Privacy Policy | Rita Cashmere Nepal - Data Protection & Privacy Rights

Introduction

Rita Cashmere (“we,” “us,” “our,” or “the Company”) is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (www.ritacashmere.com), use our services, or engage with us for business purposes.

This policy applies to all visitors, users, and B2B clients who access or use our services, including wholesale buyers, OEM/ODM partners, distributors, and other business contacts.

By using our website or services, you agree to the collection and use of information in accordance with this Privacy Policy.

1. Information We Collect

We collect information that you provide directly to us, information we obtain automatically when you use our services, and information from third-party sources.

1.1 Information You Provide to Us

Contact Information:

Full name
Company name
Email address
Phone number (including WhatsApp)
Business address
Country/region

Business Information:

Job title and role
Industry and business type
Company size
Product interests
Order requirements and preferences

Account Information (if you create an account):

Username and password
Account preferences
Order history
Saved items and preferences

Communication Information:

Information in emails, messages, and calls
Inquiry details and quotation requests
Sample requests and specifications
Feedback and survey responses
Customer service interactions

Order and Transaction Information:

Purchase orders and quotations
Product specifications and customization details
Shipping and billing addresses
Payment information (processed securely by third-party payment processors)
Order history and transaction records

Marketing Preferences:

Newsletter subscription preferences
Communication preferences
Areas of interest

1.2 Information We Collect Automatically

Device and Usage Information:

IP address
Browser type and version
Operating system
Device type and identifiers
Referring/exit pages
Pages viewed and time spent
Click-stream data
Date and time stamps

Cookies and Similar Technologies:

Session cookies
Preference cookies
Analytics cookies
Marketing cookies (See Section 8 for detailed information on cookies)

Location Information:

General geographic location based on IP address
Country and region information

1.3 Information from Third-Party Sources

Business Verification Services: Company information, business registration details
Trade References: Information from references you provide
Public Sources: Publicly available business information
Social Media: Information from your public social media profiles if you interact with us
Marketing Partners: Contact information from trade shows, exhibitions, and industry events

2. How We Use Your Information

We use the information we collect for the following business purposes:

2.1 To Provide and Manage Our Services

✓ Process and fulfill your orders and quotation requests
✓ Communicate about your orders, samples, and inquiries
✓ Provide customer support and respond to your questions
✓ Manage your account and preferences
✓ Process payments and send transaction confirmations
✓ Coordinate shipping and delivery
✓ Provide product information and technical support

2.2 To Improve and Develop Our Services

✓ Understand how our website and services are used
✓ Analyze trends and user behavior
✓ Develop new products and services
✓ Improve existing products and manufacturing processes
✓ Conduct research and analytics
✓ Test new features and functionality

2.3 For Marketing and Communications

✓ Send you newsletters and product updates (with your consent)
✓ Inform you about new collections and special offers
✓ Provide industry insights and cashmere education
✓ Invite you to trade shows and events
✓ Send promotional materials relevant to your business
✓ Conduct surveys and request feedback

Note: You can opt out of marketing communications at any time.

2.4 For Business Operations

✓ Verify your identity and business credentials
✓ Prevent fraud and ensure security
✓ Enforce our terms and conditions
✓ Maintain business records and documentation
✓ Manage partnerships and business relationships
✓ Conduct due diligence for business partnerships

2.5 For Legal Compliance

✓ Comply with applicable laws and regulations
✓ Respond to legal requests and prevent illegal activity
✓ Protect our rights, privacy, safety, or property
✓ Enforce our agreements and policies
✓ Resolve disputes

3. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, and other jurisdictions with similar privacy laws, we process your personal data based on the following legal grounds:

Contract Performance:

Processing necessary to fulfill our contract with you
Managing orders, quotations, and business transactions
Providing customer service and support

Legitimate Interests:

Improving our products and services
Marketing our products (where not requiring consent)
Preventing fraud and ensuring security
Business administration and record-keeping
Analyzing website usage and performance

Consent:

Sending marketing communications (where consent is required)
Using certain cookies and tracking technologies
Processing special categories of data (if applicable)

Legal Obligation:

Complying with legal and regulatory requirements
Responding to legal requests
Tax and accounting obligations

You have the right to withdraw consent at any time where we rely on consent as the legal basis for processing.

4. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties. We share your information only in the following circumstances:

4.1 Service Providers and Business Partners

We share information with trusted third-party service providers who assist us in operating our business:

Shipping and Logistics Partners:

Freight forwarders and carriers
Customs brokers
Delivery services (To coordinate international shipping and delivery)

Payment Processors:

Secure payment gateway providers
Banking institutions (To process transactions securely)

Technology Service Providers:

Website hosting providers
Email service providers
Customer relationship management (CRM) platforms
Analytics providers
Cloud storage services

Manufacturing and Production Partners:

Quality testing laboratories (SGS, etc.)
Certification bodies (NPIA)
Yarn suppliers (with your knowledge)

Marketing Service Providers:

Email marketing platforms
Social media platforms
Analytics and advertising partners

All service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the successor entity, subject to this Privacy Policy.

4.3 Legal Requirements and Protection

We may disclose your information when required by law or when we believe disclosure is necessary to:

Comply with legal obligations, court orders, or government requests
Enforce our terms and conditions
Protect our rights, property, or safety
Protect the rights, property, or safety of our users or others
Prevent fraud, security breaches, or illegal activity

4.4 With Your Consent

We may share your information with third parties when you provide explicit consent or direction to do so.

4.5 Aggregated and De-Identified Information

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you, for research, marketing, analytics, or other business purposes.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

Security Measures Include:

Technical Safeguards:

✓ Encryption of data in transit (SSL/TLS)
✓ Encryption of sensitive data at rest
✓ Secure authentication and access controls
✓ Regular security assessments and vulnerability testing
✓ Firewalls and intrusion detection systems
✓ Secure backup and disaster recovery procedures

Organizational Safeguards: ✓ Limited access to personal information on a need-to-know basis
✓ Employee training on data protection and security
✓ Confidentiality agreements with employees and contractors
✓ Regular review and update of security policies
✓ Incident response and breach notification procedures

Payment Security: ✓ We do not store complete credit card information
✓ Payment processing handled by PCI-DSS compliant providers
✓ Secure payment gateways with encryption

Your Responsibility:

While we implement strong security measures, you also play a role in protecting your information:

Keep your account credentials confidential
Use strong, unique passwords
Log out after using shared or public computers
Be cautious about phishing attempts
Notify us immediately of any unauthorized access

Please note: No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention Periods:

Active Business Relationships:

Retained for the duration of the business relationship
Plus reasonable period after relationship ends for record-keeping

Order and Transaction Records:

Retained for 7-10 years for accounting, tax, and legal compliance
May be longer if required by applicable law

Marketing Communications:

Retained until you unsubscribe or request deletion
May retain some information to honor opt-out requests

Website Usage Data:

Analytics data typically retained for 24-36 months
Cookie data per cookie policy (see Section 8)

Legal and Compliance:

Retained as long as necessary to comply with legal obligations
Retained for statute of limitations periods where applicable

Deletion Criteria:

When determining retention periods, we consider:

The nature and sensitivity of the information
Potential risk of harm from unauthorized use or disclosure
Purposes for which we process the information
Whether we can achieve those purposes through other means
Applicable legal, regulatory, tax, accounting, or other requirements

Upon expiration of retention periods, we securely delete or anonymize your personal information.

7. Your Privacy Rights

Depending on your location and applicable laws, you may have certain rights regarding your personal information.

7.1 General Rights (All Users)

Right to Access:

Request confirmation of what personal information we hold about you
Obtain a copy of your personal information

Right to Correction:

Request correction of inaccurate or incomplete information
Update your contact details and preferences

Right to Deletion:

Request deletion of your personal information
Subject to legal retention requirements

Right to Opt-Out of Marketing:

Unsubscribe from marketing emails at any time
Opt out of promotional communications

Right to Object:

Object to certain processing of your information
Particularly for direct marketing purposes

7.2 Additional Rights (EEA, UK, and Similar Jurisdictions)

Right to Restrict Processing:

Request limitation on how we use your information
While we verify accuracy or legitimate grounds

Right to Data Portability:

Receive your information in a structured, commonly used format
Transmit your information to another controller

Right to Withdraw Consent:

Withdraw consent where processing is based on consent
Without affecting lawfulness of prior processing

Right to Lodge a Complaint:

File a complaint with your local data protection authority
Seek remedy through courts if you believe your rights are violated

7.3 California Privacy Rights (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act:

Right to Know:

Categories and specific pieces of personal information collected
Sources from which information is collected
Purposes for collecting and sharing information
Categories of third parties with whom we share information

Right to Delete:

Request deletion of personal information (with exceptions)

Right to Opt-Out:

Opt out of sale of personal information (we do not sell personal information)

Right to Non-Discrimination:

Not receive discriminatory treatment for exercising privacy rights

Right to Correct:

Request correction of inaccurate personal information

Right to Limit Use of Sensitive Information:

Limit use of sensitive personal information (if applicable)

7.4 How to Exercise Your Rights

To exercise any of these rights, contact us:

📧 Email: info@ritacashmere.com
📱 Phone/WhatsApp: +977 982-6872664
📍 Mail: Rita Cashmere, 17 Man Marg, Kathmandu 44600, Nepal

Please include in your request:

Your full name and contact information
Description of your request and the right you wish to exercise
Verification information to confirm your identity
Specific information you’re requesting (if applicable)

Response Timeline:

We will respond to verified requests within 30 days (or as required by applicable law)
May extend by additional 30 days for complex requests (with notice)
We may request additional information to verify your identity

Verification Process: We may ask for information to verify your identity before fulfilling requests, to prevent unauthorized access to your personal information.

No Fee: We do not charge a fee to process or respond to your verifiable requests unless they are excessive, repetitive, or manifestly unfounded.

8. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website usage, and support our marketing efforts.

8.1 What Are Cookies?

Cookies are small text files placed on your device when you visit a website. They help websites remember your preferences, recognize you on return visits, and collect information about how you use the site.

8.2 Types of Cookies We Use

Strictly Necessary Cookies:

Essential for website functionality
Enable core features like security, network management, and accessibility
Cannot be disabled without affecting site functionality
Examples: Session management, load balancing, security

Functional Cookies:

Remember your preferences and choices
Enable enhanced functionality and personalization
Examples: Language preferences, region selection, saved items

Analytics and Performance Cookies:

Collect information about how you use our website
Help us understand visitor behavior and improve our site
Typically anonymized or aggregated
Examples: Google Analytics, page view tracking, click tracking

Marketing and Advertising Cookies:

Track your browsing activity across websites
Used to deliver relevant advertisements
May be set by third-party advertising partners
Examples: Retargeting cookies, conversion tracking, social media pixels

8.3 Third-Party Cookies

We may allow third-party service providers to place cookies on our website:

Analytics Providers:

Google Analytics
Other web analytics services

Social Media Platforms:

Facebook Pixel
LinkedIn Insight Tag
Instagram
Pinterest

Advertising Partners:

Google Ads
Retargeting platforms

These third parties have their own privacy policies governing their use of information.

8.4 Cookie Management

Browser Settings: You can control and delete cookies through your browser settings:

Chrome: Settings > Privacy and Security > Cookies
Firefox: Options > Privacy & Security > Cookies
Safari: Preferences > Privacy > Cookies
Edge: Settings > Privacy > Cookies

Cookie Consent Tool: You can manage your cookie preferences through our cookie consent banner when you first visit our website.

Opt-Out Tools:

Google Analytics Opt-Out: Google Analytics Opt-out Browser Add-on
Network Advertising Initiative: NAI Opt-Out
Digital Advertising Alliance: DAA Opt-Out

Note: Disabling certain cookies may affect website functionality and your user experience.

8.5 Other Tracking Technologies

Web Beacons (Pixel Tags): Small graphic images embedded in emails or web pages to track opens, clicks, and user behavior.

Local Storage: Browser storage for preferences and settings.

Session Replay: We may use session replay tools to understand user experience and identify issues (with anonymization of sensitive data).

9. Third-Party Links

Our website may contain links to third-party websites, including:

Social media platforms
Payment processors
Shipping carriers
Industry resources
Partner websites

We are not responsible for the privacy practices of third-party websites. We encourage you to read the privacy policies of any third-party sites you visit.

When you click on third-party links or engage with third-party services:

You leave our website
This Privacy Policy no longer applies
Third-party privacy policies govern
We have no control over third-party data practices

10. International Data Transfers

Rita Cashmere operates from Nepal and serves clients globally. Your information may be transferred to, stored, and processed in Nepal or other countries where we or our service providers operate.

Data Protection Standards:

For EEA/UK Transfers: When transferring personal data from the EEA or UK to Nepal or other countries, we rely on appropriate safeguards:

Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions where applicable
Your explicit consent for the transfer
Necessity for contract performance

For Other Jurisdictions: We implement appropriate safeguards and comply with applicable data transfer requirements in your jurisdiction.

Data Protection Measures: Regardless of where your information is processed, we maintain the same level of protection as described in this Privacy Policy.

11. Children’s Privacy

Our website and services are designed for business-to-business (B2B) use and are not directed to children under the age of 18 (or the age of majority in your jurisdiction).

We do not knowingly collect personal information from children.

If you are a parent or guardian and believe your child has provided us with personal information:

Contact us immediately at info@ritacashmere.com
We will delete the information promptly
We will take steps to prevent future collection

Age Verification: By using our services, you represent that you are at least 18 years old or the age of majority in your jurisdiction.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

Notification of Changes:

Material Changes:

We will notify you by email (if you’ve provided an email address)
Prominent notice on our website
At least 30 days before changes take effect

Non-Material Changes:

Updated “Last Updated” date at the top of this policy
Notice on our website

Your Continued Use:

Your continued use of our website or services after changes become effective constitutes acceptance of the updated Privacy Policy.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Previous Versions:

We maintain archived versions of previous privacy policies. Contact us if you would like to review a previous version.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Privacy Contact Information:

Rita Cashmere
Attn: Privacy Officer

📧 Email: info@ritacashmere.com
Subject line: Privacy Inquiry

📱 Phone/WhatsApp: +977 982-6872664

📍 Mailing Address:
Rita Cashmere
17 Man Marg
Kathmandu 44600
Nepal

Business Hours:
Sunday – Friday: 9:00 AM – 5:00 PM (Nepal Time, UTC+5:45)
Saturday: Closed

Response Time:
We will respond to privacy inquiries within 30 days (or as required by applicable law).

Additional Information for Specific Jurisdictions

For European Economic Area (EEA) and UK Residents:

Data Controller:
Rita Cashmere is the data controller responsible for your personal information.

EU Representative:
[If you have an EU representative, include contact information here]

UK Representative:
[If you have a UK representative, include contact information here]

Supervisory Authority:
You have the right to lodge a complaint with your local data protection authority:

UK: Information Commissioner’s Office (ICO) – ico.org.uk
EEA: Your country’s data protection authority

For California Residents:

Do Not Sell My Personal Information:
We do not sell personal information as defined under California law.

Shine the Light Law:
California residents may request information about disclosure of personal information to third parties for direct marketing purposes.

California Privacy Rights Contact:
Email: info@ritacashmere.com with subject “California Privacy Rights”

Privacy Policy Summary

Quick Overview of Our Privacy Practices:

✓ We collect information you provide, information from your use of our services, and information from third parties
✓ We use your information to provide services, improve our offerings, communicate with you, and comply with legal obligations
✓ We share information with service providers, as required by law, and with your consent
✓ We protect your information with technical and organizational security measures
✓ We retain information as long as necessary for business and legal purposes
✓ You have rights to access, correct, delete, and control your information
✓ We use cookies to enhance website functionality, analytics, and marketing
✓ We transfer data internationally with appropriate safeguards
✓ We update this policy and notify you of material changes

For full details, please read the complete Privacy Policy above.

Protecting Your Privacy, Building Trust

Browse

Want to chat?

Social