Privacy Policy
Last updated: May 18, 2026
1. Introduction
Welcome to Mikali Sapani. We are committed to protecting your privacy and security. This Privacy Policy details how we collect, process, secure, and share personal data from visitors and clients in connection with our contemporary luxury African-Italian fashion storefront.
We operate in compliance with global privacy regulations, including the European Union General Data Protection Regulation (GDPR) and related laws. For individuals residing within the European Economic Area (EEA), Mikali Sapani acts as the data controller responsible for your personal data.
2. Personal Data We Collect
To provide you with a curated high-fashion storefront, we collect information that falls under two primary categories: data you actively provide, and data collected automatically via cookie technology.
A. Information You Voluntarily Provide
- Account Credentials: If you register an account, we store your name, password hashes, and user settings.
- Purchase & Transaction Details: Billing address, shipping address, telephone number, and order history needed to fulfill your luxury purchases. Payment details (e.g. credit card tokens) are handled securely through PCI-DSS compliant third-party processors.
- Communication History: Correspondence, size requests, custom tailoring inquiries, or message details submitted to our customer care team.
- Marketing Tastes: Preferences regarding newsletter subscriptions and promotional updates.
B. Information Collected Automatically
When you visit the Mikali Sapani digital ecosystem, we collect basic device attributes and event logs through system logs and standard cookies:
- Usage Log Data: Pages visited, interaction duration, item clicks, and referrals.
- Device Metrics: Anonymized IP addresses, browser specifications, operating system profile, and general geographic location data (generalized to country or region level).
3. Lawful Bases for Processing Data
Under GDPR (Article 6), we only process your personal data under valid legal bases:
| Purpose | Data Categories | Legal Basis |
|---|---|---|
| Account creation & site navigation | Names, credentials, session cookies | Performance of Contract / Necessary |
| Processing luxury order fulfillment | Contact details, shipping address, transaction history | Performance of Contract (Art. 6(1)(b)) |
| Analytical research & storefront optimization | Anonymized event tracks, analytics cookies | Explicit User Consent (Opt-in) |
| Tailored advertising & pixels | Social network tokens, marketing cookies | Explicit User Consent (Opt-in) |
| Transactional alerts & fraud prevention | IP address logs, account behaviors | Legitimate Interest (Art. 6(1)(f)) |
4. Your European GDPR Rights
As an EU resident, you hold extensive rights over your personal data under the General Data Protection Regulation. You can exercise these at any time by contacting our legal representatives:
Right to Access (Art. 15)
Receive a complete copy of all personal records we hold about you in a clear, machine-readable format.
Right to Rectification (Art. 16)
Request that incomplete or inaccurate information concerning you be immediately amended or completed.
Right to Erasure (Art. 17)
Also known as the "Right to be Forgotten." Request full deletion of your database records, unless legal exemptions apply.
Right to Object & Restrict (Art. 18/21)
Instruct us to halt active data processing for direct marketing or restrict access based on legal disputes.
To invoke any of these rights, please submit a request to our legal team via our contact channels. We respond to all validated requests within 30 calendar days at no charge to the requestor.
5. Data Retention Policies
We believe in data minimization. Your personal data is kept strictly within our records only for the period necessary to deliver customer order fulfillment, resolve dispute requirements, or meet statutory legal obligation durations:
- Store Customer Profile: Stored securely as long as you maintain an active account on the site.
- Financial & Transaction Records: Retained for 7 years post-purchase, complying with official tax reporting audits and legal regulations.
- Marketing Tastes & Cookies: Stored for 2 years or until you actively opt-out, clear browser caches, or withdraw consent.
6. Third Parties and International Transfers
To provide full global delivery, your data is shared with essential operational partners:
- Courier Partners: Standard carriers (DHL, FedEx, UPS) to organize precise international home delivery of luxury fashion items.
- Payment Providers: Highly secure gateways (Stripe, PayPal) that process credit cards natively. We never view or store raw credit card numbers.
- Cloud Infrastructure: High-performance server hosts (Vercel, secure databases) protecting all storefront instances.
In cases where personal records must be transferred to servers located outside the EEA, we enforce stringent safety measures—including European Commission Standard Contractual Clauses (SCCs)—to guarantee an equivalent tier of defense.
7. Data Protection Office Contact
Should you have any inquiries regarding data protection policies, desire to update your user data, or wish to invoke your user rights, please get in touch with our legal representatives. Since our contact emails are being set up, you can currently submit support and legal requests directly using our primary contact form:
Mikali Sapani legal team
Primary Portal: Use the "Get in touch" contact form in our homepage footer.
Temporary contact email: mikali.sapani@mikalisapani.com (Active soon)