Muse Oudh (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy (“Policy”) describes how we collect, use, disclose, and protect your personal information when you visit our website museoudh.com (“Website”) or purchase our products or services through the Website (collectively, the “Services”).

By using our Website or Services, you agree to the practices described in this Policy.

1. What Personal Information Do We Collect?

“Personal Information” means information that identifies you directly or indirectly. The types of information we collect include:

• Information You Provide Directly:
  • Contact and Account Information: Name, email address, mailing address (billing and shipping), phone number, username, password (stored encrypted), account preferences.
  • Transaction Information: Details of the products or services you purchased, payment information (Note: We generally do not store full credit card numbers directly; payments are processed by secure third-party payment gateways), order number, invoice information.
  • Communication Information: Content of your communications with us via customer service, email, phone, or online forms.
  • Marketing Preferences: Your willingness to subscribe to marketing communications.
  • User-Generated Content: Comments, product reviews, survey responses, or contest participation information you submit.
  • Other Information: Any other information you voluntarily provide (e.g., information provided to customize a product).
• Information We Collect Automatically (via Cookies and Similar Technologies):
  • Device and Browsing Information: IP address, browser type and version, operating system, device type (e.g., phone, tablet, computer), unique device identifiers (e.g., advertising ID), mobile network information.
  • Usage Data: Pages visited, links clicked, time of visit, duration of stay, referral source (where you accessed our Website from), search queries, interaction with website elements (e.g., form completion).
  • Location Information: Approximate geographical location estimated by IP address (usually precise to city or country level), or more precise location information provided by your device settings (if authorized).
• Information Obtained from Third-Party Sources:
  • Payment Processors: Transaction status and limited authentication information (e.g., PayPal, Stripe).
  • Logistics and Shipping Partners: Shipping status, tracking information.
  • Social Media Platforms: If you log in via social media accounts or interact with our social media pages, we may receive your public profile information and interaction data (according to your social media privacy settings).
  • Analytics Service Providers: Aggregated or anonymized usage data from services like Google Analytics.
  • Marketing and Advertising Partners: Anonymized audience information or advertising performance data.
  • Public Sources: We may obtain information from public sources where lawful and necessary.

2. How Do We Use Your Personal Information?

We use the collected personal information for the following purposes:

• Fulfilling Orders and Providing Services: Processing your orders, payments, shipping, returns, and exchanges; managing your account; providing customer support; communicating with you about orders and services.
• Operating and Improving the Website: Providing, maintaining, protecting, and optimizing our Website and Services; troubleshooting; performing data analysis; conducting research and developing new products or features.
• Communication: Responding to your inquiries, requests, and feedback; sending important service notices (e.g., order confirmations, shipping updates, policy changes); sending marketing communications based on your preferences (e.g., promotions, offers, newsletters); administering contests, sweepstakes, or surveys you participate in.
• Personalizing Experience: Customizing Website content, product recommendations, and advertising based on your interests and preferences (where you have consented).
• Security and Fraud Prevention: Protecting our Website, Services, business, and users; detecting, preventing, and investigating fraud, security breaches, potentially prohibited or illegal activities; enforcing our terms and conditions.
• Legal Compliance: Complying with applicable laws, regulations, judicial proceedings, or governmental requirements (e.g., tax filings, customs declarations).
• Other Purposes: For other purposes disclosed to you at the time of collection or with your consent.

3. How Do We Share Your Personal Information?

We share your personal information only in the following circumstances and take appropriate measures to protect your data security:

• Service Providers: We share information with trusted third parties who help us operate our business and provide the Services, including:
  • Payment Processors (e.g., PayPal, Stripe, credit card processing companies)
  • Logistics and Shipping Companies (e.g., DHL, FedEx, UPS, postal services)
  • Website Hosting and Cloud Storage Providers
  • Data Analytics Services (e.g., Google Analytics – typically using anonymized or aggregated data)
  • Marketing and Advertising Platforms (e.g., Meta/Facebook, Google Ads – usually based on your Cookie consent)
  • Customer Relationship Management (CRM) Systems
  • Customer Support Services
    These service providers can only access and use your information to the extent necessary to perform their services for us and are contractually obligated to protect your information’s security and confidentiality.
• Business Transfers: In the event of a merger, acquisition, asset sale, financing, or bankruptcy reorganization, your information may be transferred as part of the transaction. We will notify you of such events and any choices you may have regarding how your information is handled by the new owners.
• Legal Requirements: If we believe disclosure is reasonably necessary to comply with a law, regulation, subpoena, search warrant, court order, or governmental request; to protect our or others’ rights, property, or safety; to investigate fraud; or to enforce our policies.
• Protecting Rights and Safety: When we believe disclosure is necessary or appropriate to protect the rights, privacy, safety, or property of Muse Oudh, our users, employees, or the public.
• With Your Consent or Direction: Where you have explicitly consented to or directed us to share the information (e.g., selecting a specific carrier at checkout).

We do not sell your personal information to third parties for their independent marketing purposes.

4. International Data Transfers

Muse Oudh is an international e-commerce business headquartered in Hong Kong. Your personal information may be transferred to, stored in, and processed in jurisdictions outside your country of residence.

The data protection laws in these countries may differ from those in your jurisdiction. We will take all reasonably necessary measures to ensure your data is processed securely in accordance with this Policy and applicable law. These measures include:

• Transferring data to countries recognized by the European Commission or your local regulatory authority as providing an adequate level of data protection.
• Using agreements incorporating appropriate safeguards such as Standard Contractual Clauses (SCCs) (approved by the European Commission, UK ICO, etc.).
• Ensuring the recipient is certified (e.g., EU-US Data Privacy Framework) or has Binding Corporate Rules (BCRs) in place.
• Transferring based on your explicit consent (only where applicable and appropriate).

You can contact us at contact@museoudh.com for more information about the safeguards for international data transfers.

5. Cookies and Similar Tracking Technologies

We and our third-party partners (such as analytics services and advertising networks) use cookies, pixel tags, web beacons, SDKs, and other similar technologies (collectively, “Cookies”) to collect information automatically.

• What are Cookies? Cookies are small text files stored on your device when you visit a website. They are used to remember your preferences, understand how you use the site, and provide you with a more relevant experience.
• How We Use Cookies?
  • Essential Cookies: Crucial for the basic functioning of the Website (e.g., shopping cart functionality, login security).
  • Functional Cookies: Enhance website functionality and personalization (e.g., remembering language preferences).
  • Performance/Analytics Cookies: Help us understand how visitors use the Website (e.g., which pages are popular) so we can improve.
  • Advertising/Targeting Cookies: Used to deliver ads you might be more interested in (subject to your consent) and measure advertising campaign effectiveness. They may also be used for cross-site advertising targeting (retargeting).
• Your Choices:
  • Most browsers allow you to manage Cookie preferences (usually found in “Settings” > “Privacy” or similar). You can set your browser to refuse all Cookies or prompt you when a Cookie is being sent. Please note that disabling certain Cookies (especially essential ones) may impact the Website’s functionality.
  • We will request your consent for non-essential Cookies (particularly marketing and advertising Cookies) via a Cookie banner or Consent Management Platform (CMP) on your first visit (or when required). You can adjust your preferences at any time through this mechanism.
  • For interest-based advertising, you can visit the following opt-out pages (depending on your region):
    • USA: Network Advertising Initiative (NAI): http://optout.networkadvertising.org/ or Digital Advertising Alliance (DAA): http://optout.aboutads.info/
    • EU/UK: European Interactive Digital Advertising Alliance (EDAA): http://www.youronlinechoices.eu/
    • Canada: Digital Advertising Alliance of Canada (DAAC): http://youradchoices.ca/
  • “Do Not Track” (DNT) Signals: Some browsers offer a “Do Not Track” feature. Currently, there is no industry standard for how to respond to browser DNT signals. We do not currently respond to DNT signals but will continue to monitor developments in this area.

6. Your Privacy Rights (Under Applicable Law)

Depending on the laws of your jurisdiction (e.g., GDPR, CCPA/CPRA), you may have some or all of the following rights:

• Right of Access: Request access to a copy of the personal information we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete personal information.
• Right to Erasure (Right to be Forgotten): Request deletion of your personal information under specific circumstances.
• Right to Restriction of Processing: Request restriction of processing of your personal information under specific circumstances.
• Right to Data Portability: Request to receive the personal information you provided to us in a structured, commonly used, and machine-readable format and, where technically feasible, have it transmitted to another controller.
• Right to Object: Object to the processing of your personal information based on our legitimate interests or public interest (including profiling for direct marketing purposes).
• Right to Withdraw Consent: Withdraw your consent at any time where consent (e.g., for marketing or certain Cookies) is the legal basis for processing. This does not affect the lawfulness of processing before withdrawal.
• Right to Non-Discrimination (CCPA/CPRA): You have the right not to be discriminated against for exercising your privacy rights.
• Right to Know (CCPA/CPRA): Know what personal information we collect, the sources, purposes for collection, who we share it with, and how long we retain it.
• Right to Opt-Out of Sale or Sharing (CCPA/CPRA): Request to stop the “sale” or “sharing” of your personal information (as broadly defined under CCPA/CPRA). As stated, we do not sell personal information for third-party independent marketing purposes. However, certain sharing based on advertising Cookies may be defined as “sharing” or “sale,” which you can opt-out of via our Cookie consent tool or the ad alliance links above.
• Right to Limit Use of Sensitive Information (CCPA/CPRA): Limit our use of sensitive personal information (if applicable).

How to Exercise Your Rights:
To exercise these rights (where applicable), please contact us using the details provided in Section 10 below. To protect your privacy and security, we will verify your identity before processing your request. We will generally respond to your request within the time required by law (e.g., one month under GDPR, 45 days under CCPA).

7. Data Security

We implement reasonable technical and organizational security measures to protect your personal information from unauthorized access, use, disclosure, alteration, or destruction. These measures include:

• Using Secure Socket Layer (SSL) technology to encrypt data in transit.
• Encrypting stored data (especially sensitive information).
• Restricting employee access to personal information (principle of least privilege).
• Conducting regular security assessments.
• Having data processing agreements with service providers.

Please note that no method of internet transmission or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. You should also take steps to protect your account information (e.g., using strong passwords, not sharing passwords across services).

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or permitted by law (e.g., for tax, accounting, legal compliance, or fraud prevention purposes). Criteria used to determine retention periods include:

• The nature of our ongoing relationship with you (e.g., whether you have an active account).
• Whether we have a legal obligation to retain the data (e.g., tax laws often require retaining transaction records for several years).
• Whether the data is relevant to ongoing litigation or investigations.
• The nature and sensitivity of the data.

When personal information is no longer needed, we will securely delete or anonymize it so it can no longer identify you.

9. Children’s Privacy

Our Website and Services are not directed at children under the age of 16. We do not knowingly collect any personal information from children under this age. If you are a parent or guardian and believe your child has provided us with personal information, please contact us using the details in Section 10 below. If we discover we have collected information from a child without verifiable parental consent, we will take steps to delete that information from our records as soon as possible.

10. Contact Us

If you have any questions, concerns, or wish to exercise your privacy rights regarding this Privacy Policy, please contact us via:

• Email: contact@museoudh.com

We will endeavor to address your concerns.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our information practices, legal requirements, or operational changes. The updated policy will be posted on the Website prior to the effective date. We encourage you to review this page periodically for the latest information. Your continued use of our Website or Services after the updated policy becomes effective constitutes your acceptance of the revised policy.

For material changes (e.g., significant changes to how we collect or use personal information), we may provide more prominent notice (e.g., by posting a notice on the Website’s homepage or sending you an email, if we have your address).