Last updated: 4th November 2023

Zaini and your personal data

This is Zaini’s Privacy Policy. It sets out how we collect and process your personal data, what we use it for, and gives you important information on how you can amend information we hold on you such as amending or removing consent for marketing communications or updating your personal details. If you have any queries about this policy or how we handle any personal data you provide to us, please contact us using the details provided at the bottom of this document.

“Personal Data” is any data that identifies you. The Personal Data which you supply to us you agree will be true. We will deal with your Personal Data in compliance with the current UK & EU data protection legislation, which includes the EU General Data Protection Regulation (GDPR). Please note this applies only to services which we operate and control and not to other companies’ or organisations’ websites to which we may link. For such external services or sites please see their Privacy Policies to understand how they might be handling your data.

Who is Zaini?

Zaini and Zaini Hats are trading names of Zaini Lifestyle Ltd, registration number 15204492, with registered address: Mcgills Oakley House, Tetbury Road, Cirencester, Gloucestershire, England, GL7 1US.

Who controls your data?

The Data Controller is Zaini Lifestyle ltd, registration number 15204492, with registered address: Mcgills Oakley House, Tetbury Road, Cirencester, Gloucestershire, England, GL7 1US.

Our Purpose for Collecting and Processing Personal Data

Some data is required in order to operate our services to you, and conduct sales transactions. We may also be required to hold certain information for legal compliance, law enforcement or contractual purposes.

Our intention is to provide the best possible experience for our customers. We collect and process data in order to process sales, understand who our customers are, send them appropriate and relevant information, track the performance of our store, and to help provide and improve our services as a whole.

Legal Basis

Data protection laws set out a number of valid reasons for the collection and processing of personal data. These include: Consent, such as ticking a box to opt-in to receive marketing emails from us; legitimate Interest; compliance with the law; and, to fulfil contractual obligations.

What Data We Collect

When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information”.

We collect Device Information using the following technologies:

- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.

- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.

- “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.

Additionally, when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers), email address, and phone number. We refer to this information as “Order Information”.

When we talk about “Personal Information” in this Privacy Policy, we are talking both about Device Information and Order Information.

Your data is required in order to process and delivery sales made via our website or at physical locations.

When entering competitions, we collect personal data like your contact information in order to administer the competition, for example to ensuring age restrictions are adhered to and in order to notify winners. Consent for marketing communications is sought on an opt-in basic.

We may collect electronic data such as IP addresses or device information when you use our website in order to monitor the performance and improve quality. However, the data will only be disclosed on an anonymous and aggregated basis not in a way in which you will be personally identified, unless consent to the contrary has been given.

We do not currently employ any automated decision-making tools.

We use the Order Information that we collect generally to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to: Communicate with you; Screen our orders for potential risk or fraud; and  When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.

We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).

Cookies

You can control whether your computer accepts or rejects cookies by default, or to tell you when a site tries to save a cookie on your computer, by adjusting your browser setting. Cookies can also be manually deleted. 

The following third party cookies from the following services may be set when visiting this site: Clarity.Ms, Facebook, TikTok, Doubleclick.net, Google and Klaviyo. 

Use of personal Data for Marketing Communications

We only send post, email, text messages and mobile notifications to you about news and services that we consider may be of interest to you only if you have given us permission to do so or if appropriate where we consider there to a legitimate interest in the information.

If you have agreed to be contacted by telephone, calls may be monitored and recorded for quality and training purposes.

Electronic notifications may be sent to you via your internet browser if you have given consent for us to do so. If you subsequently wish to remove consent for these you can do so following the instructions provided by your internet browser software.

Who Controls or Has Access to the Data?

Personal data may be accessed and processed by staff at Zaini. The use of personal data will remain under the control of Zaini at all times operating as the Data Controller. We will not sell your data to other companies without your explicit permission.

We use selected third parties, called Data Processors, to help operate our services which include, for example, email system or database providers. When employing Data Processors, we ensure that they comply with data protection laws including ensuring that data is held securely and that only the information required to complete the work is supplied to them. If we stop using a particular Data Processor’s services we require that personal data held by them is securely deleted or anonymised.

In compliance with the law we may be obligated to disclose Data about you to a law enforcement agency or by a court order.

Personal Data is held and processed only within the EU.

Data subjects have various rights in relation to accessing and amending the data companies hold on them under GDPR. More information on how to do this can be found later in this document.

Your personal data is not shared with other companies for their own purposes unless specifically stated at the time of collection and you have given your permission.

Our website runs on the Shopify platform. You can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy

We also use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

 

Retention Period & Criteria

We only keep personal data for as long as necessary for the purpose for which it was collected or to comply with legal, contractual or law enforcement purposes.

Data held on our marketing database is regularly cleansed and deleted.

When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.

Security

We endeavour to take all reasonable steps to protect your personal information. However, we cannot guarantee the security of any data you disclose online. You accept the inherent security risks of providing information and dealing online over the Internet and will not hold us responsible for any breach of security unless this is due to our negligence or wilful default.

Do not track

Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.

Data Subject’s Rights

Data subjects have a number of rights which we recognise and uphold. These include: The right to be informed about how we collect and process your personal data which is detailed in this document; The right to access this information; The right to rectify or erase data; The right to restrict the processing of data; The right to data portability; The right to object; and, rights relating to automated decision making and profiling. Data subjects also have the right to lodge complaints with the Information Commissioners Office and the right to withdraw consent.

How do I access or amend my data?

Please contact us using the details found in the footer at the bottom of this page.

How do I remove myself from your mailing list?

If you want to be removed from our marketing mailing list, please use the unsubscribe link in all of our emails, or contact us using the details found in the footer at the bottom of this page.

Opting out of marketing communications will be honoured unless a later opt-in is received for the same contact details.

If you would like request we delete your data completely please email us using the contact details at the bottom of this page.

Changes to this Privacy Statement

We will occasionally update this Privacy Statement and when we do, we will also revise the “last updated” date at the top of this document.

Identity and Contact Details

Data Controller: Zaini Lifestyle Ltd.

For more information about our privacy practices, if you have questions, please contact us by e‑mail at info@zaini.com or by mail using the details provided below: 

Zaini, Unit 2, Orchard Court, Orchard Trading Estate, Toddington, GL54 5FY.