Privacy policy

1. Data Controller

Christina Knapp FZCO
Trade License Number: 37137
Building A1, Dubai Digital Park
Dubai Silicon Oasis
Dubai, United Arab Emirates

Email: info@theshirins.com
Phone: +49 171 7076726

We are the controller of your personal data within the meaning of applicable data protection laws.

2. Scope of Application

This Privacy Policy applies to:

  • Visitors of our website

  • Clients and prospective clients

  • Users of our online galleries

  • Individuals contacting us

We comply with applicable UAE data protection law and, where applicable, the EU General Data Protection Regulation (GDPR).

3. Data We Collect

We may collect the following categories of data:

  • Name

  • Email address

  • Phone number

  • Wedding / event details

  • Billing information

  • IP address

  • Browser and device information

  • Communication history

  • Contractual data

4. How We Collect Data

We collect data when you:

  • Use our contact form

  • Send us an email

  • Book our services

  • Sign a contract

  • Access client galleries

  • Browse our website

5. Legal Basis for Processing (EU Residents)

If you are located in the EU, we process data based on:

  • Art. 6(1)(a) GDPR – Consent

  • Art. 6(1)(b) GDPR – Contractual necessity

  • Art. 6(1)(c) GDPR – Legal obligation

  • Art. 6(1)(f) GDPR – Legitimate interest

6. Website Hosting & Infrastructure

Our website is created using Squarespace.

Our domain and hosting services are provided by Webhoster.de.

When you access our website, server log files may automatically collect:

  • IP address

  • Date and time of request

  • Browser type

  • Operating system

  • Referrer URL

This data is processed for security and technical stability.

Legal basis (EU): Art. 6(1)(f) GDPR – legitimate interest.

7. Google Analytics

We use Google Analytics to analyze website usage.

Google Analytics uses cookies that allow analysis of your website usage.

We use Google Analytics only with prior consent via our cookie banner (EU visitors).

Data processed may include:

  • IP address (anonymized where applicable)

  • Pages visited

  • Session duration

  • Device information

Data may be transferred to the United States.

Legal basis (EU): Art. 6(1)(a) GDPR – consent.

You may withdraw consent at any time via cookie settings.

8. Meta Pixel

We may use the Meta Pixel provided by Meta for advertising and remarketing purposes.

The Meta Pixel allows tracking of user behavior after clicking on advertisements.

Data may include:

  • IP address

  • Browser data

  • Pages visited

  • Interaction behavior

Processing occurs only after consent (EU users).

Data may be transferred outside the EU.

Legal basis (EU): Art. 6(1)(a) GDPR – consent.

9. Client Galleries (Pic-Time)

We use Pic-Time to deliver online galleries.

When accessing galleries, the following data may be processed:

  • Name

  • Email address

  • IP address

  • Access timestamps

  • Purchase information (if applicable)

Legal basis:

  • Art. 6(1)(b) GDPR – contract performance

  • Art. 6(1)(f) GDPR – legitimate interest

Pic-Time may process data outside the EU.

10. Invoicing and Accounting

For contractual and legal purposes, we process billing information such as:

  • Name

  • Address

  • Email address

  • Invoice details

  • Payment status

This processing is necessary for contract fulfillment (Art. 6(1)(b) GDPR) and to comply with legal retention obligations (Art. 6(1)(c) GDPR).

Invoices and related documents are stored in accordance with applicable tax and commercial retention requirements.

11. International Data Transfers

As a company established in the United Arab Emirates, personal data may be processed outside the European Union.

Where the GDPR applies, we ensure appropriate safeguards for international data transfers, including:

  • Standard Contractual Clauses (SCCs), where applicable

  • Contractual data protection agreements with service providers

  • Appropriate technical and organizational security measures

12. Data Retention

We retain personal data only as long as necessary for:

  • Contract fulfillment

  • Legal and tax obligations

  • Business documentation purposes

Once the data is no longer required, it will be securely deleted or anonymized.

13. Your Rights (EU Residents)

If you are located in the European Union, you have the right to:

  • Access your personal data

  • Rectify inaccurate data

  • Request erasure of data (where legally permissible)

  • Restrict processing

  • Object to processing

  • Data portability

  • Withdraw consent at any time

  • Lodge a complaint with a supervisory authority

To exercise your rights, please contact:
info@theshirins.com

14. Cookies

Our website uses cookies and similar technologies to ensure proper functionality and improve user experience.

Where legally required, non-essential cookies (e.g., analytics or marketing cookies) are only activated after your consent.

You can manage or withdraw your consent at any time through the cookie settings on our website.

15. Data Security

We implement appropriate technical and organizational measures to protect personal data against:

  • Unauthorized access

  • Loss or destruction

  • Alteration

  • Unlawful disclosure

Access to personal data is restricted to authorized persons only.

16. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes.

The current version will always be available on our website.