Who we are

LovelySuri Global (“we”, “us”, “our”) operates an e-commerce website that sells women’s wellness and menstrual care products across Malaysia and selected Southeast Asian countries.

We respect your privacy and are committed to protecting your personal data in accordance with applicable data protection laws, including the Malaysia Personal Data Protection Act 2010 (PDPA).

Information We Collect

We collect personal information that you voluntarily provide when interacting with our website, including when you:

Place an order
Create an account (if applicable)
Contact customer support
Subscribe to marketing communications
Participate in promotions or surveys

The types of personal data collected may include:

Full name
Email address
Phone number
Billing address
Shipping address
Order details and purchase history

We do not collect national identification numbers or passport details.

We do not intentionally collect health data, but some product-related interactions (such as product preferences or usage-related inquiries) may indirectly relate to personal wellness needs.

How We Use Your Information

We use your personal data to:

Process and fulfill your orders
Deliver products to your address
Communicate order updates and support responses
Process payments and prevent fraud
Manage customer service inquiries
Improve website experience and product offerings
Send promotional messages (only if you opt in)

Payment

All payment transactions are processed securely through third-party payment gateways, including Razorpay Curlec.

We do not store or have access to your full credit/debit card information. Payment data is handled directly by the payment processor in accordance with their security standards.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included.

Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

We do not sell or rent your personal data.
We only share your data with trusted third parties when necessary for business operations, such as:

Courier and logistics providers for order delivery
Payment processors (e.g. Razorpay Curlec)
Website hosting and e-commerce infrastructure providers (WooCommerce/hosting services)
Customer communication tools (if implemented in the future)

These third parties are required to handle your data securely and only for the intended purpose.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

We retain your personal data only as long as necessary to:

Fulfil orders
Comply with legal and tax obligations
Resolve disputes
Maintain business records

After this period, your data will be securely deleted or anonymised.

Data Security

We implement reasonable technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction.

However, no online system is completely secure, and we cannot guarantee absolute security.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Under applicable data protection laws, you may have rights to:

Access your personal data
Request correction of inaccurate data
Request deletion of your personal data (subject to legal obligations)
Withdraw consent for marketing communications

To exercise these rights, contact us at our contact page.

International Users

We operate primarily in Malaysia and Southeast Asia. If you access our website from outside these regions, you acknowledge that your data may be transferred and processed in Malaysia or other operational locations.

Children Privacy

Our website is not intended to restrict access by age. However, we do not knowingly collect personal data from children without consent from a parent or guardian.

If you believe a child has provided us personal data, please contact us for removal.