Privacy Policy
1. Introduction
At Osh Bazaar (www.oshbazaar.com), we are fully committed to safeguarding the privacy and personal data of our users. Protecting your information is a fundamental part of our mission to provide a secure and trustworthy online shopping experience. We recognize the confidentiality and integrity of your data and commit to adhering to applicable data privacy regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of Policy and Data Controller Role
This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you interact with our website, oshbazaar.com, or engage with us through other means. Osh Bazaar, acting as the data controller for your personal information under applicable laws, determines the purposes and means of processing your data. This policy applies to all visitors, customers, and registered users of our services.
3. Categories of Data Processed
We process the following categories of personal information:
a. Usage Data
Includes data concerning your interactions with our website (e.g., pages viewed, referring and exit URLs, date/time stamps), IP address, browser type and version, operating system, and session length.
b. Account Data
Includes information you provide when creating an account, such as your full name, billing and shipping address, email address, phone number, and login credentials.
c. Profile Data
Includes preferences, past purchases, order history, and browsing behavior used to personalize your experience or recommend products.
d. Communication Data
Includes data from your correspondence with us, including customer service inquiries, chat transcripts, feedback, and contact history via email or support forms.
e. Technical Data
Includes information on the devices you use to access our site, such as device ID, hardware model, screen resolution, language settings, and system configurations.
f. Transaction Data
Includes records of completed and pending orders, payment card details provided to our third-party payment processors, and related delivery and billing information.
g. Preference Data
Includes your choices regarding marketing communications, product alerts, notification settings, and expressed areas of interest.
4. Legal Bases for Processing
We process personal data based on the following legal grounds:
– Consent: When you have given explicit permission for specific processing activities (e.g., subscribing to our newsletter).
– Contractual necessity: When processing is required to fulfill a contract with you (e.g., product purchases, order shipment).
– Legal obligation: When we are legally bound to process certain data (e.g., financial reporting, fraud detection).
– Legitimate interest: When we rely on our interest in operating and improving oshbazaar.com, provided such interests are not overridden by your individual rights.
5. Your Rights
You are entitled to the following rights under applicable data protection laws:
– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You can request correction of inaccurate or incomplete data.
– Right to Erasure (Right to be Forgotten): You can ask us to delete your data, subject to legal retention requirements.
– Right to Restrict Processing: You may request the restriction of specific data processing under certain circumstances.
– Right to Data Portability: You have the right to receive your data in a structured, commonly used, and machine-readable format and to transmit that data to another controller where feasible.
If you wish to exercise any of these rights, please contact us at [email protected].
6. Security Measures
We take data protection seriously and implement technical and organizational measures to ensure the confidentiality, integrity, and availability of your personal information. These measures include:
– End-to-end encryption in data transmission;
– Role-based access control to sensitive data;
– Regular system audits, patching, and threat monitoring;
– Secure data storage, including off-site encrypted backups;
– Mandatory data protection training for all staff.
Despite our efforts, no method of transmission over the internet or electronic storage can be guaranteed to be fully secure.
7. International Transfers
Personal data collected through oshbazaar.com may be transferred and processed in jurisdictions outside of your home country. Where such transfers occur, we ensure adequacy by:
– Relying on the European Commission’s Standard Contractual Clauses (SCCs) for international data transfers;
– Ensuring that receiving parties implement appropriate safeguards in accordance with GDPR, CCPA, or other applicable regulations.
8. Data Retention
We retain your personal information for only as long as necessary for the purposes outlined in this policy or to comply with legal, regulatory, or internal policy obligations. Specifically:
– Account, Transaction, and Communication Data are retained for up to 7 years after your last activity, in compliance with tax and regulatory requirements.
– Usage, Technical, and Profile Data are retained for a maximum of 24 months unless consent for personalization is renewed.
– Preference Data is retained for 24 months or until you withdraw consent, whichever is sooner.
9. Cookie Policy
We use cookies and similar technologies to collect data on your interaction with our website, enhance your browsing experience, and deliver relevant content. Cookies may include:
– Essential Cookies: Necessary for site functionality (e.g., shopping cart, secure login).
– Functional Cookies: Help personalize your experience (e.g., language or region).
– Analytics Cookies: Collect usage data for performance insights (e.g., Google Analytics).
– Performance Cookies: Track behavior to optimize site speed and performance.
10. Cookie Management and Compliance
You have the right to manage your cookie preferences at any time through our cookie consent manager or the settings in your browser. Under GDPR and CCPA, we obtain user consent before placing non-essential cookies. Third-party cookies are only enabled after consent is granted. You may also opt out of certain analytics and advertising tools via industry-supported opt-out mechanisms such as the Network Advertising Initiative (NAI) or Digital Advertising Alliance (DAA).
11. Children’s Privacy
Osh Bazaar does not knowingly collect or solicit personal information from children under the age of 13. If you are under 13, please do not use this website or provide any data to us. If we become aware that we have inadvertently collected data from a child under 13, we will delete it promptly. Parents or guardians who believe their child may have provided information should contact us at [email protected].
12. Policy Updates
We reserve the right to amend this Privacy Policy to reflect changes in legal requirements, operational practices, or new data processing activities. Any significant changes will be communicated via oshbazaar.com, and where appropriate, we will seek your renewed consent.
13. Contact
For any questions regarding this Privacy Policy, your personal data, or to exercise your rights under applicable data protection laws, please contact our Privacy Office at:
Email: [email protected]
Compliance Statement
Osh Bazaar is fully committed to processing your personal information lawfully, fairly, and transparently. We adhere to international privacy frameworks, including the GDPR and CCPA. If you have any concerns about your privacy or data protection at Osh Bazaar, we encourage you to reach out to us directly at [email protected] so we may resolve your inquiries promptly and respectfully.