Green Floral Sign Eco Cosmetics Sustainable Beauty Logo (1)

PRIVACY POLICY

At khordadian.com, we are committed to protecting your personal data and safeguarding your privacy. This Privacy Policy outlines the ways in which we collect, use, and protect your information, and affirms our dedication to data protection standards in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data privacy laws. We employ a privacy-first approach to ensure transparency, security, and ethical data handling for all users who interact with our website and services.

1. SCOPE AND DATA CONTROLLER ROLE

This Privacy Policy applies to all personal data collected through khordadian.com and related communications, including user interactions, support queries, and commercial transactions. For the purposes of data protection laws, the data controller responsible for your personal information is the operator of khordadian.com. All inquiries related to data protection can be directed to [email protected].

2. CATEGORIES OF PERSONAL DATA PROCESSED

We may collect and process the following categories of personal data:

– Usage Data: Information about your browsing activity on khordadian.com, including browser type, IP address, referral source, time zone, access times, session duration, and pages visited.

– Account Data: Information required to create and maintain an account, such as full name, postal address, email address, and telephone number.

– Profile Data: Information regarding your preferences, user settings, past interactions with our services, product interests, and behavioral insights including purchase history.

– Communication Data: Records of any correspondence between you and us, including support requests, contact forms, email history, and chat sessions.

– Technical Data: Data derived from your device and operating environment, including your device type, operating system, screen resolution, language settings, internet service provider, and browser configurations.

– Transaction Data: Payment and billing information associated with purchases, such as transaction history, delivery addresses, and payment method details (note: we do not store credit card numbers on our servers).

– Preference Data: Information related to marketing preferences, newsletter opt-ins, customer survey responses, and expressed interests in specific products or services.

3. LEGAL BASES FOR PROCESSING

We process personal data pursuant to several legal grounds, in line with GDPR and CCPA frameworks:

– Contractual Necessity: Processing information to establish or fulfill a contract, such as order fulfillment or account management.

– Legitimate Interest: For example, analyzing site usage to improve performance, ensuring security, or preventing fraud, provided such interests are not overridden by your rights and freedoms.

– Consent: Where legally required or voluntarily provided, particularly for marketing communications, cookie tracking, or newsletter subscriptions.

– Legal Obligation: Where we are required to comply with applicable laws or respond to lawful requests by public authorities.

4. YOUR PRIVACY RIGHTS

Subject to applicable laws, you have the following rights concerning your personal data:

– Right of Access: To obtain confirmation of whether we process your personal data and, if so, access to that data.

– Right to Rectification: To correct inaccurate or incomplete personal data concerning you.

– Right to Erasure: To request deletion of your personal data where there is no compelling legal justification to retain it.

– Right to Restriction: To limit the processing of your personal data under specific circumstances.

– Right to Data Portability: To receive your personal data in a structured, commonly used, machine-readable format and have it transferred to another controller where technically feasible.

To exercise any of these rights, you may contact us at [email protected].

5. SECURITY MEASURES

We implement industry-standard security technologies and procedures to protect personal data, including:

– Data encryption during transit and at rest
– Access controls and authorization protocols
– Regular data backups and disaster recovery practices
– Ongoing staff privacy and security training programs
– Monitoring systems to detect and mitigate unauthorized access

While we strive to protect your information to the best of our ability, please note that no method of data transmission or storage is completely secure.

6. INTERNATIONAL DATA TRANSFERS

If we transfer your personal data outside of the jurisdiction in which you reside (including transfers from the European Economic Area to third countries), we implement safeguards required under applicable law. These may include the use of European Commission-approved Standard Contractual Clauses and compliance with regional data transfer frameworks.

7. DATA RETENTION

We retain personal data only as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Standard retention periods include:

– Usage and technical data: up to 24 months
– Account and profile data: until account deletion or inactivity of 36 months
– Transaction data: up to 7 years for legal compliance
– Communication data: up to 36 months from last contact
– Consent records and preference data: retained until updated or withdrawn

Following the applicable retention period, data is securely deleted or anonymized.

8. COOKIE POLICY

khordadian.com uses cookies and similar tracking technologies to enhance user experience, optimize performance, and enable functionality. The categories include:

– Essential Cookies: Required for website functionality, such as navigation and secure login.
– Functional Cookies: Support website enhancements and remember user preferences.
– Analytics Cookies: Collect aggregated statistical data to monitor and improve performance.
– Performance Cookies: Help us understand visitor interactions for optimization purposes.

Third-party services may also use cookies and are subject to their privacy policies.

9. COOKIE MANAGEMENT AND COMPLIANCE

Visitors to khordadian.com can manage their cookie preferences through a consent management interface displayed upon first visit. You may withdraw consent at any time via your browser settings or by contacting [email protected].

Our systems respect “Do Not Track” signals to the extent required by law, in line with CCPA obligations. Cookies requiring consent under GDPR are only set after obtaining valid user permission.

10. CHILDREN’S PRIVACY

khordadian.com is not intended for use by individuals under the age of 13. We do not knowingly collect personal data from children. If we learn that data has been provided by a child without verified parental consent, we will take appropriate steps to erase it promptly. Parents or guardians may contact [email protected] to request the deletion of any such data.

11. POLICY MODIFICATIONS

We reserve the right to modify or update this Privacy Policy at any time to reflect changes in our practices or legal obligations. When substantial changes are made, we will provide appropriate notice, such as updating the policy on our website and reaching out via email where feasible.

12. CONTACT US

For inquiries, concerns, or to exercise your privacy rights, please contact our data protection team at:

Email: [email protected]

For all questions related to privacy and personal data, we encourage open communication and prompt resolution.

13. COMPLIANCE STATEMENT

khordadian.com is committed to full compliance with all applicable data protection laws and regulations, including GDPR and CCPA. We value your privacy and invest continually in maintaining secure, transparent, and user-centric data practices. Should you have any privacy-related concerns, please contact us directly at [email protected].