1. Introduction
Welcome to ThatMakeup (“we,” “our,” “us,” or the “Company”). We are a cosmetics and beauty brand operating in Pakistan, committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy is designed to provide a comprehensive explanation of how we collect, use, disclose, and safeguard your information when you visit our website (www.shopthatmakeup.com) or use our services.
This Privacy Policy is in compliance with the Prevention of Electronic Crimes Act, 2016, the Electronic Transactions Ordinance, 2002, and other relevant Pakistani laws and regulations. By accessing or using our website, you expressly agree to the terms of this Privacy Policy. If you do not agree with our practices, please do not use our website or services.
2. Information We Collect
2.1 Personal Information:
We may collect personal information that you provide directly to us, including but not limited to:
– Full name
– Phone number
– Email address
– Billing address
– Shipping address
– Payment information (credit card details, bank account information)
– Date of birth
– Gender
– National Identity Card Number (CNIC) or other government-issued identification (when required for specific transactions)
– Profile picture (if you choose to upload one)
– Purchase history and preferences
– Customer service interactions
2.2 Non-Personal Information:
We may also collect non-personal information about your interaction with our website, such as:
– Browser type and version
– Operating system
– IP address
– Device information (including device identifiers)
– Pages visited and products viewed
– Time and date of visits
– Referring website addresses
– Search terms used to reach our website
– Click-through patterns
– Geolocation data (with your consent)
2.3 Information from Third Parties:
We may receive information about you from third parties, including:
– Social media platforms, if you choose to connect your social media account to our website
– Payment processors and financial institutions
– Shipping and logistics providers
– Marketing partners and advertisers
3. How We Collect Information
We collect information through various methods, including:
– Direct interactions when you create an account, place an order, or contact our customer service
– Automated technologies such as cookies, web beacons, and server logs
– Third-party sources as mentioned above
4. How We Use Your Information
We use the collected information for various purposes, including but not limited to:
– Processing and fulfilling your orders
– Creating and managing your account
– Providing customer support and responding to inquiries
– Improving our website, products, and services
– Sending transactional emails (e.g., order confirmations, shipping updates)
– Sending promotional emails and newsletters (with your explicit consent)
– Analyzing website usage, trends, and user behavior
– Conducting market research and surveys
– Preventing fraud and enhancing security
– Complying with legal obligations
– Resolving disputes and enforcing our agreements
– Personalizing your shopping experience
– Developing new products and services
– Processing returns and exchanges
5. Legal Basis for Processing
Under Pakistani law, we process your personal information based on the following legal grounds:
– Performance of a contract (when processing is necessary for the performance of a contract to which you are a party)
– Legitimate interests (when processing is necessary for the purposes of the legitimate interests pursued by us or a third party)
– Compliance with legal obligations (when processing is necessary for compliance with a legal obligation to which we are subject)
– Consent (when you have given clear consent for us to process your personal data for a specific purpose)
6. Consent
6.1 How we obtain your consent:
When you provide us with personal information to complete a transaction, verify your payment information, place an order, arrange for a delivery, or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
6.2 How to withdraw your consent:
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by mailing us at our address provided in the “Contact Us” section.
7. Information Sharing and Disclosure
We respect your privacy and do not sell, trade, or rent your personal information to third parties for their marketing purposes. However, we may share your information in the following circumstances:
7.1 Service Providers:
We may share your information with trusted third-party service providers who assist us in operating our website, conducting our business, and servicing you. These may include:
– Payment processors
– Shipping and logistics companies
– Customer service providers
– Marketing and advertising partners
– Analytics providers
– IT and cloud service providers
These service providers are contractually bound to use your information only for the purposes for which we disclose it to them and are required to maintain the confidentiality and security of your data.
7.2 Legal Compliance:
We may disclose your information to comply with applicable laws, regulations, legal processes, or enforceable governmental requests. This includes responding to lawful requests from public authorities, including to meet national security or law enforcement requirements.
7.3 Protection of Rights:
We may disclose information to protect our rights, property, or safety, and that of our users or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
7.4 Business Transfers:
In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your personal information.
7.5 With Your Consent:
We may share your information with third parties when we have your explicit consent to do so.
8. Data Security
We implement appropriate technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. These measures may include:
– Encryption of sensitive data in transit and at rest using secure socket layer technology (SSL).
– Regular security assessments and penetration testing
– Access controls and authentication mechanisms
– Firewalls and intrusion detection systems
– Regular software updates and patches
– Employee training on data protection and security practices
However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security. In the event of a data breach that compromises your personal information, we will notify you and the relevant authorities as required by Pakistani law.
9. Cookies and Tracking Technologies
We use cookies, web beacons, and similar tracking technologies to enhance your browsing experience and collect information about how you use our website. These technologies help us:
– Remember your preferences and settings
– Understand how you interact with our website
– Analyze trends and gather demographic information
– Provide targeted advertising
– Improve our website and services
You can manage your cookie preferences through your browser settings. However, please note that disabling cookies may limit your ability to use certain features of our website.
10. Your Rights and Choices
Under Pakistani law and this Privacy Policy, you have certain rights regarding your personal information:
10.1 Access and Correction:
You have the right to access and correct your personal information held by us. You can review and update your information by logging into your account or contacting us directly.
10.2 Deletion:
You may request the deletion of your personal information, subject to certain exceptions provided by law.
10.3 Data Portability:
You have the right to receive a copy of your personal information in a structured, machine-readable format.
10.4 Objection and Restriction:
You may object to or request restriction of the processing of your personal information under certain circumstances.
10.5 Withdraw Consent:
Where processing is based on your consent, you have the right to withdraw that consent at any time.
10.6 Complaint:
You have the right to lodge a complaint with the relevant data protection authority in Pakistan if you believe your rights have been violated.
To exercise these rights, please contact us using the information provided in the “Contact Us” section. We will respond to your request within a reasonable timeframe, not exceeding 30 days.
11. Children’s Privacy
Our website is not intended for children under the age of majority in Pakistan (18 years old). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will take steps to remove such information from our systems.
12. Third-Party Links and Services
Our website may contain links to third-party websites or services. We are not responsible for the privacy practices or content of these third parties. We encourage you to review the privacy policies of any third-party sites or services before providing any personal information.
Once you leave our website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.
13. Changes to This Privacy Policy
We reserve the right to modify this Privacy Policy at any time. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.
Your continued use of our website after the effective date of the revised policy constitutes your acceptance of the updated terms.
14. Retention of Information
We will retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include:
– The length of time we have an ongoing relationship with you
– Legal obligations to retain data for certain periods
– Statute of limitations under applicable law
– Resolution of disputes
– Enforcement of our agreements
When we no longer need your personal information, we will securely delete or anonymize it.
15. Data Transfer
Your information may be transferred to and processed in countries other than Pakistan. These countries may have different data protection laws than Pakistan. By using our website, you consent to the transfer of information to countries outside of Pakistan. We will take appropriate measures to ensure that your personal information remains protected in accordance with this Privacy Policy and applicable laws.
16. Marketing Communications
With your explicit consent, we may send you marketing communications about our products, services, and promotions. You can opt-out of these communications at any time by:
– Following the unsubscribe instructions provided in the emails
– Adjusting your communication preferences in your account settings
– Contacting us directly using the information provided in the “Contact Us” section
17. Text Marketing and Notifications
If we implement text marketing services, by providing your phone number and initiating a purchase or subscribing via our subscription form, you agree that we may send you text notifications (for your order, including abandoned cart reminders) and text marketing offers. You acknowledge that consent is not a condition for any purchase.
To unsubscribe from text marketing messages and notifications, reply with STOP to any mobile message sent from us or use the unsubscribe link we provide in our messages. Message and data rates may apply.
18. Compliance with Pakistani Laws
This Privacy Policy is designed to comply with applicable Pakistani laws and regulations regarding data protection and privacy, including but not limited to:
– The Prevention of Electronic Crimes Act, 2016
– The Electronic Transactions Ordinance, 2002
– The Pakistan Telecommunication (Re-organization) Act, 1996
– The Consumer Protection Act, 2019 (as applicable in different provinces)
We are committed to adhering to the requirements set forth by Pakistani authorities and will cooperate with regulatory bodies as required by law.
19. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Privacy Compliance Officer at:
ThatMakeup
E11 Markaz
Islamabad, 44000
Pakistan
Email: contactus@shopthatmakeup.com
Phone: +923 00 000 11 22
We will make every effort to respond to your inquiry promptly and address your concerns in accordance with applicable Pakistani laws.
By using our website, you acknowledge that you have read and understood this Privacy Policy and agree to its terms and conditions. This Privacy Policy constitutes a legally binding agreement between you and ThatMakeup.