Privacy policy
KH’YAAL (“we”, “our”, “us”) values your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our website www.alkhyaal.com (the “Site”).
1. The Information We Collect
When you make a purchase from our online store, we collect the personal information you provide, such as your name, billing and shipping address, email address, and payment details. This allows us to process your order, arrange delivery, and provide customer support. As you browse our website, we automatically receive your device’s Internet Protocol (IP) address. This helps us understand your browser, device, and operating system, which improves your shopping experience and our service. If you consent, we may also send you marketing communications about our brand, new launches, and special offers. You can unsubscribe from these at any time.
2. Your Consent
How We Obtain Your Consent: When you provide personal information to place an order, arrange delivery, or process a return, you consent to our collection and use of that information for those specific purposes. If we request your information for a secondary purpose, such as marketing, we will always ask for your explicit consent or give you a clear opportunity to decline. Withdrawing Your Consent: If you change your mind after opting in, you may withdraw your consent at any time. To do so, contact us at info@alkhyaal.com.
3. Legal Basis for Processing
Under UK data protection law, we rely on the following legal bases to process your personal data: Contract: to fulfil and deliver your order. Consent: when you opt into marketing or newsletters. Legal obligation: to comply with UK law (e.g., tax and accounting). Legitimate interests: to improve our services, prevent fraud, and ensure website security.
4. Disclosure of Information
We may disclose your personal information if required to do so by law, or if you violate our Terms of Service.
5. Data Retention
We only keep your personal information for as long as necessary: Order and transaction details: up to 6 years for tax and accounting purposes. Marketing subscriptions: until you unsubscribe or withdraw consent. Technical and browsing data: kept for shorter periods, depending on Shopify and analytics providers.
6. Third-Party Services
In general, any third-party providers we use (such as payment processors, Shopify, and shipping partners) will only collect, use, and disclose your information as needed to perform the services they provide to us. Some providers may be located in jurisdictions outside the UK. If you proceed with a transaction involving one of these providers, your information may become subject to the laws of that jurisdiction. Once you leave our website or are redirected to a third-party site, this Privacy Policy no longer applies. We encourage you to review the privacy policies of those providers.
7. Our Platform – Shopify
Our online store is hosted on Shopify Inc., which provides the e-commerce platform that allows us to sell our fragrances to you. Your data is stored securely through Shopify’s data storage, databases, and general application. Payment Processing: If you use a direct payment gateway to complete your purchase, Shopify stores your credit card data. This information is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS) and is stored only as long as needed to complete your transaction. After that, your payment data is deleted. All direct payment gateways adhere to PCI-DSS standards as managed by the PCI Security Standards Council, a joint effort of Visa, Mastercard, American Express, and Discover. These standards ensure the secure handling of your credit card information by our store and its service providers. For more information, you may review Shopify’s Terms of Service and Shopify’s Privacy Policy.
8. Data Security
We take reasonable precautions and follow industry best practices to protect your personal information from being lost, misused, accessed without authorisation, disclosed, altered, or destroyed. If you provide credit card details, the data is encrypted using SSL (Secure Socket Layer) technology and stored with AES-256 encryption. While no method of transmission over the Internet is 100% secure, we comply with PCI-DSS requirements and adopt additional security measures.
9. Cookies
We use cookies to enhance your browsing and shopping experience. Examples include: _session_id: Tracks your session (referrer, landing page, etc.). _shopify_visit: Records the number of visits. _shopify_uniq: Counts unique visits. cart: Stores details of your shopping cart. _secure_session_id: A unique secure session token. storefront_digest: Used if the store has password protection. You can manage or disable cookies through your browser settings, though some site features may not work as intended.
10. International Data Transfers
Because Shopify and some third-party providers may operate outside the UK, your information may be transferred internationally. When this occurs, we rely on safeguards such as Standard Contractual Clauses (SCCs) to ensure your data is protected in line with UK GDPR requirements.
11. Your Rights
Under UK GDPR, you have the right to: Access the personal data we hold about you. Request correction of inaccurate or incomplete data. Request erasure of your data (“right to be forgotten”). Restrict or object to processing of your data. Receive your data in a portable format. Withdraw consent (for marketing or optional services). To exercise your rights, contact us at info@alkhyaal.com. If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) at www.ico.org.uk.
12. Age of Consent
By using this site, you confirm that you are at least the age of majority in your country of residence, or that you have given us consent to allow any of your minor dependents to use this site.
13. Policy Updates
We may update this Privacy Policy from time to time. Changes take effect immediately once posted on this page. If we make significant changes, we will note them here so you understand what information we collect, how we use it, and under what circumstances it may be shared. If Khyaal is acquired or merged with another business, your information may be transferred to the new owners to ensure continued service.
14. Questions & Contact
If you have any questions, or wish to access, correct, or delete your personal information, please contact us at: Email: info@alkhyaal.com