Privacy Policy – blossomap.com

Zorabella Limited (“we,” “us,” “our”) operates a global e-commerce platform focused on apparel, and we prioritize protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, store, and disclose your information when you visit our website https://blossomap.com/, place orders, or interact with our services. By using our platform, you consent to the practices outlined below, which comply with major global privacy regulations including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and Australia’s Privacy Act.

1. Information We Collect

We only gather personal data that is necessary to deliver and improve our services, categorized as follows:

Order & Transaction Data: To process purchases, we collect your full name, shipping/billing address, phone number, email address, and payment details (e.g., credit card information, PayPal ID). This data is encrypted during transmission and never stored in plain text.
Browsing & Usage Data: We automatically collect non-identifiable information such as your IP address, browser type, device model, pages visited, and time spent on our site. This helps us optimize site performance (e.g., fixing loading issues) and personalize recommendations (e.g., suggesting jackets if you view winter wear).
Voluntary Data: This includes information you share when contacting support (e.g., a message about a defective shirt) or signing up for our newsletter (e.g., preferences for sustainable apparel). We never force you to provide voluntary data to use our core services.

2. How We Use Your Information

Your data is used exclusively for legitimate business purposes, with no unauthorised access:

Fulfilling Orders: We use your shipping address and payment details to send your purchases and issue refunds if needed. We share transaction data with trusted payment processors (e.g., Stripe, PayPal) only to complete payments, and these partners are bound by strict privacy contracts.
Customer Support: We reference your order history and contact details to resolve inquiries (e.g., tracking a delayed package) or address issues (e.g., replacing a damaged item).
Service Improvements: Browsing data helps us update our website (e.g., simplifying the checkout process) and refine our product range (e.g., expanding sizes based on customer demand).
Transactional Communications: We send emails or SMS about your order (e.g., “Your dress has shipped”)—these are not marketing messages and cannot be opted out of, as they are critical to your purchase. For marketing (e.g., sale announcements), we only contact you if you explicitly subscribe, and you can unsubscribe anytime via the “unsubscribe” link in emails.

3. Data Protection & Security

We implement industry-leading measures to safeguard your data:

Technical Security: All data is encrypted using SSL/TLS protocols (you’ll see a padlock in your browser). Our servers are hosted with ISO 27001-certified providers, which require regular security audits.
Access Controls: Only authorized staff (e.g., customer support agents, order processors) can access your data, and they receive annual privacy training.
Data Retention: We store order data for 7 years to comply with tax and legal requirements, but we delete voluntary data (e.g., newsletter sign-ups) within 30 days of your request to unsubscribe or delete your account.

4. Cookies & Tracking Technologies

We use two types of cookies to enhance your experience:

Essential Cookies: These are required for basic site functionality (e.g., remembering items in your cart, keeping you logged in during checkout). You cannot disable these without breaking the website.
Analytics Cookies: These (e.g., Google Analytics) collect browsing data to improve our services. You can disable them via your browser settings (e.g., Chrome’s “Site Settings > Cookies”) or use third-party tools like Ghostery.

5. Your Rights

You have full control over your data under global laws:

Access & Correction: Request a copy of your data or update details (e.g., a new address) by emailing [email protected].
Deletion: Ask to delete your account and all associated data (except order data required by law) via our “Account Settings” page or support.
Opt-Out: Unsubscribe from marketing emails anytime, or object to data use for non-essential purposes (e.g., personalized recommendations) by contacting our privacy team.

6. Policy Updates

We may update this policy to reflect new laws or business practices (e.g., adding a new payment method). Changes will be posted on this page with a revised “Last Updated” date (current: December 2025). We will notify you via email if updates significantly affect your privacy rights.

For questions about this policy, contact us at [email protected].