GDPR Compliance
At Zalessi, we are committed to safeguarding the privacy and protection of our customers personal information. Our data handling practices are fully aligned with the General Data Protection Regulation (GDPR) — a comprehensive European Union regulation that reinforces individuals' rights over their personal data. Here's an overview of our GDPR compliance:
1. Lawful and Transparent Processing:
We collect and process personal data in a lawful, fair, and transparent manner. Customers are clearly informed about how their data is gathered, used, stored, and for what purposes.
2. Purpose Limitation:
We only collect personal data for specified, legitimate purposes related to shopping, communication, and order fulfillment. We do not process customer data beyond these original intents.
3. Data Minimization:
We ensure that only the personal data necessary for the intended purpose is collected. We avoid collecting any irrelevant or excessive data.
4. Accuracy:
We take reasonable steps to maintain the accuracy and relevance of the personal data we process. Customers may request corrections to their information at any time.
5. Storage Limitation:
Customer data is retained only for as long as needed to fulfill its intended purpose or to comply with legal obligations. After that, it is securely deleted or anonymized.
6. Integrity and Confidentiality:
We employ secure data protection methods, including encryption and secure access controls, to safeguard personal data against unauthorized access, alteration, or loss. Protecting customer confidentiality is central to our operations.
7. Individual Rights:
We uphold all GDPR rights for individuals, including the right to access, rectify, erase, or restrict their personal data. Customers may also request data portability or object to certain processing activities.
8. Data Protection Officer (DPO):
While not required for all businesses, Zalessi has appointed a designated team member to oversee data protection and privacy-related matters, ensuring compliance and acting as a point of contact.
9. Data Breach Notification:
In the event of a data breach that risks customer rights or freedoms, we will promptly notify both the relevant supervisory authority and affected individuals, in accordance with GDPR requirements.
10. Compliance Review:
Zalessi regularly audits and updates its privacy policies and internal procedures to ensure ongoing GDPR compliance and alignment with best data protection practices.
By shopping with Zalessi, you can trust that your personal data is treated with care, integrity, and full respect for your privacy rights. We are committed to providing not only beautiful fashion — but also a secure, trustworthy shopping experience.