1. GENERAL INFORMATION
Here you can find some general information about us and our website.
1.2 Data controller. The Website is owned and operated by Kassim (Pvt.) Ltd. having a registered business address at Plot no. 152-153, 183-186 Naclas 90, Deh Khanto, National Highway, 75100 Landhi, Pakistan (“we”, “us”, or “our”).
1.3 Minors. The Website is not intended for use by persons under the age of 18. Therefore, we do not knowingly collect personal data belonging to persons younger than 18. If you become aware that such a person has provided us with his or her personal data and you are a parent or a legal guardian of that person, please contact us immediately and we will remove child’s personal data from our systems.
2. WHAT DATA DO WE COLLECT?
Here we explain in detail what personal data we collect from you, for what purposes we use it, what technical data is collected automatically when you use the Website, and how we communicate with you.
- User account. When you register your user account, we collect your email address and password. If you choose to sign up by using your social media account (Facebook or Google), we will have access to your public profile information like your name, email address, or image (please note that you can adjust your privacy settings to limit the data available to us). We use the said information to register and maintain your user account, enable your access to the Website, provide you with the requested services, contact you, if necessary, and maintain our business records. The legal bases on which we rely are ‘performing a contract with you’ and ’pursuing our legitimate business interests’ (i.e. operate, analyse, grow, and administer the Website). We will store this data until you delete your user account.
- When you make an order on the website (if this functionality is available), we collect your name, address, phone number, and email address. We use this information to process your orders, deliver you your orders, and maintain our business records. The legal bases on which we rely are ‘performing a contract with you’ and ’pursuing our legitimate business interests’ (i.e. administer our business). We will store this data until you delete your user account, unless we need to keep our business records for the time period required by law.
- When you make a payment for your order, we collect your email address, credit card details, name card, and billing address. We use such information to process your payments and maintain our business records. The legal bases on which we rely are ‘performing a contract with you’ and ’pursuing our legitimate business interests’ (i.e. administer our business). We will store this data until the time period for which we have to keep our accountancy records expires.
- When you contact us by email, we collect your name, email address, and any information that you decide to include in your message. We use such data to respond to your enquiries and provide you with the requested information. The legal bases on which we rely are ‘pursuing our legitimate business interests’ (i.e. to grow and promote our business) and ‘your consent’ (for optional personal data). We will store this data until you stop communicating with us.
- If you subscribe to our newsletter by completing the form available on the Website, we collect your email address. We use it to deliver your newsletter. The legal basis on which we rely is ‘your consent’. We will store this data until you unsubscribe.
- IP address. When you browse the Website, we or our third-party analytics service providers (as explained in below) collect your IP address. We use your IP address to analyse the technical aspects of your use of the Website, prevent fraud and abuse, and ensure the security of the Website. The legal basis on which we rely is ‘pursuing our legitimate business interests’ (i.e. to analyse our business and protect the Website). We will store this data as long as analytics records are necessary for our business.
2.2 Sensitive data. We do not collect or use any special categories of personal data (“sensitive data”) from you, unless you decide, at your own discretion, to provide such data to us. Sensitive data refers to your health, religious and political beliefs, racial origins, membership of a professional or trade association, or sexual orientation.
2.3 Refusal to provide personal data. If you refuse to provide us with your personal data when we ask to, we may not be able to perform the requested operation and you may not be able to use the full functionality of the Website, receive your orders, or get our response. Please contact us immediately if you think that any personal data that we collect is excessive or not necessary for the intended purpose.
2.4 Collection of non-personal data. When you browse the Website, we automatically collect certain technical non-personal data related to your use of the Website. Such data does not allow us us to identify you in any manner. The non-personal data includes the following information:
- Your activity on the Website;
- Your browser type and version;
- Your operating system;
- Your device ID and status;
- URL addresses from which you access the Website;
- The date and time when you access the Website;
- Your internet service provider; and
- Your other online behaviour.
2.5 Purposes of non-personal data. We will use non-personal data for the following purposes:
- To perform our contractual obligations;
- To maintain our business records;
- To analyse what kind of users use the Website;
- To examine the relevance, popularity, and engagement rate of the content available on The Website;
- To investigate and help prevent security issues and abuse; and
- To develop and provide additional features to the Website.
2.6 Your feedback. If you contact us, we may keep records of any questions, complaints, recommendations, or compliments made by you and the response. Where possible, we will de-identify your personal data (i.e., we will remove all personal data that is not necessary for keeping such records).
2.7 Aggregated and de-identified data. In case your non-personal data is combined with certain elements of your personal data in a way that allows us to identify you, we will handle such aggregated data as personal data. If your personal data is aggregated or de-identified in a way that it can no longer be associated with an identified or identifiable natural person, it will not be considered personal data and we may use it for any business purpose.
2.8 Newsletters. If we have your email address, we may, from time to time, send you a newsletter informing you about the latest developments related to the Website and our special offers. You will receive our newsletters in the following instances:
- If we receive your express (“opt-in”) consent to receive marketing messages; or
- If you voluntarily subscribe for our newsletter; or
- If we decide to send you information closely related to services already used by you.
2.9 Opting-out. You can opt-out from receiving our commercial communication at any time free of charge by clicking on the “unsubscribe” link included in our newsletters, adjusting the settings of your user account, or by contacting us directly.
2.10 Tracking pixels. The newsletters sent by us may contain tracking pixels that allow us to conduct analysis of our marketing campaigns. Tracking pixels allow us to see whether you opened the newsletter and what links you have clicked on. We use such information to conduct analytics and pursue our legitimate business interests.
2.11 Service-related notices. If necessary, we will send you important informational messages, such as confirmation receipts, payment information, technical or administrative emails, and other administrative updates. Please note that such messages are sent on an “if-needed” basis and they do not fall within the scope of commercial communication that may require your prior consent. You cannot opt-out from service-related notices.
3.1 What should you know about cookies? A cookie is a small piece of data typically consisting of letters and numbers. When you visit a website, that website may send a cookie to your browser. Subsequently, the browser may store the cookie on your computer or mobile device for some time (cookie expiration date depends on its type). Cookies are used to recognise your device and collect certain information about your use of websites. Thus, over time, cookies allow websites to “remember” your actions and preferences. There are several types of cookies, namely, (i) persistent cookies, which remain valid until deleted by you, (ii) cookies that remain valid until their expiration date, and (iii) session cookies that are stored on a web browser and remain valid until the moment the browser is closed. Cookies may also be (i) first-party cookies (set by the original website itself) and (ii) third-party cookies (placed by third-party websites).
3.2 We may different types of cookies on the Website, including:
- Essential technical cookies that are strictly necessary to ensure the correct functioning of KIMCHI and provide the services requested by you;
- Preference cookies that record information about the choices that you make on the Website;
- Marketing cookies that allow us to create, implement, and examine our marketing campaigns. Such cookies allow us to reach the right customers, analyse the productivity of our marketing campaigns, and offer you personalised advertisement; and
- Statistics cookies that allow us to generate statistical reports about how you use the Website.
Below, you can find a list of cookies that we use on the Website, including their purpose and expiration time:
|Essential technical cookies|
3.3 Cookie consent. When you visit the Website, we may ask you to provide us with your consent to our use of all cookies via a cookie consent banner (for example, if you come from the EU). If you do not provide your opt-in consent, we will not serve you our non-essential cookies. Please note that we may not be able to provide you with the best possible user experience on the Website if not all cookies are enabled.
3.4 Disabling cookies. If we ask you to provide your consent to our use of non-essential cookies, you have the freedom not to provide such consent. If you would like to refuse our use of non-essential cookies later, you can do it at any time by declining cookies in your browser or device. For more information, you can consult the cookie management instructions of your browser.
3.5 Google Analytics. To analyse your use of the Website, we use Google Analytics, the business analytics service provided by Google LLC located in the United States (“Google”). Google generates statistical information by means of cookies and creates reports about your use of the Website. The cookies served by Google Analytics are anonymous first-party cookies that do not allow us to identify you in any manner. The information generated by cookies will be transmitted to and stored by Google on servers in the United States. To ensure your privacy, your IP address will be anonymised and Google will not combine your IP address with other information Google holds about you. Thus, Google will not be able to identify you. In certain cases (e.g., when required by law or when third parties conduct services on behalf of Google), Google may transfer the information to third parties. For more information about Google Analytics’ privacy practices, please visit https://support.google.com/analytics/answer/6004245. If you would like to opt out from Google Analytics, you can do so by installing a Google Analytics opt-out browser add-on available at https://tools.google.com/dlpage/gaoptout?hl=en.
4. HOW LONG DO WE STORE YOUR DATA?
Here we explain for how long we keep your data in our systems and how we delete it.
4.3 Storage as required by law. In instances when we are obliged by law to store your personal data for certain period of time (e.g., for accountancy purposes), we will store your personal data for the time period stipulated by the applicable law and delete the personal data as soon as the required retention period expires.
5. HOW DO WE DISCLOSE YOUR DATA?
Here you can find information bout third parties that may have access to your personal data.
5.1 Disclosure to data processors. We keep your personal data in strict confidentiality. However, if necessary for the intended purpose of your personal data (for example, for payment processing or service provision purposes), we will disclose your personal data to the service providers with whom we cooperate (our data processors). Your personal data may be shared with entities that provide technical support services to us, such as hosting and email distribution services. We do not sell your personal data to third parties and do not intend to do so in the future. The disclosure of your personal data is limited to the situations when it is required for the following purposes:
- Ensuring the proper operation of the Website;
- Ensuring the delivery of services requested by you;
- Responding to your enquiries;
- Pursuing our legitimate business interests;
- Enforcing our rights, preventing fraud, and security purposes;
- Carrying out our contractual obligations;
- Law enforcement purposes; or
- If you provide your prior consent to such a disclosure.
- Our hosting service providers WordPress and GoDaddy located in the United States;
- Our analytics service provider Google Analytics located in the United States;
- Our transactional email service providers Mailchimp and Active Campaign located in the United States;
- Our shipping service providers DHL, Fedex, UPS, an USPS located in the United States and Deutsche Post located in Germany;
- Our marketing and advertising service providers Facebook, Instagram, and LinkedIn located in the United States; and
- Our independent contractors and consultants.
5.3 International transfers. Some of our data processors are likely to be based outside the country where you reside. For example, if you reside in a country belonging to the European Economic Area (EEA), we may need to transfer your personal data outside the EEA. In case it is necessary to make such a transfer, we will make sure that the country in which our data processor is located guarantees an adequate level of protection for your personal data or we conclude an agreement with it that ensures such protection (e.g., a data processing agreement based pre-approved standard contractual clauses).
5.4 Disclosure of non-personal data. Your non-personal data may be disclosed to third parties for any purpose as it does not identify you as a natural person. For example, we may share it with prospects or partners for business or research purposes, for improving the Website, responding to lawful requests from public authorities or developing new products and services.
5.5 Legal requests. If requested by a public authority, we will disclose information about the users of the Website to the extent necessary for pursuing a public interest objective, such as national security or law enforcement.
6. HOW DO WE PROTECT YOUR DATA?
Here you can find information on how we protect your data against breaches.
6.1 Security measures. We implement technical and organisational information security measures that protect your personal data from loss, misuse, unauthorised access and disclosure. The security measures taken by us include secured networks, encryption, strong passwords, limited access to your personal data by our staff, and anonymisation of personal data (when possible).
6.2 Security breaches. Although we put our best efforts to protect your personal data, given the nature of communication and information processing technology and the Internet, we cannot be liable for any unlawful destruction, loss, use, copying, modification, leakage, and falsification of your personal data caused by circumstances that are beyond our reasonable control. In case a serious breach occurs, we will take reasonable measures to mitigate the breach, as required by the applicable law. Our liability for any security breach will be limited to the highest extent permitted by the applicable law.
7. HOW CAN YOU MANAGE YOUR PERSONAL DATA?
Here you can find detailed information about the rights that you have with regard to your personal data and how to exercise those rights.
7.1 The list of your rights. You have the right to control how we process your personal data. Subject to any exemptions provided by law, you have the following rights:
- Right of access: you can get a copy of your personal data that we store in our systems and a list of purposes for which your personal data is processed;
- Right to rectification: you can rectify inaccurate personal data that we hold about you;
- Right to erasure (‘right to be forgotten’): you can ask us to erase your personal data from our systems;
- Right to restriction: you can ask us to restrict the processing of your personal data;
- Right to data portability: you can ask us to provide you with a copy of your personal data in a structured, commonly used and machine-readable format and move that personal data to another processor;
- Right to object: you can ask us to stop processing your personal data;
- Right to withdraw consent: you have the right to withdraw your consent, if you have provided one; or
- Right to complaint: you can submit your complaint regarding our processing of your personal data.
7.2 How to exercise your rights? If you would like to exercise any of your legitimate rights, please contact us by email at firstname.lastname@example.org and explain in detail your request. In order to verify the legitimacy of your request, we may ask you to provide us with an identifying piece of information, so that we can identify you in our system. We will answer your request within a reasonable time frame but no later than 30 days.
7.3 Complaints. If you would like to launch a complaint about the way in which we handle your personal data, we kindly ask you to contact us first and express your concerns. After you contact us, we will investigate your complaint and provide you with our response as soon as possible (no later than 2 weeks). If you are not satisfied with the outcome of your complaint, you have the right to lodge a complaint with your local data protection authority.
Postal address: Kassim (Pvt.) Ltd., Plot no. 152-153, 183-186 Naclas 90, Deh Khanto, National Highway, 75100 Landhi, Pakistan
Phone number: +92-21-35134089