PRIVACY POLICY

AWIPRISES SPORTS (PVT) LTD

Introduction and Scope of Policy
This Privacy Policy governs the manner in which AWIPRISES SPORTS (PVT) LTD collects, processes, stores, protects, and discloses information obtained from clients, business partners, and visitors to its website and digital communication platforms. The purpose of this Policy is to provide transparent disclosure regarding data handling practices in connection with apparel manufacturing services, international shipping coordination, and business communications.
This Policy applies to all individuals and entities interacting with the Company, including website visitors, inquiry form users, international clients, vendors, and commercial representatives. It covers data collected through official websites, email correspondence, messaging applications, phone communication, digital advertisements, and any other direct or indirect commercial engagement channels.
By accessing the Company’s website or entering into commercial relations, the user acknowledges that information may be processed in accordance with the practices described herein. This Policy operates in conjunction with the Company’s Terms & Conditions and governs data privacy aspects of all transactions.
The Company is committed to ensuring that personal and business information is handled responsibly, lawfully, and proportionately, consistent with international data protection principles and applicable regulatory standards.

Definitions and Interpretation
For the purpose of clarity and legal precision, certain terms used within this Privacy Policy shall carry defined meanings. “Company” refers to AWIPRISES SPORTS (PVT) LTD, including its authorized representatives, employees, and affiliated offices. “Client” refers to any individual or entity engaging the Company for apparel manufacturing services or commercial interaction.
“Personal Data” refers to any information relating to an identified or identifiable individual, including but not limited to name, contact details, IP address, and communication records. “Business Data” refers to company-related information such as brand names, shipping addresses, tax documentation, and commercial correspondence.
“Processing” refers to any operation performed on data, whether automated or manual, including collection, storage, organization, retrieval, modification, transmission, or deletion. “Website” refers to the official online presence of the Company and any subdomains or digital portals controlled by it.
These definitions are intended to ensure consistent interpretation of the Policy and to prevent ambiguity in understanding rights and obligations relating to data handling practices.

Categories of Data Collected
The Company may collect various categories of information necessary for operational, commercial, and legal purposes. Such data may include contact information such as full name, company name, email address, telephone number, and business address provided during inquiry submissions or order placement.
In connection with manufacturing services, the Company may receive technical documentation including artwork files, brand logos, size charts, garment specifications, labeling instructions, packaging preferences, and shipping details. These materials are processed solely for order fulfillment and quality execution.
The Company may also collect communication data generated through emails, phone calls, messaging platforms, or social media channels for coordination and record-keeping. Additionally, website usage data may be collected automatically through cookies and analytics tools, including IP address, browser type, device information, and browsing behavior patterns.
The Company does not intentionally collect sensitive personal information such as financial card numbers, biometric data, or government identification numbers unless required for legitimate legal compliance. Data collection remains limited to information necessary for defined business functions.

Methods of Data Collection
Data may be collected directly from users when they submit inquiry forms, request quotations, place orders, or communicate with Company representatives through official channels. Information may also be provided voluntarily during contract negotiation, shipping coordination, or payment processing activities.
Automated data collection may occur through website cookies, server logs, and third-party analytics services that record technical interaction details. Such automated mechanisms are used strictly to enhance website functionality, improve user experience, and analyze general traffic trends rather than to conduct intrusive profiling.
In certain circumstances, data may be obtained through publicly available business sources, such as professional directories or trade exhibition records, for the purpose of legitimate commercial outreach.
The Company does not employ covert data collection practices. All data gathering activities are conducted transparently and in connection with legitimate operational objectives. Users retain the ability to limit certain automated tracking features through browser settings and privacy controls.

Purpose of Data Processing
AWIPRISES SPORTS (PVT) LTD collects and processes data strictly for defined, legitimate, and proportionate business purposes. Information obtained from clients and website visitors is used primarily to facilitate apparel manufacturing services, respond to inquiries, generate quotations, coordinate production schedules, and manage international shipping arrangements.
Data may also be processed for internal administrative functions including order tracking, financial record maintenance, tax compliance, quality control documentation, and communication history management. Where users subscribe to updates or voluntarily engage with promotional materials, their contact information may be used for relevant business communication.
The Company does not use collected information for unrelated commercial exploitation or resale to external marketing databases. Each data category is processed in alignment with a specific operational objective, and no excessive or unnecessary processing is conducted.
The guiding principle of data use within the Company is functional necessity. Data is handled only to the extent required to execute contractual obligations, maintain professional communication, and comply with applicable legal and regulatory requirements.

Legal Basis for Processing
The Company processes data under recognized legal grounds consistent with international data protection standards. Where a client places an order or requests a quotation, data processing is based on the performance of a contractual relationship or pre-contractual commercial engagement.
In circumstances involving marketing communication or newsletter subscription, processing may be based on user consent. Such consent may be withdrawn at any time through formal communication with the Company.
Certain data processing activities are conducted to comply with legal obligations, including tax documentation, export compliance, customs declarations, and financial record retention under applicable commercial laws.
Additionally, the Company may rely on legitimate business interest as a lawful basis for maintaining client communication, improving operational efficiency, and securing its digital infrastructure.
The Company ensures that all processing activities are justified by at least one lawful basis and are conducted in a fair, transparent, and proportionate manner.

Data Sharing and Third-Party Disclosure
AWIPRISES SPORTS (PVT) LTD does not sell, rent, or trade personal or business data to third parties for independent commercial use. However, limited disclosure may be necessary to fulfill contractual obligations and ensure smooth operational execution.
Data may be shared with logistics providers, customs clearance agents, freight forwarders, and courier services for the purpose of international shipping coordination. Financial information required for payment processing may be shared with banking institutions or authorized financial intermediaries.
Where website hosting, analytics services, or IT infrastructure providers are engaged, limited technical data may be processed under strict confidentiality arrangements. Such service providers are contractually required to maintain appropriate data protection standards.
Disclosure may also occur where required by law, regulatory authority, or court order. In all cases, data sharing is limited to what is necessary and proportionate to the intended purpose.

International Data Transfers
As an international apparel manufacturing organization operating from Pakistan with a registered presence in the United Kingdom, the Company may process and transfer data across national borders. Client information may be stored or accessed in jurisdictions where the Company or its service providers operate.
Cross-border data transfer may occur in connection with production coordination, logistics management, customs documentation, financial processing, and digital communication systems.
The Company takes reasonable measures to ensure that international data transfers are conducted securely and in accordance with applicable legal standards. Where required, appropriate contractual safeguards or confidentiality undertakings are implemented to maintain data protection integrity.
By engaging in commercial interaction with the Company, users acknowledge that data transfer may occur internationally as necessary for order fulfillment and business operations.

Data Retention Policy
The Company retains personal and business data only for as long as necessary to fulfill the purpose for which it was collected. Retention periods may vary depending on the nature of the information and applicable legal obligations.
Financial records, invoices, and transaction documentation may be retained for statutory periods required under tax and commercial laws. Production specifications and order histories may be retained for quality reference and future repeat orders.
Communication records may be stored for operational continuity and dispute resolution purposes. Once data is no longer required for legitimate business or legal purposes, it is securely deleted, anonymized, or archived in a controlled manner.
The Company does not retain personal data indefinitely without purpose. Retention decisions are guided by necessity, legal compliance, and risk management considerations.

Data Security Measures
The Company implements reasonable administrative, technical, and physical safeguards to protect data from unauthorized access, misuse, alteration, or loss. Access to sensitive business information is restricted to authorized personnel who require such access for legitimate operational duties.
Digital systems are protected through password controls, secure communication channels, and internal access limitations. Financial transactions are conducted through recognized banking institutions rather than unsecured digital platforms.
Physical documents containing confidential information are stored in controlled environments with restricted access. While no system can guarantee absolute security, the Company continuously evaluates its procedures to minimize risks and strengthen protective mechanisms.
Employees are expected to adhere to internal confidentiality standards and may be subject to disciplinary action in case of unauthorized disclosure.

Confidentiality of Designs and Business Information
Given the nature of apparel manufacturing, clients frequently share proprietary design files, technical packs, artwork, branding concepts, and market strategies. The Company recognizes the commercial sensitivity of such materials and treats them as confidential business information.
Design files are processed solely for the purpose of manufacturing and quality execution. The Company does not reproduce, distribute, or reuse client designs for independent commercial gain without explicit written authorization.
Access to design materials is limited to personnel directly involved in production processes. Where third-party service providers are engaged, disclosure is restricted to necessary technical execution under confidentiality expectations.
This commitment to confidentiality extends beyond the completion of an individual order and remains part of the Company’s ongoing professional responsibility.

Cookies and Tracking Technologies
The Company’s website may use cookies and similar tracking technologies to enhance user experience, analyze traffic patterns, and improve functionality. Cookies are small data files stored on a user’s device to remember preferences and enable smoother navigation.
Information collected through cookies may include browser type, device information, approximate geographic location, and pages visited. Such data is used for analytical purposes and website optimization rather than for intrusive behavioral profiling.
Users may adjust browser settings to restrict or disable cookies. However, certain website features may not function optimally if cookies are disabled.
The Company does not deploy cookies for unauthorized surveillance or cross-platform tracking. Cookie usage is limited to legitimate operational and analytical objectives.

Marketing Communication Policy
AWIPRISES SPORTS (PVT) LTD may use contact information provided by clients or website visitors to share relevant business communication, including order updates, new service offerings, trade exhibition participation, and industry-related announcements. Such communication is conducted in a professional and non-intrusive manner.
Marketing messages are limited to content reasonably related to apparel manufacturing services and business collaboration opportunities. The Company does not engage in aggressive promotional practices or unsolicited bulk messaging.
Where required under applicable regulations, marketing communication is based on user consent. Individuals may withdraw consent or opt out of promotional messages at any time by contacting the Company through official channels.
Transactional communication relating to order processing, invoicing, or shipment updates shall not be considered marketing and may continue as necessary for contractual performance.
The Company respects communication boundaries and aims to maintain professional relevance in all outbound correspondence.

Payment Information Handling
The Company prioritizes financial security in all commercial transactions. Payments are conducted primarily through secure banking channels, and the Company does not intentionally collect or store sensitive credit card data through its website.
Where banking details are required for invoicing or payment confirmation, such information is used solely for financial processing and regulatory compliance. Access to financial documentation is restricted to authorized administrative personnel.
The Company does not retain full financial credentials beyond what is necessary for accounting and audit purposes. All payment-related communication is conducted through official and verified channels to reduce risk of fraud or impersonation.
Clients are encouraged to verify payment instructions directly with authorized Company representatives before initiating transfers. Financial data handling practices are structured to reduce exposure to cybersecurity risks while ensuring transparency and accountability.

Children’s Data Protection
The services offered by AWIPRISES SPORTS (PVT) LTD are intended for business entities and individuals engaged in commercial apparel manufacturing activities. The Company does not knowingly collect personal data from individuals under the age of sixteen or any age threshold defined by applicable data protection regulations.
If it becomes apparent that personal information belonging to a minor has been collected inadvertently, the Company shall take reasonable steps to delete such data promptly upon verification.
Parents or legal guardians who believe that a minor has submitted personal information to the Company may contact the Company through official communication channels to request review and deletion.
This section reinforces the Company’s commitment to responsible data practices and compliance with international standards regarding protection of minors.

Automated Decision-Making and Profiling
The Company does not engage in automated decision-making processes that produce legal or similarly significant effects on individuals. Data collected through the website or commercial communication channels is not used for automated profiling that determines eligibility, pricing discrimination, or service denial.
While basic analytics tools may generate aggregate statistical insights regarding website traffic or visitor behavior, such information is used solely for improving user experience and operational efficiency.
No algorithmic system independently makes decisions affecting contractual rights or obligations. All commercial decisions, including quotation approvals and production scheduling, are conducted by authorized human representatives.
This approach ensures transparency and fairness in business operations and avoids risks associated with opaque automated profiling practices.

Data Subject Rights
Depending on applicable jurisdiction, individuals may possess certain rights regarding their personal data. These rights may include the right to request access to stored information, request correction of inaccurate data, request deletion where legally permissible, or object to certain types of processing.
Requests for data access or modification must be submitted through official Company communication channels and may require identity verification to prevent unauthorized disclosure.
Where deletion is requested, the Company shall assess whether legal, contractual, or regulatory obligations require retention. If no such obligation exists, reasonable steps shall be taken to remove the data.
The Company aims to respond to legitimate data rights requests within a reasonable timeframe consistent with applicable regulatory standards.

Data Breach Notification Procedure
In the event of a data security incident resulting in unauthorized access, disclosure, or loss of personal data, the Company shall conduct an internal assessment to determine scope and impact.
Where legally required, affected individuals or relevant regulatory authorities shall be notified within a reasonable timeframe in accordance with applicable data protection laws.
The Company shall implement corrective measures to mitigate further risk and strengthen internal security protocols.
Although no digital system can guarantee complete immunity from cyber threats, the Company maintains proactive risk management practices and seeks to minimize potential impact of unforeseen incidents.

Internal Access Control and Staff Responsibility
Access to personal and business data within the Company is limited to employees and authorized personnel who require such access to perform legitimate operational duties.
Staff members handling sensitive information are expected to adhere to internal confidentiality standards and may be subject to contractual confidentiality obligations.
The Company maintains role-based access controls to reduce exposure to unnecessary data visibility. Administrative oversight ensures that information is not accessed or disclosed without proper authorization.
This structured internal control system reinforces accountability and reduces the risk of internal misuse or accidental disclosure.

Data Minimization and Proportionality Principle
The Company adheres to the principle of data minimization, meaning that only information necessary for defined operational purposes is collected and processed. Excessive or unrelated data is neither requested nor stored.
During inquiry or order placement, only information required for quotation, production coordination, and shipping is requested. Optional data fields are clearly distinguishable from mandatory fields where applicable.
This proportional approach ensures that privacy intrusion is minimized and aligns data handling practices with international regulatory expectations.
Data collection remains purpose-driven, structured, and commercially relevant.

Third-Party Links and External Platforms
The Company’s website may contain links to third-party platforms such as social media networks, trade exhibition pages, or external business directories.
This Privacy Policy applies exclusively to the Company’s own digital infrastructure and does not govern data handling practices of external websites.
Users accessing third-party links are encouraged to review the privacy policies of those platforms independently. The Company shall not be held responsible for content, security, or privacy practices of external websites beyond its control.
This clause clarifies the scope of responsibility and prevents misunderstanding regarding external digital environments.

Policy Updates and Contact Information
The Company reserves the right to revise or update this Privacy Policy periodically to reflect operational, regulatory, or technological changes. Updated versions shall be published on the official website with revised effective dates.
Continued use of the website or engagement in business activities following policy updates shall constitute acknowledgment of revised terms.
For privacy-related inquiries, data access requests, or policy clarification, individuals may contact: