• Login

Privacy Policy

This Privacy Policy (“Policy”) describes how personal information is collected, used, and shared when users and customers (“you,” “your”, “Data subject”) visit or place an order or make a purchase from https://www.iryasa.com or NFC enabled product experience hosted on mtag.io (“Site”, “website”).

This Site is owned and/or operated by Herbs in Sync Pte. Ltd. (“Iryasa”, “We,” “us,” “our”) , a company incorporated in Singapore with UEN 201806631G, with trading name as Iryasa and registered office at 30, Cecil Street, #19-08 Prudential Tower, Singapore 049712.

Please read this Policy carefully to understand how Iryasa, as Data Controller, may collect, store, protect, use, dispose and disclose your personal data (“Personally Identifiable Information”, “PII”), whether through the Site, through third-party softwares or mobile applications (“App”), or otherwise in the course of our normal business operations. The websites of our partners are governed by their respective privacy policies.

Personally Identifiable Information is the information that relates to any living identifiable person. It can include names, addresses, telephone numbers, email addresses, but it is wider than that which means any other information relating to that person or a combination of information which can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.

By submitting your PII data to us, you will be treated as having given your permission – where necessary and appropriate in accordance with this Policy.


When we talk about PII in this Policy, we are referring to Device Information, Order Information and Marketing Information, as described below.

1.1 Device Information:
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your devices or your browsers. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view or products that you add to shopping cart, which websites or search terms referred you to the Site, the amount of time you spend in the Site, the number of times you return to the Site and all other information about how you interact with the Site. We refer to this automatically-collected information as “Device Information”.

We collect Device Information using the following technologies:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Each browser is a little different, so look at your browser's ‘help’ menu to learn the correct way to modify your cookies. If you disable cookies, some features of our website may be disabled, that can impact your user experience on our website. However, you can still contact us for all your query if you face any problem with the Site. For more information about cookies, and how to disable cookies, please visit http://www.allaboutcookies.org

- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.

- “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.

We use Device Information to - (1) provide you with customised content or offers on the website; (2) monitor website usage; (3) aggregate data about website traffic and website interactions in order to offer better user experience including new features & functionalities in the future; (4) remember you when you return to the website; (5) conduct research to improve our content, interactions and shopping services; (6) screen for potential risk and fraud (in particular, your IP address), and to improve & optimise the Site experience; and (7) for digital marketing/ retargeting campaigns.

1.2 Order Information:
When you place your order or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including debit card or credit card numbers or bank account details), email address, mobile number and phone number. We refer to this information as “Order Information”.

The Order information collected will help us to - (1) register you as a new customer or consolidate information for existing customers; (2) process, record, monitor and fulfil your orders and deliveries; (3) process payments, fees, charges and collect/ recover money owed to us (4) screen your orders, reduce credit risk, detect and protect us against error, fraud and other criminal activity (5) plan & schedule routes for deliveries and to communicate with you, including confirming and updating you on the status of your orders, deliveries, returns, refunds etc.; (6) remind you of pending transactions and abandoned shopping carts; (6) verify your identity before providing our services, or responding to any of your queries, applications, feedback and complaints; and (7) respond to the requests that you send us, such as your request for information or clarification, or your request to subscribe to a service or purchase of any product in the Site.

1.3 Marketing Information:
Besides Device Information and Order Information, we also collect your name, email address, phone number, date of birth for the purpose of sending marketing communications, newsletters, information about ongoing offers, participation in surveys, contests, events etc. We refer to this as “Marketing Information”.

In the case of Order Information and Marketing Information, you will know what data we collect through the Site, because you are required to actively submit it to us.


We share your Personally Identifiable Information with trusted third parties to carry out some of the functions as described above.

We do not sell, trade or transfer your PII to outside parties unless we provide you with a notice in advance.

We use Shopify to power our Site - you can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy

We also use Google Analytics to help us understand how our users and customers use the Site - you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

We may also share your PII to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights, usage terms, intellectual or physical property or for safety of Iryasa & associated parties & partners. We may also share your PII if Iryasa is acquired by or merged with another company.

From time to time, we may collaborate with other third parties to organise joint marketing and promotional campaigns, offers or contests, and may require disclosure of certain PII to such third parties. For example, where a promotion or a voucher code or discount coupon is specially offered to customers of our third-party partner, we may share your information with that partner to the extent relevant to such promotional campaign. In some cases, you may not be able to enjoy the promotion, offer or participate in the contest, unless you consent to disclosure to our partner of your PII. Voucher Code refers to any credits, vouchers, coupons or codes offered by Iryasa for use in the purchase of our products & services.

While we require all our personnel, partners and third parties to ensure that any of your PII data disclosed to them is kept confidential and secure, we draw your attention to the following:

We may process your data outside of Singapore and in doing so will comply with the applicable laws. You agree that we may transfer your PII data to our affiliates, subsidiaries and/or other third parties located outside of Singapore, as long as the PII is handled in accordance with this Policy and all applicable laws. Iryasa will ensure recipients of your PII are legally bound to provide a standard of protection for your PII comparable to that of the protection afforded under the Personal Data Protection Act 2012 (No. 26 of 2012) and/ or in accordance with the appropriate requirements as specified under the relevant country or state law.

Where the legal basis for us processing your Personal Identifiable Information is that you have given us your consent, you may withdraw your consent at any time. You will not suffer any detriment for withdrawing your consent. If you withdraw your consent, it shall not make any processing of your PII that were undertook before your withdrawal unlawful. You can withdraw your consent by contacting us as set out below.

Finally, please be aware that, in certain circumstances, where you do not provide some of your Personal Identifiable Information which is required by us, we will not be able to provide you the products and services or may not be able to comply with a legal obligation on us.


We may provide links to third-party websites that are not owned by or affiliated with us, for your convenience and information. Occasionally, at our discretion, we may also include or offer third-party products or services on our website. If you access those links through the Site, you will leave the Site. These links do not constitute our endorsement of the linked websites or the products and/or services offered on those websites.

We do not control those websites or their privacy practices, which may differ from our practices. We do not endorse or make any representations about third-party websites. The PII you choose to provide to or that is collected by these third parties, including any social media websites featured on our website, is not covered by this Policy. We encourage you to review the privacy policy of the respective third-party website before submitting your PII. We therefore have no responsibility or liability for the content and activities of these linked websites. Nonetheless, we seek to protect the integrity of our website and welcome any feedback about these third-party websites.


As described above, we use your PII to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of targeted advertising by using the links below:
- Facebook: https://www.facebook.com/settings/?tab=ads
- Google: https://www.google.com/settings/ads/anonymous
- Bing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.


Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.


We aim to keep PII about you as accurate as possible. If you would like to review, change or delete the details you have supplied us with, please contact us as set out below. We will make a sincere effort to respond in a timely manner to your requests to correct inaccuracies in your Personally Identifiable Information.

If you are a European resident, you have the right to access personal information we hold about you and to ask that your information be corrected, updated, or deleted. If you would like to exercise this right, please contact us as per listed below.

Additionally, if you are a European resident, kindly note that we are processing your information in order to fulfil contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests. We would also want you to note that your information can be transferred outside of Europe.


You recognise and understand that there is no compulsion on you to provide us with your PII and any & all information provided by you to us is with your full consent, own volition and desire to provide such information. You also understand that we are under no obligation to verify the source from which the information about you is provided to us, and they are deemed to be provided by you, unless you demonstrate to us within a period of fifteen (15) days from the date of providing of such information to us, to our satisfaction, that the information was provided to us is without your free consent.


When you place an order through the Site, we will maintain your Order Information and Marketing Information for our records unless and until you ask us to delete this information. If you request for deletion, Iryasa will destroy or delete the information, or remove the means by which the data can be associated with you within fifteen (15) days, unless its retention is required to satisfy legal, regulatory, accounting or other business requirements or to protect Iryasa’s interests.


Iryasa adopts reasonable and appropriate security practices & procedures that includes administrative, physical security, and technical controls in order to safeguard your Personally Identifiable Information.

As your user account is protected by a password for your privacy and security, we ask that you take steps to protect against unauthorised access or use of your account. Please select and protect your password appropriately and limit access to your device and browser by signing off after you have finished accessing your user account. You are responsible for any loss, theft and compromise of your password and account Information, and any activity on your account that takes place through unauthorised password use.

We understand the importance of keeping your Personally Identifiable Information private and secure. We therefore put in place security arrangements to protect your privacy and Personally Identifiable Information, in a manner that we believe is reasonably appropriate to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks.

Please be informed that despite our best efforts, no security measures are impenetrable. Unauthorised entry or use, hardware or software failure, and other factors, may compromise the security of your Personally Identifiable Information. Iryasa does not warrant or guarantee in any way that your personal information or private communications will always remain private and/or safe. We hereby disclaim any responsibility or liability directly or indirectly arising out of or in connection with, any loss, theft, or unauthorised access, collection, use, disclosure, copying, modification, disposal or similar actions with regard to any Personally Identifiable Information held or maintained by us, except to the extent caused by our fault or negligence.


Our website may provide interactive features (such as comments section for blogs, option to submit your reviews for our products) that allow you to disclose information directly to other users. Your participation in such interactive features is completely voluntary and we assume no obligations or responsibility with respect to the information you provide or share. We may also personalise our interactive features providing additional information such as your name, location, and other information. We may also use the information provided in our official social media destinations and in other communications such as eDMs.


Iryasa recognises the receipt, transmission or distribution of spam emails (i.e.) unsolicited bulk emails as a major concern and has taken reasonable measures to minimise the transmission and effect of spam emails in our computing environment. All emails received by Iryasa are subject to spam check. Any email identified as spam will be rejected with sufficient information to the sender for taking necessary action. With this measure, along with other technical spam reduction measures, Iryasa hopes to minimise the effect of spam emails. Iryasa reserves the right to reject and/or report any suspicious spam emails, to the authorities concerned, for necessary action.


We may update or revise this Policy from time to time, for example, changes to our practices due to operational, legal or regulatory reasons.

If an update or revision is material, we will try to provide at least thirty (30) days’ notice prior to any new terms taking effect. What constitutes a material change will be determined at our sole discretion. By continuing to access or use our Site after those updates or revisions become effective, you agree to be bound by the new privacy policy. If you do not agree to the new privacy policy, you may stop using our Site.


Our Site is not aimed at children or minors under 16 years old and we will not knowingly collect, use, provide or process any information of children under the age of 16. The age requirement may vary in your state or province of residence.

We therefore also ask you, if you are under the age of majority in your state or province of residence, to please not provide your Personally Identifiable Information. If you are under the age of majority in your state or province of residence and you nevertheless wish to ask a question or use this website in anyway which requires you to submit your Personally Identifiable Information, please get your parent or guardian to do so on your behalf.


For more information about our privacy practices, if you have questions, or if you wish to make a complaint, please contact us by email at admin@iryasa.com or by mail using the details provided below:

Attn: Privacy Compliance Officer
Herbs in Sync Pte. Ltd. (Iryasa)
30, Cecil Street, #19-08, Prudential Tower,
Singapore 049712

Last updated: Mar 23, 2021


Search our shop