Privacy Policy

1) Who We Are

Hewad Clothing Store (“we”, “us”, “our”) operates an online store selling Afghan clothing to customers worldwide.

  • Legal name: Hewad Media
  • Address: Setta Chowk, 2nd Aino Mena, Kandahar, Afghanistan
  • Privacy contact email: h.m.qandahar@gmail.com
  • Primary hosting: IONOS (servers located in the United Kingdom)

2) Scope

This policy explains how we collect, use, disclose, and protect personal information when visitors browse our website, place orders via WooCommerce, or interact with us.

3) Personal Data We Collect

  • Identity and contact: name, email, phone number, billing and shipping addresses.
  • Order and account: items purchased, order notes, order history, invoice details; account credentials if an account is created. Guest checkout is available.
  • Payment-related: payment status, transaction identifiers, and limited details returned by payment processors. We do not store full card numbers or CVV.
  • Delivery/fulfillment: courier details (DHL/FedEx), tracking numbers, and delivery confirmations.
  • Technical/usage: IP address, device/browser type, general location (city/country), pages viewed, and interactions collected via cookies or similar technologies.
  • Communications: emails and messages sent to our support inbox.
  • Returns/refunds: photos or videos may be requested to verify condition and eligibility.

4) How We Use Personal Data

  • To process and fulfill orders, take payment, arrange shipping, and provide customer support.
  • To manage returns, exchanges, and refunds (including verifying product condition).
  • To maintain security and prevent fraud or misuse.
  • To operate, analyze, and improve site performance and user experience (e.g., aggregate analytics).
  • To comply with accounting, tax, and other legal obligations.
  • Marketing and advertising: currently not active; if enabled in the future, we will implement required consent/opt‑out mechanisms before using personal data for such purposes.
  • Contract: to provide products and related services.
  • Legitimate interests: to secure our website, prevent fraud, and improve services in a way that respects user rights.
  • Legal obligation: to meet tax, accounting, and consumer protection requirements.
  • Consent: for non‑essential cookies/analytics/advertising where required. Consent can be withdrawn via cookie preferences when available.

6) Payments and Service Providers

We share only the minimum necessary data with trusted providers:

  • Payments: Stripe and PayPal (payment processing and fraud prevention). We never see or store full card details; these are handled by the gateway providers.
  • Shipping: DHL and FedEx (label creation, routing, tracking, and delivery updates).
  • Hosting and infrastructure: IONOS (UK) for website hosting and databases.
  • Analytics: Google Analytics (to understand site performance and usage). We will configure it to respect consent where required.

These providers process data under instructions and with appropriate security measures. Some may operate globally and transfer data across borders.

7) International Data Transfers

We serve customers worldwide and use providers that may process data in various countries. Personal data may be transferred to or stored in the United Kingdom, the European Economic Area, the United States, and other jurisdictions. Where local law requires specific safeguards for cross‑border transfers (e.g., EU/UK users), we will rely on appropriate mechanisms (such as standard contractual clauses or adequacy decisions) as applicable by our providers’ frameworks.

8) Cookies and Similar Technologies

  • Essential cookies: required for cart, checkout, authentication, and security.
  • Analytics cookies: used by Google Analytics to measure traffic and improve performance.
  • Advertising cookies: not in use at this time; if activated in the future, we will request consent where required and provide controls.

Consent and controls:

  • EU/UK visitors: an opt‑in banner for analytics/advertising cookies will be shown and granular preferences provided before such cookies are set.
  • Other regions: we will follow local requirements and provide a straightforward way to opt out of non‑essential cookies.
    A “Cookie Settings” link will be placed in the footer once the banner/preferences center is configured.

9) Data Retention

  • Orders/invoices: retained for as long as necessary to meet accounting/tax/legal obligations (commonly up to 6 years or as required by applicable law).
  • Customer accounts: kept while the account remains active; core records may be retained thereafter where legally required or to resolve disputes.
  • Analytics: retained per our analytics configuration and legal requirements.
  • Communications and returns evidence: retained as needed for service history, fraud prevention, and dispute resolution.
    When data is no longer needed, we delete or irreversibly anonymize it.

10) Returns, Refunds, and Evidence

  • Return window: 14 days from delivery for items that are unused and in original condition.
  • Postage costs: return postage is the customer’s responsibility unless the item is defective or we made an error.
  • Evidence: we may request photos/videos or courier documentation to verify product condition, damage, or non‑delivery.

11) Your Rights

Depending on jurisdiction, individuals may have rights to:

  • Access: obtain a copy of personal data we hold.
  • Rectification: correct inaccurate or incomplete data.
  • Deletion: request deletion where no overriding legal basis applies.
  • Restriction/objection: limit or object to certain processing (including direct marketing).
  • Portability: receive certain data in a structured, commonly used, machine‑readable format.
  • Withdraw consent: where processing is based on consent (e.g., non‑essential cookies).

To exercise rights, email h.m.qandahar@gmail.com. We may request verification and will respond within the timeframes required by applicable law. Requests may be declined only where permitted (e.g., where legal obligations require retention).

12) Security

We implement administrative, technical, and organizational measures to safeguard personal data, including HTTPS/TLS, access controls, and reliance on PCI‑DSS compliant payment gateways (Stripe/PayPal) for card data. While no system is completely secure, we continuously improve our protections.

13) Children

Our store is not intended for children under 13 (or the age defined by local law). We do not knowingly collect data from children. If a child’s data is provided, contact us to request deletion.

14) Do Not Track and Global Privacy Controls

Our site does not currently respond to Do Not Track signals. Where applicable laws require honoring browser‑based global privacy controls for cookies/ads, we will do so in those regions.

15) Contact

Questions or privacy requests:
Email: h.m.qandahar@gmail.com
Postal: Hewad Clothing Store, Setta Chowk, 2nd Aino Mena, Kandahar, Afghanistan

16) Changes to This Policy

We may update this policy from time to time. Material changes will be posted on this page with an updated 24/08/2025 date.

Shopping Cart