top of page

FRAGRANCES AND SKIN CARE AT WHOLESALE PRICES

PRIVACY POLICY

PerfumeGroupBuy.com

Effective date: 01.05.2026
Website: PerfumeGroupBuy.com
Operator / Data Controller: Vitaly Geyderikh, trading as Scent Hub (“Scent Hub”, “we”, “us”, “our”)

1. Who we are

PerfumeGroupBuy.com is created and operated by Vitaly Geyderikh, trading as Scent Hub. For the purposes of data protection law, we are the data controller of the personal data described in this Privacy Policy, meaning we decide how and why your personal data is processed. GDPR applies to organisations in the EU, and also to organisations outside the EU that target individuals in the EU. (European Union)

2. What this Privacy Policy covers

This Privacy Policy explains:

  • what personal data we collect,

  • how we use it,

  • the legal bases we rely on,

  • who we share it with,

  • how long we keep it,

  • and what rights you have in relation to your personal data.

This Privacy Policy applies when you:

  • visit PerfumeGroupBuy.com,

  • create or use an account,

  • join a campaign,

  • place an order,

  • make a payment,

  • contact us,

  • or otherwise interact with the website.

3. The personal data we collect

Depending on how you use the website, we may collect and process the following categories of personal data:

3.1 Account and identity data

  • name

  • email address

  • account/member ID

  • contact ID

  • login information

  • account-related profile information made available through the platform

3.2 Address and contact data

  • registered address associated with your account

  • postal code

  • country

  • phone number, where provided

3.3 Order and campaign data

  • campaign participation details

  • products ordered

  • quantities

  • prices

  • stock-related interactions

  • order history

  • payment reference / transaction reference

  • internal fulfilment and campaign summary records

3.4 Payment-related data

  • payment status

  • payment identifier

  • payment provider response details

We do not intentionally store full payment card details on our own systems where payment is processed by a third-party payment provider.

3.5 Communications data

  • messages sent to us by email, contact form, or website communication tools

  • customer service requests

  • complaint or support correspondence

3.6 Technical and usage data

  • IP address

  • browser/device information

  • website usage information

  • cookies and similar technologies, subject to your cookie settings where applicable

Under GDPR transparency rules, organisations should clearly explain the categories of personal data processed and the purposes for which they are used. (Homepage | Data Protection Commission)

4. How we collect your data

We collect personal data:

  • directly from you, when you register, order, make payment, or contact us;

  • from your account/profile information made available through the website platform;

  • from payment providers, in the form of payment status and transaction references;

  • and automatically through website usage technologies such as cookies and server logs.

5. How we use your personal data

We use your personal data for the following purposes:

5.1 To create and manage your account

We use your data to register you, authenticate you, maintain your account, and identify you when you use the website.

5.2 To operate campaigns and process orders

We use your data to:

  • process participation in group-buy campaigns,

  • record ordered products and quantities,

  • manage campaign totals,

  • administer order records,

  • and fulfil or prepare fulfilment of your purchase.

5.3 To process payments

We use necessary order and identity information to initiate and record payment transactions through third-party payment providers.

5.4 To provide customer support

We use your data to respond to questions, complaints, order issues, refund matters, and campaign updates.

5.5 To administer and secure the website

We use technical and account data to:

  • maintain website functionality,

  • prevent misuse and fraud,

  • protect the website and users,

  • and investigate suspicious or abusive activity.

5.6 To comply with legal and regulatory obligations

We may process and retain certain information where necessary for:

  • bookkeeping,

  • tax compliance,

  • fraud prevention,

  • legal claims,

  • consumer law compliance,

  • and regulatory requests.

5.7 To improve our services

We may use usage and order information to analyse how the website and campaigns perform and to improve our operations, catalog structure, customer experience, and internal reporting.

GDPR requires that processing be lawful, fair, and transparent, and that individuals be told the purposes for which their data is used. (Homepage | Data Protection Commission)

6. Legal bases for processing

We rely on one or more of the following legal bases under GDPR, depending on the purpose of processing:

6.1 Contract

We process personal data where necessary to take steps at your request before entering into a contract, and to perform our contract with you, for example:

  • account operation,

  • order processing,

  • campaign participation,

  • payment handling,

  • and fulfilment administration.

6.2 Legal obligation

We process personal data where necessary to comply with legal obligations, including accounting, tax, and certain consumer law obligations.

6.3 Legitimate interests

We may process personal data where necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. This includes:

  • fraud prevention,

  • website and system security,

  • internal reporting,

  • campaign administration,

  • and customer service management.

6.4 Consent

Where required, we rely on consent, for example in relation to certain cookies or optional marketing communications.

EU and Irish guidance recognises several lawful bases for processing, including consent, contract, legal obligation, and legitimate interests. (European Union)

7. Registered address and fulfilment

At the current stage of our business, orders may be processed manually, and we may rely on the address associated with your registered customer account as the delivery address for fulfilment purposes.

It is your responsibility to ensure that your registered account details, including your address, are accurate and up to date before placing an order.

8. Who we share your data with

We may share personal data with the following categories of recipients where necessary:

  • payment service providers and payment processors;

  • website hosting and website platform providers;

  • technology, security, and infrastructure providers;

  • delivery, logistics, or fulfilment partners where applicable;

  • accountants, legal advisers, or other professional advisers where necessary;

  • regulators, authorities, law enforcement, or courts where legally required;

  • and other service providers who process data on our behalf under appropriate arrangements.

We do not sell your personal data to advertisers.

Under GDPR transparency obligations, individuals should be informed about the recipients or categories of recipients of their personal data. (European Union)

9. International data transfers

Some of our service providers may process personal data outside the European Economic Area. Where this happens, we will take steps intended to ensure that your personal data receives an appropriate level of protection in accordance with applicable data protection law, such as relying on recognised transfer mechanisms where required.

EU GDPR guidance recognises that transfers outside the EU/EEA require an appropriate legal basis or safeguard. (European Union)

10. How long we keep your data

We keep personal data only for as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention periods may depend on:

  • whether you have an account with us,

  • whether you have placed an order,

  • tax and accounting requirements,

  • legal claims limitation periods,

  • fraud prevention needs,

  • and operational necessity.

In general:

  • account data is kept while your account remains active and for a reasonable period afterward where needed;

  • order and payment records may be kept for longer where required for accounting, tax, and legal compliance;

  • support correspondence may be kept for as long as necessary to manage the issue and maintain business records;

  • technical logs are typically kept for shorter operational/security periods unless needed longer for investigation.

GDPR requires organisations to avoid keeping personal data longer than necessary for the purpose for which it was collected. (European Union)

11. Your rights

Under GDPR, you may have the right to:

  • be informed about how your personal data is used;

  • access your personal data;

  • correct inaccurate or incomplete personal data;

  • request erasure in certain circumstances;

  • restrict processing in certain circumstances;

  • object to certain processing, especially where based on legitimate interests or direct marketing;

  • data portability, where processing is based on consent or contract and carried out by automated means;

  • and lodge a complaint with a supervisory authority.

Irish DPC guidance and EU guidance both confirm these core rights, and the EDPB notes that organisations should answer data subject requests within one month, subject to limited extensions in appropriate cases. (European Data Protection Board)

12. How to exercise your rights

If you wish to exercise your rights, you can contact us using the contact details in this Privacy Policy.

We may ask you for information to verify your identity before acting on your request.

You also have the right to lodge a complaint with the Data Protection Commission (Ireland), which is the Irish supervisory authority for the GDPR. (Homepage | Data Protection Commission)

13. Cookies and similar technologies

We may use cookies and similar technologies for website functionality, security, analytics, and user experience. Where required, we will seek your consent before placing non-essential cookies.

You should also provide a separate Cookie Policy or cookie notice if cookies are used beyond strictly necessary website functions, since transparency and lawful basis requirements still apply. (European Union)

14. Data security

We take reasonable technical and organisational measures designed to protect personal data against unauthorised access, alteration, disclosure, loss, or misuse.

However, no internet-based system can be guaranteed to be completely secure, and you should also take care to protect your own account credentials.

15. Children

PerfumeGroupBuy.com is not intended for children. We do not knowingly collect personal data from children through the website in connection with account registration or purchases.

EU guidance notes that where consent-based services are offered directly to children, parental consent rules may apply, with age thresholds varying between 13 and 16 depending on the Member State. (European Union)

16. Third-party websites and tools

The website may contain links to third-party services, tools, or websites, including payment services or external product-verification tools. We are not responsible for the privacy practices of third-party services, and you should review their own policies separately.

17. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The most recent version published on the website will apply.

If we make material changes, we may also provide additional notice where appropriate.

18. Contact details

PerfumeGroupBuy.com
Created and operated by Vitaly Geyderikh, trading as Scent Hub

Email: info@scenthub.ie
Website: PerfumeGroupBuy.com

19. Supervisory authority

If you believe your personal data has been handled unlawfully, you may contact the Data Protection Commission (Ireland). The DPC is the Irish supervisory authority for the GDPR. (Homepage | Data Protection Commission)

bottom of page