Privacy Policy

PRIVACY POLICY

AND

COOKIE POLICY

GDPR Data Protection Officer:
Mallika Sanam

Email: [privacy@haimasarees.com]

IMPORTANT NOTE TO RESIDENTS OF THE EUROPEAN UNION AND THE UNITED KINGDOM: This privacy policy contains important information about your rights under the General Data Protection Regulation of the European Union and the equivalent laws of the United Kingdom (the “GDPR”). Please see our GDPR Notice below for more information about these rights.

This PRIVACY POLICY (this “Policy”) describes the kinds of information that HAIMA SAREES USA INC., a Virginia corporation, together with all of its employees, contractors and subcontractors, affiliated parties such as parents, subsidiaries, officers, directors, executives, and shareholders, and other related parties (“we;” “us;” “our;” the “Company;”) collects about our users (“you”). You are a Data Controller as to information that you receive from any person and transmit via the Website as further defined below, and a Data Subject as to your own information that you transmit via the Website as further defined below, within the meaning of the GDPR. By using Haimasarees.com, any of its related or affiliated domains, webpages, or sub-domains, or any other website that we own or operate, together with any native features thereof including our chat functions and other inter-user communication tools (or communication tools between you and the Company), or document upload/download functions, and all other such functionality whether native to your browser or via an app (collectively, the “Website”), you agree to this Policy. Your acceptance of each term and condition of this Policy is deemed a continuing acceptance, meaning that each time you access the Website, you accept the then-current version of this Privacy Policy, which was last updated February 9th, 2021.

The purpose of this policy is to explain how we ensure your privacy, what steps we take to prevent and mitigate the compromise of private information, what kinds of information we collect from you, what we do with that information, and how you may exercise certain of your rights under applicable data privacy laws related to that information. This policy identifies our data protection officer, and provides you with the information that you may need to contact our data protection officer.

All terms of this Policy and our Terms of Use apply whether you log in via a browser or through an app native to a mobile device or any other device. Browser-based logins may be further subject to the terms of service (however styled) of your chosen browser. When using a browser-based login, your browser is a third-party within the meaning of the GDPR. We do not and cannot collect or store information that you submit to your web browser but not to us (for example, if you enter text into a text field on a browser-based login page, but do not click the Submit button or otherwise execute a command to send that information to us).

Who is responsible for the Company’s data privacy compliance, and how do I contact that person?

The Company’s GDPR Data Protection Officer is Mallika Sanam (the “Protection Officer”). The Protection Officer may be contacted via email at [privacy@haimasarees.com], or by writing to us at:

HAIMA SAREES USA INC.

ATTN: GDPR

2201 Cooperate Way Ste. 600

Herndon, VA 20171-3005

You may complain to the GDPR Protection Officer if you think there is a problem with the way we are handling your data. You may also contact the GDPR Protection Officer in order to exercise any of your rights, including your “right to be forgotten,” under the GDPR.

What kinds of information do we collect about you?.

Any information that you enter into any text field on the Website will be collected by the Company for internal use except where noted otherwise in this notice. Any product descriptions, text, reviews, purchases, returns or requests for refunds, emails, customer service inquiry, images, video, links, files of any type, or any other content, including subscriptions, events that are created and invitations to events, any communications made via the Third-Party Platforms as further defined below whether or not mediated by an API, or any other information or artifice of communication of any kind whatsoever (collectively, and without limiting the generality of the foregoing, “Content”) that we post onto or remove from the Website or that you submit to the Company will be collected for internal purposes. We collect, store, and process any information, whether or not constituting Content, that you submit to the Company in any form, including via email. We collect, store, and process any information that is sent to our GDPR Compliance Officer, as further defined below, for purposes of complying with the actual or stated intent of any requests received that are within the responsibilities of the GDPR Compliance Officer, and for internal purposes including tracking the frequency of different GDPR requests and ensuring the suitability of internal compliance protocols.

We may track items that you place in your cart or that you view in order to optimize your shopping experience. Please see our Cookie Policy for information about how and why we use Cookies.

Information that you enter into the Website at the point of account creation will be stored by us and used to create a customer profile for you, except that we do not store passwords locally. If you lose your password, you may request a password reset. We cannot provide you with your current password because we do not know it.

Information that we request at the time of account creation may include an email address and other contact information, your name, a display name, and a profile picture. The Company maintains records of its customer profiles to facilitate quick or automatic logins by customers, for purposes of counting the number of its customer profiles, and so that the Website and the Company can remember this information for future visits to the website. Please see our Cookie Policy below for more information about what information we collect and use to expedite Website functions.

If you delete your account, the company may retain your profile information for future use, including for counting the number of customer accounts that have been deactivated.

We also collect information about your uses of the Website. This includes information about the Content that you view while using the Website. We collect information about how long you use the Website. We may collect certain non-personal information about your Website usage, such as an IP address or similar information. Please see below for more information about the kinds of non non-personal information that we collect about you.

If you make any purchases through the Website or purchase any of our products or services, we will collect your payment information for purposes of completing that transaction and maintaining a customer profile for you. We do not store payment information locally. If your Browser collects or stores payment information, your Browser may input that information automatically. Your use of Browser functionality to interact with the Website is at your own risk and may be subject to Browser terms and conditions.

What are our responsibilities to the third parties?

Third-party affiliates including owners, employees, contractors or subcontractors, shareholders, executives, officers, members, directors, agents, parent or subsidiary entities, co-venturers or joint venturers, or other related parties are known in this Agreement as “Affiliates.” Your use of the Website to engage with your Affiliates (for example by resale or drop-shipping our products to Affiliates) does not create any relationship of any kind, including privity of contract, between the Company and your Affiliates. Where these rules apply only to Affiliates of the Company, they are referred to as “Third-Party Platforms.”

The Company makes no representations or warranties of any kind to your Affiliates regarding the collection, use, or processing of any information (whether or not constituting Content) to your Affiliates. Any information of, or created by, your Affiliates that the Company receives from you shall be deemed your information for purposes of this Privacy Policy.

Your permissive use of any API provided by Third-Party Platforms does not constitute a permissive use of the Website. It is possible that conduct that would be permissible under the terms of service of Third-Party Platforms may be impermissible under our Terms of Service, and vice versa. The Company does not and cannot enforce any terms of service (however styled) created by Third-Party Platforms. Any use of such APIs constitutes an acceptance of our Terms of Use and this Privacy Policy.

Any person, including an Affiliate, who uses a Third-Party Platform APIs as a direct or incidental result of your use of the Website (for example, a user who engages in a Zoom call scheduled or coordinated through the Website) shall be deemed to have accepted our Terms of Use and this Privacy Policy.

To the extent that they receive any information from you on account of your use of the Website (including use of the Website or a Third-Party Platforms mediated by an API), all such Third-Party Platforms are third parties within the meaning of the GDPR.

 
What kinds of non-personal information do we collect about you?

The Company collects certain non-personal information about you. By “non-personal information,” we mean information about you that cannot be used, and is not stored, in a way that can identify you personally. This information may also be known as “pseudonymous” information.

The Website will collect information about your location based on your IP address. An IP address is a user-supplied identifier that allows the Company to know, in general terms, where its users are located. An IP address is not the same as a physical address, and is not the same as either your shipping address or your billing address, if applicable.

The Company uses your IP address for internal purposes such as knowing which countries provide certain percentages of its users. The Company does not distribute your IP address to any other person. The Company does not verify your IP address or connect it to your shipping or billing address for purposes of checkout if you purchase any products or services from us. Your IP address is not and cannot be used by the Company to identify you personally. The Company’s web host will also know your IP address for purposes of logging visits to the Website from your IP address and for preventing distributed denial-of-service attacks, which are disruptive attacks on websites caused by very large numbers of simultaneous visits to the Website.

The Company collects information about users such as the number of users visiting the Website at any given time, the times during which visitors visit the Website, the length of time that users use the Website, which pages they visit, which products they order, and what other actions they take while using the Website. This information is collected by the Website and is provided in an anonymized form to the Company’s data analytics provider, which is Google Analytics  (the “Data Analytics Provider”). This information is used by the Company to track the engagement, general geographic origin, and headcount of its users. This information is combined together to provide general demographic information on the Website’s users. This information is not and cannot be used to identify you specifically.

The Data Analytics Provider is a third-party processor for purposes of the GDPR.

What information does the Company share with other users about you?

The Company provides opt-in functionality that allows you to look up and connect with other users via the Website. Your ability to look up other users, and to be looked up by other users, is subject to your manually opting in to visibility to other users. If you so opt, you represent and warrant that you consent to the public display of certain of your account information including your name and contact information, that you consent to the Company’s allowing any Website user to look up that information through a text field search tool, that you consent to the Company’s using auto-complete or other suggestive fill-in information to collect and transmit certain of your profile information including your name and contact information to other users, and that you expressly indemnify and hold harmless the Company for any use or misuse of such functionality. Look-up functionality and your consent to the public display of any of your profile information anywhere on the Website is at your own risk. All Website functionality is “as-is.” We do not make any representations or warranties to any person, including you, as to the accuracy or completeness of any information, whether or not construed as Content, that you transmit to us or that you post to the Website or transmit via the Website or a Third-Party Platform.

What does the Company do with payment information?

The Company’s Third-Party Platforms may include payment processing tools or merchant services providers (all such payment platforms, without limiting the generality of the foregoing, “Merchants”). The use of any Merchant is subject to the terms of service and privacy policies of that Merchant. The Company does not collect or store payment information except for the express and limited purpose of verifying submitted payment information to enable checkout. The Company does not store your credit card information or other information, including any of your native login credentials to a Merchant.

Any payment information that is transmitted to us through the Website is transmitted via a token system. Payment information is reduced to a pseudonymous token, transmitted to the Merchant, who confirms to us whether or not payment is successful. The Company collects and processes information related to the success or failure of payments for the purpose of effectuating fulfillment of any order or purchase, and where applicable, will also collect and process information related to your shipping or billing address for the express and limited purpose of verifying successful payment and effectuating fulfillment of any order or purchase (such information shall be deemed Content hereunder).

The Company cannot remind you of lost or forgotten payment information because the Company does not know it.

How is your information shared?

We do not share your information with third-parties except for the Fulfillment Partner and except to the express and limited extent that your use of a Third-Party Platform, via an API or otherwise, may necessitate the sharing of certain of your information (such as your IP address) via the Third-Party Platform’s API.

When you place an order through the Website, all fulfillment (including pulling, packing, and shipping) are handled through our third-party shipping affiliate (the “Fulfillment Partner”). The Fulfillment Partner is an Affiliate of the Company. The Company shares all information with the Fulfillment Partner that you submit at the time of an order, including your shipping address, except that the Company does not share payment information with the Fulfillment Partner.

If you use the Website to schedule conferences, meetings, video or audio calls, or any other communication, where such communication takes place via a Third-Party Platform, such information may be accessible to the Company. The Company does not record, store, or otherwise process audio or video calls, or similar meetings, except to the express and limited extent that the Company may process information of a general nature about such calls including the time and date of such calls, participants invited to such calls or meetings, the duration of such calls or meetings, and other information native to the call or meeting event having no relation to the content (whether or not constituting Content) of such calls or meetings.

We will also respond to a valid subpoena or other valid governmental requests for information. If we receive a valid subpoena or other valid governmental request for information about you, we may not disclose this request to you.

If we elect to provide for integration with other third-party apps or other services with the Website, we may share your Content or other information with those third-party apps or other services depending on their own terms and conditions. We will not share your information with any third-party apps or other services without first informing you.

If we have a good-faith belief that a user has posted Content or otherwise used the Website in a way that makes us believe that a user has engaged, or is about to engage, in criminal activity or other serious wrongdoing, we may share that information with the relevant authorities. If we do so, we may not inform you when we share that information.

Cookie Policy

The Website uses cookies. Cookies are small files that the Website places in your browser in order to track your activity across multiple separate pages within the same instance of the Website. For example, if you navigate to a sub-page of the Website with a fillable form that you then submit, a cookie will be used to connect the browser activity that filled that form with the browser activity that acknowledges our receipt of the same form. Cookies are used to maintain consistency across a session of Website use. Please contact us at [privacy@haimasarees.com] for more information about our Cookie policy and for information about our Cookie Policy. You may instruct your browser not to accept, or to delete, Cookies. The Website may become unstable or suffer diminished functionality if you delete or prevent the use of Cookies.

NOTICE TO RESIDENTS OF THE EUROPEAN UNION AND THE UNITED KINGDOM

Nothing in this notice should be construed as amending, modifying, replacing, or otherwise affecting the terms and conditions of any transactions between you and the Company, except that to the extent any such terms and conditions are inconsistent with the General Data Protection Regulations of the European Union and the equivalent rules of the United Kingdom and any other applicable jurisdiction (altogether, the “GDPR”) those terms and conditions are VOID.

Instructions For Exercising Your Right To Instruct Us To Forget Your Information

The GDPR provides a generalized “right to be forgotten,” meaning that you have the right to instruct us to delete any and all information that the Company, the Website, or any of the third parties collects about you. Please contact us by email at [privacy@haimasarees.com], by phone at in order to instruct us to forget any or all of the information that the Company, the Website, or any of the third parties collects about you. You may delete your profile entirely in the settings. This withdraws your consent from our policies. Per the GDPR, we may up to 24 hours to process any withdrawn consent. You may download a copy of the personal data you have provided through the controller in the settings. Any further subject access requests must be directed via email to privacy@haimasarees.com.

The Model GDPR Clauses Apply to this Policy. Except where expressly stated to the contrary, the Model Clauses of the GDPR apply to this Privacy Policy.

We will follow instructions received from our you pertaining to your rights under the GDPR or any other similar law. You are a “Data Controller” within the meaning of the GDPR. With respect to personal data, we follow instructions that we receive from you, including your instruction to provide you with a machine-readable copy of all information about you that we store or process, and including your instruction to us to “forget” such information, unless those instructions are (i) legally prohibited or (ii) require material changes to the Software. In addition, we will reasonably support any Data Controller in addressing requests from other Data Controllers or regulatory authorities regarding our processing of personal data. If we cannot comply with an instruction or if there is a user-billable cost to comply with the instruction, we will promptly notify you.

To process personal data, we and our sub-processors will only use personnel who are bound to observe data secrecy under the Data Protection Law. We will use the appropriate technical and organizational measures to meet this objective.

YOUR CALIFORNIA PRIVACY RIGHTS        
This Privacy Policy describes how we may share your information for marketing purposes. You may contact us with any questions and, to the extent applicable, to request a list of third parties to whom we may disclose information for marketing purposes and the categories of information we may disclose. Users under the age of 13 who are subject to the laws of the State of California may not use the Website. If you are under the age of 13, or if you are contacting us on behalf of someone who is under the age of 13, please contact us at [privacy@haimasarees.com].