Privacy Policy

Last updated: September 7, 2025

GDPR Compliance Statement

This Privacy Policy complies with the General Data Protection Regulation (GDPR) and outlines how we collect, use, and protect your personal data. We are committed to ensuring your privacy rights are respected.

1. Information We Collect

We may collect the following types of information:

  • Contact Information: Name, email address when you use our contact form
  • Analytics Data: IP address, browser type, pages visited (via Google Analytics)
  • Transaction Data: Payment information when purchasing products (processed by Stripe)
  • Communication Data: Messages you send to us

2. Legal Basis for Processing

We process your personal data based on:

  • Consent: When you submit forms or accept cookies
  • Contract: To fulfill purchases and provide services
  • Legitimate Interests: To improve our services and communicate with you
  • Legal Obligations: To comply with applicable laws

3. How We Use Your Information

We use your information to:

  • Respond to your inquiries and provide customer support
  • Process transactions and deliver purchased products
  • Send important updates about your purchases
  • Improve our website and services
  • Comply with legal obligations

4. Data Sharing and Third Parties

We may share your data with:

  • Stripe: For payment processing (PCI compliant)
  • Google Analytics: For website analytics
  • Resend: For email communications

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

5. Your Rights Under GDPR

Your Data Protection Rights

Right to Access

You can request a copy of all personal data we hold about you.

Right to Rectification

You can request correction of any inaccurate or incomplete data.

Right to Erasure ("Right to be Forgotten")

You can request complete deletion of your personal data.

Right to Restrict Processing

You can request that we limit how we use your data.

Right to Data Portability

You can request your data in a machine-readable format.

Right to Object

You can object to processing based on legitimate interests.

Right to Withdraw Consent

You can withdraw consent at any time where processing is based on consent.

6. How to Request Data Deletion

Delete Your Personal Data

To request complete deletion of your personal data, you can:

  1. Email us at [email protected]
  2. Include "Data Deletion Request" in the subject line
  3. Provide your email address for identification
  4. We will process your request within 30 days

Note: Some data may be retained for legal compliance (e.g., transaction records for tax purposes) as required by law. We will inform you of any data that cannot be deleted and the legal basis for retention.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encryption, secure servers, and regular security audits.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Analytics data is automatically deleted after 14 months.

9. Cookies and Tracking

We use cookies to improve your experience on our website. You can control cookie preferences through your browser settings. We use:

  • Essential Cookies: Required for website functionality
  • Analytics Cookies: Google Analytics to understand site usage

10. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, such as Standard Contractual Clauses, to protect your data.

11. Children's Privacy

Our services are not intended for children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our website or sending you an email.

13. Contact Us

For any questions about this Privacy Policy or to exercise your rights:

Data Protection Officer: Asghar Ali

Email: [email protected]

Response Time: Within 30 days of request

14. Supervisory Authority

If you are not satisfied with our response to your data protection concerns, you have the right to lodge a complaint with your local data protection supervisory authority.