Privacy Policy

Last Updated: 2025/05/11

‌1. Data We Collect‌

‌Personal Information‌

Provided by You: Name, email, billing/shipping addresses, payment details (processed securely via PCI-DSS compliant gateways), and size preferences.
Automatically Collected: IP address, device type, browser data, and browsing behavior via cookies (see Section 6).
Third-Party Sources: Social media profiles (if linked), marketing analytics providers.

‌Non-Personal Data‌
Aggregated statistics on product interactions, anonymized purchase trends, and website performance metrics.

‌2. How We Use Your Data‌

Process orders, returns, and customer service requests.
Personalize product recommendations via machine-learning algorithms.
Send transactional emails (order confirmations) and promotional campaigns (opt-out anytime).
Improve website functionality through A/B testing and heatmap analysis.
Prevent fraud using AI-driven pattern recognition.
Comply with legal obligations (e.g., tax reporting).

‌3. Data Sharing & Disclosure‌

We only share data under strict protocols:

‌Service Providers‌: Logistics partners for shipping, cloud storage vendors (AWS encrypted servers), and payment processors (Stripe, PayPal).
‌Legal Compliance‌: When required by law enforcement, court orders, or regulatory bodies.
‌Business Transfers‌: During mergers/acquisitions, with confidentiality agreements in place.
‌Marketing Partners‌: Aggregated, non-identifiable data for trend analysis.

We never sell your personal information.

‌4. Your Rights‌

Depending on residency, you may:

‌Access/Correct Data‌: Via your account dashboard or email request.
‌Delete Data‌: Submit a GDPR/CCPA-compliant erasure request.
‌Opt-Out‌: Unsubscribe from marketing emails (footer link) or disable cookies (Section 6).
‌Portability‌: Request a machine-readable copy of your purchase history.
‌Lodge Complaints‌: Contact your local data protection authority.

‌5. Security Measures‌

‌Encryption‌: TLS 1.2+ for all data transmissions.
‌Access Control‌: Role-based employee permissions and biometric authentication.
‌Audits‌: Annual penetration testing by third-party cybersecurity firms.
‌Training‌: Mandatory GDPR/CCPA compliance workshops for staff.

‌6. Cookies & Tracking Technologies‌

‌Essential Cookies‌: Session management and cart functionality.
‌Analytical Cookies‌: Google Analytics 4 (anonymized IPs).
‌Marketing Cookies‌: Meta Pixel retargeting (manage via Cookie Preferences).

‌7. International Data Transfers‌

Data processed in our EU (GDPR-compliant) and US (Privacy Shield-certified) servers. Cross-border transfers utilize Standard Contractual Clauses (SCCs).