Skip to content Skip to footer
Carrello (0) Carrello 0 items - $0.00
Cart (0) Cart 0 items - $0.00

Privacy Policy

HomePrivacy Policy

Privacy Policy

This policy is intended for users who visit and use our website and complies with applicable data protection legislation in the European Union (Regulation (EU) 2016/679 – GDPR) and the United Arab Emirates, specifically Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data. Its purpose is to provide transparency into how personal data is collected, used, stored, and protected, as well as clarify users’ rights regarding the processing of such information.

Data Controller

The data controller is PWJ Luxury, with registered office in Dubai and operational headquarters (if different) in the United Arab Emirates at [Dubai address or branch office].
For any inquiries regarding the protection of personal data, please write to [dedicated privacy email].

What data we collect

  • Personal and identification data (first name, last name, date of birth)
  • Contact information (email address, telephone number, residence)
  • Browsing data (IP address, browser type, operating system, pages visited, time spent)
  • Data relating to purchases or use of services (products purchased, payment methods, shipping addresses)
  • Information collected through forms (contact forms, newsletters, sales inquiries)
  • Sensitive data only if strictly necessary and collected with specific consent (e.g., identification documents in case of security checks or local laws)

Purpose of processing

Personal data is collected and processed for specific, legitimate, and transparent purposes. These purposes include:

  • Managing requests for information or assistance
  • Processing orders and delivering products or providing requested services
  • Registration on the website and access to restricted areas
  • Sending promotional communications and newsletters (only with prior consent)
  • Compliance with tax, administrative, and legal obligations
  • Analyzing user experience and improving the quality of services offered
  • Preventing fraud or unauthorized access

Legal Basis for Processing

In compliance with the GDPR and UAE regulations, data processing is based on:

  • The data subject’s consent
  • The performance of a contract or pre-contractual measures
  • The fulfillment of legal obligations to which the data controller is subject
  • The data controller’s legitimate interest, for example, for security purposes, fraud prevention, or website improvement

Processing Methods and Security

Data is processed using automated and manual methods, in compliance with the principles of lawfulness, fairness, transparency, data minimization, and security. We have implemented appropriate technical and organizational measures to prevent unauthorized access, loss, destruction, or unauthorized disclosure.

Data is stored on secure servers located within the European Economic Area (EEA) or, if processed in the United Arab Emirates, in data centers that comply with the security requirements of the UAE Data Office or local regulations.

Data Retention

Personal data is retained for the time strictly necessary to achieve the purposes for which it was collected. In general:

  • Order data is retained according to the timeframes established by tax regulations (up to 10 years in the EU).
  • Data provided for marketing purposes is retained until consent is revoked.
  • Technical access logs are retained for security purposes for up to 12 months.
  • Once the retention period expires, the data will be deleted or anonymized.

Data Transfer

If data is transferred outside the European Union or the United Arab Emirates, we will ensure that adequate safeguards are in place to protect the rights of data subjects, in accordance with Article 46 of the GDPR or the standards issued by the UAE Data Office.

Disclosure to Third Parties

The data may be disclosed, where necessary, to duly authorized third parties:

  • Technical service providers (hosting, cloud, IT maintenance)
  • Couriers and logistics companies
  • Legal, tax, and accounting consultants
  • Public authorities, in the event of a legal obligation
  • All third parties are bound by contractual confidentiality and data protection obligations.

Data Subject Rights

You have the right to access your personal data at any time and to request rectification, erasure, restriction of processing, or portability. You also have the right to object to processing and to withdraw your consent, without affecting the lawfulness of processing based on consent before its withdrawal.

In the European context, these rights may be exercised by writing to the address indicated above. Users also have the right to lodge a complaint with a supervisory authority (e.g., the Italian Data Protection Authority).

In the United Arab Emirates, users can contact the Data Controller directly to enforce their rights under the Data Protection Law, and can contact the UAE Data Office in the event of violations.

Cookies and tracking tools

The site uses technical cookies necessary for operation, as well as analytical and profiling cookies (e.g., Google Analytics, MetaPixel, Hotjar), only with the user’s explicit consent. Users can manage their preferences via the dedicated banner or by changing their browser settings.

For more information on the use of cookies, please see our Cookie Policy in the dedicated section of the site.

Changes to this Policy

We reserve the right to update this Policy at any time, following regulatory changes or developments in the services we offer. The most current version will always be available on this page, indicating the update date.

Last updated: June 2025