Wow Fashions — Privacy Policy

Effective Date: October 13, 2025

Entity: Wow Fashions FZ-LLC (“Wow Fashions,” “we,” “our,” “us”) Scope: This Privacy Policy explains how we collect, use, disclose, transfer, secure, and retain personal data when you visit or use our website, mobile applications, or related services (the “Platform”), or when you purchase our products and services. It also explains your rights and choices. This Privacy Policy works together with our Terms & Conditions, Shipping Policy, and Refund & Return Policy (collectively, the “Policies”). Where the Policies intersect (e.g., delivery timelines, return windows, try-on disclaimers, or risk of loss), the applicable policy section governs that subject matter.

1) Who We Are & How to Contact Us

For questions about this Policy or your data rights:

• Customer Care (orders/shipping/returns): [email protected]

• Privacy/Data Rights: [email protected] (for access/correction/erasure/objection/portability requests; we aim to respond within applicable legal timelines).

2) Personal Data We Collect

• Identity & Contact Data: name, email, phone, billing/shipping addresses, account identifiers.

• Order & Transaction Data: items purchased, order IDs, payment method tokenization/last-4 (stored by payment providers), price, currency, taxes/duties, delivery confirmations. (Payments are processed by third-party gateways/BNPL providers; see §8.)

• Logistics & Fulfillment Data: courier tracking numbers, delivery attempts/statuses, reroute requests, remote-area flags, delivery confirmations (risk of loss passes at courier-confirmed delivery).

• Preference & Design Inputs: measurements, fabric/design selections, notes to designers, Try-On/Visualizer previews or approvals (illustrative only; not a guarantee).

• Customer Support Data: communications via email, forms, or in-app chat (including media you provide as defect/damage evidence for returns).

• Technical & Usage Data: device/browser data, IP address, timestamps, session IDs, app events, cookies/SDK identifiers (see §10 Cookies).

• Marketing & Communication Data: newsletter opt-ins, campaign interactions, coupon usage, referral/affiliate events.

• AI-Assisted Feature Signals: interactions with AI-assisted previews/visuals or copy used for marketing and personalization.

We do not intentionally collect children’s data; the Platform is intended for users 18+.

3) Purposes & Legal Bases for Processing

• Order Lifecycle & Contract Performance: accept and fulfill orders; process payments; craft and ship goods; provide tracking; manage returns/refunds/adjustments; verify QC. Legal basis: contract performance; legitimate interests (efficient operations, fraud prevention).

• Customer Support & Safety: resolve delivery issues, measurement queries, defects/damage cases; verify identity; contact you about changes/updates. Legal basis: contract performance; legitimate interests; compliance.

• Customization & Try-On/Visualizer: facilitate conceptual previews and designer collaboration; document approvals/disclaimers (Try-On/Visualizer outputs are illustrative only and not a guarantee). Legal basis: contract performance; legitimate interests.

• Marketing & Personalization: send service/transactional messages; provide marketing with your consent where required; operate loyalty/offers; measure and cap frequency. Legal basis: consent (where required); legitimate interests.

• Security, Fraud Prevention & Compliance: detect and prevent fraud/abuse; comply with legal obligations; manage risk of loss at delivery confirmation. Legal basis: legitimate interests; legal obligation.

• Service Improvement & Analytics: improve product quality, app/website performance, and UX (including cookie-based analytics). Legal basis: legitimate interests; consent where required.

4) Data Minimization & Accuracy

We collect only the data reasonably necessary for the purposes above and take steps to keep it accurate and up to date (e.g., allowing address changes within the defined window before “Ready to Ship”).

5) Disclosures & International Transfers

• Payment Gateways/BNPL Providers: for secure payments, refunds, and fraud checks. We don’t store full card data.

• Logistics Partners & Couriers: for pickup, customs, and delivery attempts; remote-area handling; return shipments. (Transit times are estimates, not guarantees.)

• Customer Support & QC Vendors: to manage tickets, verify defects/damage, coordinate adjustments, and process returns/refunds.

• Cloud Hosting/IT Providers & Analytics: to run the Platform and features (including cookies/SDKs).

• Regulators/Authorities: for customs clearance (customer identification may be required), tax or legal compliance, fraud investigation.

Cross-Border Transfers: Where data is transferred outside your country, we use appropriate safeguards (e.g., contractual clauses) and limit access to a need-to-know basis.

6) Retention

We retain data only as long as necessary for the purposes above, including:

• Order/contract records and tax/compliance data (as legally required);

• Warranty/QC evidence (e.g., return photos/videos retained for the return window and reasonable audit period);

• Marketing preferences until you opt out or withdraw consent;

• Dispute/litigation holds where applicable.

After retention ends, data is securely deleted, anonymized, or archived where deletion is not feasible.

7) Your Rights

• Access your data and request a copy;

• Rectify inaccurate or incomplete data;

• Erase data (where no longer needed or if consent is withdrawn, subject to legal/contractual limits);

• Object/Restrict certain processing (e.g., direct marketing);

• Portability for data you provided to us;

• Withdraw Consent where processing is based on consent;

• Complain to a competent supervisory authority.

To exercise rights, contact [email protected]. We may request verification to protect your account.

8) Payments & BNPL

Payments are processed by third-party payment gateways or BNPL providers under their own terms and privacy notices. We receive limited payment status signals (e.g., authorization/settlement) and do not store full card data. Refunds are paid to the original method unless wallet credit is chosen, consistent with our Refund & Return Policy.

9) Shipping, Returns & Evidence Handling

• Shipping & Delivery: We share your contact and address data with couriers to deliver your order; delivery timelines are estimates, not guarantees. Risk transfers upon courier-confirmed delivery.

• Returns/Adjustments: When you initiate a return/exchange or request adjustments, we process your reason, photos/videos, and scheduling data to evaluate eligibility and perform QC (typically within 3–5 business days of receipt).

• Charges/Deductions: Where applicable (e.g., refused/undeliverable parcels), we process deductions per policy.

10) Cookies, SDKs & Similar Technologies

We use cookies/SDKs for:

• Essential Operations: account login, cart, checkout, security;

• Analytics & Performance: to understand usage and improve UX;

• Marketing/Personalization: to show relevant content or offers with your consent where required.

Your Choices: You can manage cookies in your browser or device settings. Where legally required, we present consent banners. You can opt out of marketing anytime via unsubscribe links or account settings.

11) AI Disclosures (Marketing Visuals, Copy & Previews)

We use AI-assisted tools in several places to make our brand and content more appealing, relatable, and effective for marketing (e.g., copywriting, translations, recommendations, visual concepts, Try-On/Visualizer approximations). Such content is illustrative and provided “as is” for guidance. It does not amend product specifications or create guarantees; handcrafted outcomes can vary. (For Try-On/Visualizer, visual differences alone are not defects or return grounds.)

We respect your privacy/cookie choices and obtain consent where required. You may opt out of marketing personalization via account settings/email links.

12) Security

We implement administrative, technical, and physical safeguards appropriate to the nature of the data, including least-privilege access controls, encryption in transit where supported by providers, tokenized payments through gateways, and vendor due diligence. No online service can be 100% secure; you are responsible for protecting your credentials and devices. (We may suspend accounts for suspected fraud or abuse.)

13) Data Breach & Incident Response

If we become aware of a data breach affecting your personal data, we will investigate promptly, take steps to mitigate harm, and notify you and/or authorities where required by law, including information on what happened, likely consequences, and measures taken.

14) Special Processing Notes

• Customs & Duties: Certain countries’ customs may require identity verification for release; responsibility for duties and compliance lies with the customer.

• Proof of Defect/Damage: To evaluate claims, we rely on images/videos submitted within the relevant window (e.g., within 2 days of delivery).

• Designer Discretion: Where you opt for “Designer Adjust Design Colors,” aesthetic preferences/variations do not constitute defects.

15) Third-Party Links & Services

The Platform may link to third-party sites or services. Their privacy practices are governed by their own policies; we encourage you to review them.

16) Changes to This Privacy Policy

We may update this Policy periodically to reflect changes in laws, technologies, or our practices. The version effective at the time of your purchase or interaction applies to that order/interaction. Material changes will be communicated via the Platform and/or email, consistent with our Terms.

17) Jurisdiction & Complaints

This Policy is governed by UAE law (and relevant free-zone regulations if applicable). You may lodge a complaint with a competent data protection authority. We welcome the opportunity to resolve concerns directly—please write to [email protected] first.