1. Introduction
2. Information We Collect
Identity Data: First name, last name, and social media handles (if used for ordering).Contact Data: Billing address, delivery/shipping address, email address, and telephone numbers.Measurement & Design Data: Body measurements (e.g., chest, waist, inseam), height, weight, photos taken for fitting purposes, and specific style preferences or fabric choices.Financial Data: Payment card details (processed via secure third-party gateways), M-Pesa transaction codes, and bank account details for refunds.Sensitive Personal Data: In rare cases, we may note specific physical characteristics strictly relevant to the construction of your garment (e.g., posture adjustments or mobility aids that affect clothing fit).
IP address. Browser type and version. Products viewed and pages visited. Date, time, and duration of visits. Device information (mobile or desktop).
3. Lawful Basis for Processing
Performance of a Contract: To fulfill tailoring orders, alterations, and product deliveries.Legal Obligation: To comply with tax laws (KRA) and business record-keeping regulations.Consent: To send marketing communications regarding new collections where you have opted in.Legitimate Interests: To improve our designs, manage customer relationships, and prevent fraud.
4. How We Use Your Information
Service Delivery: Designing, cutting, sewing, and altering garments to your specific measurements.Communication: Sending order confirmations, fitting schedules, invoices, and delivery updates.Payments: Processing transactions and issuing receipts.Logistics: Facilitating the delivery of finished garments to your location.Marketing: Sending lookbooks, newsletters, and promotions only where consent has been given. You may opt out at any time.
5. Disclosure to Third Parties
Logistics Partners: Courier and delivery companies (e.g., G4S, Wells Fargo, Boda Boda riders) to deliver your items.Payment Processors: Secure payment gateways such as M-Pesa (Safaricom), PesaPal, or Stripe.Government Authorities: Kenya Revenue Authority (KRA) for tax compliance purposes.Sub-Contractors: Specialized artisans (e.g., embroiderers) who assist in production, bound by confidentiality agreements.
6. Data Retention Policy
Financial Records: Seven (7) years to comply with Kenya Revenue Authority requirements.Measurement Data: Retained for a reasonable period to facilitate future orders without needing re-measurement, unless you request deletion.Marketing Data: Until consent is withdrawn.
7. Data Security
Physical Security: Client files and pattern records are stored in secure locations.Digital Security: SSL encryption for online data transmission and password-protected databases.Access Control: Restricted access to authorized staff (tailors and admin) only.Breach Notification: Any data breach will be reported to the Office of the Data Protection Commissioner (ODPC) within 72 hours, as required by law.
8. Your Rights as a Data Subject
Access: Request a copy of your personal data (response within 7 days).Rectification: Request correction of inaccurate data (e.g., updated measurements or address) within 14 days.Erasure: Request deletion of data where no legal obligation to retain exists.Withdraw Consent: Opt out of marketing communications at any time.
9. Cookie Policy
Essential Cookies: Required for the shopping cart and checkout functions.Analytical Cookies: Used to analyze site usage.Functionality Cookies: Enhance user experience (e.g., remembering your size preferences).
10. Children’s Privacy
11. Contact and Complaints
If you believe your rights have been violated, you may lodge a complaint with: