Your Basket

    Your basket is empty

    Add a infusion to get started.

    Pre-order now
    Free delivery on orders over £35 · Pre-order now — get your order November 2026 · Clinically-dosed ingredients, third-party tested · New: GLOW — skin health from the inside out   ·   Free delivery on orders over £35 · Pre-order now — get your order November 2026 · Clinically-dosed ingredients, third-party tested · New: GLOW — skin health from the inside out

    Privacy Policy

    Last updated: 12 May 2026

    1. Who we are

    NECTA GROUP LTD ("NECTA Labs", "we", "us", "our") is a company registered in England & Wales. We operate the website at nectalabs.com and sell our products worldwide.

    For any privacy queries, contact us at: hello@nectalabs.com

    2. What data we collect

    • Account & order data: name, email address, order history, product preferences, and account login information.
    • Payment data: billing details are processed directly by Stripe. We do not store your card details — Stripe holds them securely under PCI-DSS compliance. We receive only a tokenised reference and the last four digits of your card.
    • Communications: emails you send us, responses to our emails, and email marketing preferences.
    • Usage data: pages visited, browser type, IP address, and referring URL, collected via standard server logs and analytics.
    • Cookies: session cookies required for the website to function, and analytics cookies. See Section 8.

    3. How we use your data

    • To process and fulfil your pre-orders and subscriptions.
    • To send order confirmations, shipping updates, and account notifications.
    • To send marketing emails where you have opted in (you can unsubscribe at any time).
    • To manage your account and provide customer support.
    • To improve our website and product offering.
    • To meet our legal and regulatory obligations.

    4. Legal basis for processing (UK & EU)

    We rely on the following legal bases under UK GDPR / EU GDPR:

    • Contract: processing necessary to fulfil your order.
    • Legitimate interests: fraud prevention, security, and improving our services.
    • Consent: email marketing — you can withdraw consent at any time by clicking "unsubscribe" in any email.
    • Legal obligation: where required by law (e.g. financial records).

    5. Who we share data with

    We only share your data with third parties where necessary:

    • Stripe — payment processing (stripe.com/privacy)
    • Supabase — secure database and authentication hosting
    • Resend — transactional email delivery
    • Vercel — website hosting
    • Fulfilment partners — your name and delivery address are shared with our logistics partners solely to dispatch your order

    We do not sell your personal data. We do not share it with advertisers or data brokers.

    6. International transfers

    We ship worldwide. Some of our service providers (Stripe, Supabase, Vercel, Resend) may process data outside the UK or EEA. Where this occurs, appropriate safeguards are in place — such as Standard Contractual Clauses or adequacy decisions — to ensure your data is protected to an equivalent standard.

    7. How long we keep your data

    • Account data: for as long as your account is active, and up to 2 years after your last order.
    • Order and payment records: 7 years to comply with UK tax law.
    • Marketing preferences: until you unsubscribe or request deletion.

    8. Cookies

    We use the following cookies:

    • Essential cookies: required for login sessions and checkout to work. Cannot be disabled.
    • Analytics cookies: used to understand how visitors use our site (anonymised). You can opt out via your browser settings.

    We do not use advertising or tracking cookies.

    9. Your rights

    Depending on where you are located, you may have the following rights:

    • Access: request a copy of the personal data we hold about you.
    • Rectification: ask us to correct inaccurate data.
    • Erasure: ask us to delete your data (subject to legal obligations).
    • Restriction: ask us to limit how we use your data.
    • Portability: receive your data in a machine-readable format.
    • Objection: object to processing based on legitimate interests.
    • Withdraw consent: for marketing, at any time via the unsubscribe link in any email.

    To exercise any of these rights, email hello@nectalabs.com. We will respond within 30 days.

    If you are in the UK, you have the right to complain to the ICO (ico.org.uk). If you are in the EU, you may complain to your local supervisory authority. Customers in other jurisdictions may have additional rights under applicable local law — contact us and we will assist.

    10. Security

    We take security seriously. All data is transmitted over HTTPS. Passwords are never stored — we use magic link authentication. Payment data is handled exclusively by Stripe. Access to personal data is restricted to authorised personnel only.

    11. Children

    Our products and website are not directed at children under 16. We do not knowingly collect data from anyone under 16. If you believe a child has provided us with personal data, please contact us and we will delete it.

    12. Changes to this policy

    We may update this policy from time to time. We will notify registered customers of material changes by email. The latest version is always available at nectalabs.com/privacy.

    13. Contact

    NECTA GROUP LTD
    Registered in England & Wales
    hello@nectalabs.com

    View Terms & Conditions →