How GHOHARY collects, uses, stores, and protects your information — written to comply with EU GDPR, the UK Data Protection Act 2018, and UAE Federal Decree-Law No. 45/2021.
GHOHARY (“we”, “us”, “our”) operates the website at www.ghohary.com and our atelier in Al Wahda, Dubai. We are the data controller for personal information collected through this site.
Privacy enquiries: WhatsApp or email s.ghohary@gmail.com.
When you place an order, create an account, contact our atelier, or interact with our site, we may collect: your name, email address, telephone number, shipping and billing address, country of residence, order history, communication preferences, and a reference to your payment method.
Stripe processes and stores card details directly — we never see or store full card numbers.
We also collect technical information automatically (IP address, device type, pages viewed) for security and analytics.
Under Article 6 GDPR, we rely on the following lawful bases:
We use your information to fulfil orders, arrange delivery, communicate about your purchase, respond to enquiries, prevent fraud, comply with legal obligations, and (with your consent) send occasional updates about new collections and atelier events.
We do not use automated decision-making or profiling that produces legal effects.
We share information only with the service providers required to operate our business, under written contracts that restrict their use of your data:
We do not sell, rent, or trade your personal information.
Some of our service providers operate outside the UAE and the European Economic Area. Where personal data is transferred to a country without an adequacy decision, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, or equivalent safeguards under UAE and UK law.
We retain personal data only as long as necessary for the purpose it was collected:
Subject to applicable law, you have the right to: access the personal data we hold about you, correct inaccuracies, request erasure, restrict or object to processing, request portability of your data, and withdraw any consent you have given.
Contact us on WhatsApp. We will respond within thirty (30) days.
EEA and UK customers may lodge a complaint with their local supervisory authority — for example the Irish Data Protection Commission (dataprotection.ie), the French CNIL (cnil.fr), or the UK ICO (ico.org.uk). UAE residents may contact the UAE Data Office (uaedataoffice.gov.ae).
Our cookie banner asks for consent before any non-essential cookie is placed. Strictly necessary cookies (cart state, currency selection, authentication) are required for the site to function and do not require consent.
You can change preferences at any time via the “Cookie Preferences” link in our footer.
We use industry-standard safeguards: TLS encryption in transit, encrypted storage at rest where applicable, restricted team access, and regular security review of our service providers.
No system is perfectly secure. If we ever discover a breach affecting your data, we will notify you and the relevant supervisory authority within seventy-two (72) hours, as required by GDPR Article 33.
GHOHARY does not knowingly collect personal data from anyone under sixteen (16) years of age. If you believe a minor has provided us with personal information, contact us on WhatsApp and we will delete it.
We may update this policy from time to time. Material changes will be communicated by email to registered customers and shown as a banner on the site for thirty (30) days.
Privacy & general enquiries: WhatsApp or email s.ghohary@gmail.com. Our terms and conditions form part of this policy.
Last updated · 6 May 2026