Privacy policy

Last updated: February 17, 2026

Esho FZC (“we”, “us”, “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, transfer, and store personal data when you visit or use our website esho.ae (the “Site”), create an account, place an order, subscribe to communications, or otherwise interact with us (collectively, the “Services”).

This Privacy Policy is intended to align with applicable data protection laws, including the UAE Personal Data Protection Law (PDPL).

By using the Services, you acknowledge that you have read and understood this Privacy Policy.

1) Scope

This Privacy Policy applies to personal data we process in connection with: Your use of the Site and its features Account registration and login Purchases, checkout, delivery, returns, and customer support Marketing communications (where you opt in) Promotions, surveys, and events (if any) Interactions with our ads, social pages, and third-party platforms (where applicable).

2) What We Mean by “Personal Data”

“Personal data” means information that identifies you or can reasonably be linked to you, such as your name, email address, phone number, address, device identifiers, and online activity data.

3) Sources of Personal Data

We may collect personal data from:

You directly (forms, checkout, account creation, support emails)
Automatically (cookies, pixels, device and usage data)
Third parties (payment providers, delivery partners, analytics/advertising platforms, social login providers if used)

4) Categories of Personal Data We Collect

Depending on how you interact with us, we may collect:

A. Identity & Contact Data

Name, email address, phone number, billing/shipping address

B. Account Data

Username, password (stored in encrypted/hashed form where applicable), login tokens, account preferences

C. Transaction & Payment Data

Order history, purchase status, invoices/receipts, payment confirmation
Note: We do not store full card details. Payment is handled by certified payment providers.

D. Customer Support Data

Messages you send us, support requests, feedback, and any information you choose to share

E. Technical & Usage Data

IP address, browser type, device type, operating system, language settings
Pages viewed, clicks, session time, referrer/exit pages, approximate location derived from IP

F. Marketing & Communications Data

Subscription status, preferences, campaign engagement (opens/clicks), ad interaction signals (where enabled)

Sensitive Personal Data

We do not intentionally collect sensitive personal data (e.g., health, biometrics, religion). Please do not submit sensitive data to us via forms or email.

5) How We Use Your Personal Data

We use personal data to:

Provide the Services

Create and manage accounts, process orders, deliver items/services, handle returns/refunds (where applicable)

Communicate with You

Confirmations, service messages, support responses, operational updates

Improve and Secure the Site

Troubleshooting, analytics, performance optimization, fraud detection, security monitoring

Marketing (where permitted)

Send newsletters and promotions (only where you opt in or where otherwise legally permitted)
Show relevant ads and measure campaign performance (where cookies/consents apply)

Compliance and Legal Protection

Meet legal obligations, respond to lawful requests, enforce our terms, protect rights and safety

6) Legal Bases for Processing (GDPR / similar principles)

Where GDPR applies, we process personal data based on:

Contract: to provide what you requested (account, checkout, delivery, support)
Legitimate interests: to run, improve, and secure our business (balanced with your rights)
Consent: for marketing emails and non-essential cookies (where required)
Legal obligation: to meet tax, accounting, regulatory, or lawful request requirements

You may withdraw consent at any time (e.g., unsubscribe from marketing).

7) Cookies and Similar Technologies

We use cookies, pixels, and similar technologies to:

Keep the Site working properly (e.g., sessions, cart)
Understand usage and improve performance
Measure marketing and advertising effectiveness (where enabled)

Cookie Controls

You can manage cookies through:

Your browser settings (block/delete cookies)
Any cookie banner/preferences tool on the Site (if implemented)

Blocking cookies may affect Site functionality.

“Do Not Track”

Some browsers offer “Do Not Track.” Our Site may not respond to all DNT signals.

8) How We Share Personal Data

We do not sell your personal data.

We may share personal data with trusted third parties only as needed to operate the Services, such as:

Payment processors (to process payments securely)
Shipping/logistics partners (to deliver orders)
Customer support tools (ticketing, communications)
Website/hosting and IT providers (infrastructure, email delivery, security)
Analytics and advertising partners (where used and where permitted by law/cookie settings)
Professional advisors (legal, accounting, audit) where necessary

We may also disclose data:

If required by law, court order, or government request
To protect rights, safety, prevent fraud, or enforce our terms
As part of a corporate transaction (restructuring, merger, acquisition), subject to appropriate safeguards

9) International Data Transfers

Our service providers may process data outside the UAE (for example, where cloud infrastructure is located). When we transfer personal data internationally, we take reasonable steps to ensure appropriate safeguards are in place, such as contractual protections and security measures.

If GDPR applies, transfers may rely on recognized mechanisms such as Standard Contractual Clauses (SCCs) or equivalent safeguards.

10) Data Retention

We keep personal data only as long as necessary for:

Providing the Services
Legal, accounting, and compliance obligations
Resolving disputes and enforcing agreements

Typical examples:

Account data: retained until you request deletion (subject to legal retention needs)
Transaction records: retained as required for tax/accounting/compliance
Marketing data: retained until you unsubscribe or withdraw consent

11) Data Security

We use reasonable administrative, technical, and organizational measures to protect personal data, such as:

Encrypted transmission (SSL/TLS)
Access controls and least-privilege access
Reputable hosting and security monitoring (where applicable)

No system is 100% secure. Please protect your account credentials and contact us if you suspect unauthorized access.

12) Your Rights

Depending on your location and applicable law (including UAE PDPL and, where relevant, GDPR), you may have the right to:

Request access to your personal data
Request correction of inaccurate data
Request deletion (subject to legal exceptions)
Request restriction of processing
Object to certain processing (e.g., direct marketing)
Request data portability (where applicable)
Withdraw consent at any time (where processing is based on consent)

To exercise your rights, contact us at esho.esho.world@gmail.com.
We may ask for verification to protect your data.

13) Children’s Privacy

Our Services are not intended for children. We do not knowingly collect personal data from children. If you believe a child has provided personal data to us, contact us and we will take appropriate steps.

14) Third-Party Links

The Site may contain links to third-party websites or platforms. We are not responsible for their privacy practices. Please review their policies before providing personal data.

15) Changes to This Privacy Policy

We may update this Privacy Policy from time to time for operational, legal, or regulatory reasons. We will post the updated version on the Site and revise the Effective Date. Your continued use of the Services means you accept the updated policy.