in specific cases.
  5. Portability — receive your data in a portable format.
  6. Not be subject to automated decisions that produce a legal or similar effect on you.
  7. Lodge a complaint with the Nigeria Data Protection Commission (NDPC) at ndpc.gov.ng.

To exercise any right, email [email protected] with "Privacy request" in the subject. We respond within one (1) month, extendable by two months for complex requests per NDPA s.39.

8. Cookies

We use cookies to keep you signed in, remember your cart, and measure basic analytics (anonymised). You can disable cookies in your browser, but sign-in and cart will stop working.

9. Data breach

If we suffer a personal-data breach that is likely to result in risk to you, we will notify the NDPC within 72 hours of becoming aware of it (NDPA s.40), and notify you without undue delay where the risk is high.

10. Children

Caramink services are for adults aged 18 and over. We do not knowingly collect data from anyone under 18. If you believe a minor has provided us data, email [email protected] and we will delete it.

11. Updates

Material changes are notified on the storefront and emailed to active customers. The "last updated" date at the top of this page always reflects the current version.

12. Contact

Caramink Beauty [email protected] +234 (0) 901 010 0123 Instagram: @caraminkbeauty

Caramink is a modern beauty house — clinical skincare, signature infusions, and considered objects for the everyday ritual.
Join the list
Follow
@caraminkbeauty
@caraminkbeauty
Shop
All Products
Skincare
Merch
Gift Cards
Services
All Services
Teeth Whitening
Infusions
Stretch Mark Removal
Tattoos
Piercing
Company
About
The Ritual
Memberships
Journal
Contact
Help
FAQ
Shipping & Returns
Booking Policy
Privacy
Remote · Mobile · Home service · [email protected] · +234 (0) 901 010 0123
© 2026 Caramink Beauty. All rights reserved.
Privacy
Terms
Accessibility