1. Introduction to GDPR Compliance

The General Data Protection Regulation (GDPR) is a data protection law that governs how personal data of individuals in the European Economic Area (EEA) is collected, processed, and stored.

At NextWave Fashions Ltd, we are committed to protecting the privacy and rights of our users, including those located within the EEA. This page outlines how we comply with GDPR requirements and safeguard personal data.

2. Data Controller Information

For the purposes of GDPR, NextWave Fashions Ltd acts as the Data Controller, responsible for determining how and why personal data is processed.

We are responsible for ensuring that your personal data is handled in accordance with applicable data protection laws.

3. Personal Data Collected

We may collect and process the following categories of personal data:

  • Identity Data: Name
  • Contact Data: Email address, phone number
  • Transaction Data: Purchase history, payment status
  • Technical Data: IP address, device type, browser information
  • Behavioral Data: Browsing activity, product views, cart interactions

4. Legal Basis for Processing

We process personal data under the following lawful bases:

  • Consent: When you provide explicit permission
  • Contractual Necessity: To process and fulfill your orders
  • Legal Obligations: To comply with applicable laws
  • Legitimate Interests: To improve services, prevent fraud, and enhance user experience

5. User Rights Under GDPR

If you are located in the EEA, you have the following rights:

  • Right to access your personal data
  • Right to rectify inaccurate or incomplete data
  • Right to erasure (“Right to be Forgotten”)
  • Right to restrict processing
  • Right to data portability
  • Right to object to data processing
  • Right to withdraw consent at any time

To exercise these rights, please contact us using the details below.

6. Consent Management

We ensure clear and transparent consent mechanisms for:

  • Cookies and tracking technologies
  • Marketing communications

Users can:

  • Opt in before non-essential data collection
  • Withdraw consent at any time

7. Data Processing Activities

We process personal data for the following purposes:

  • Order processing and fulfillment
  • Customer support services
  • Marketing and communication
  • Website analytics and performance tracking

8. Data Sharing with Third Parties

We may share personal data with trusted third parties, including:

  • Payment processors
  • Shipping and logistics providers
  • Marketing and analytics platforms

All third-party partners are required to comply with GDPR or equivalent data protection standards.

9. International Data Transfers

Your data may be transferred and processed outside the EEA.

We implement appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs)
  • Secure data processing agreements

to ensure your data remains protected.

10. Data Retention Period

We retain personal data only for as long as necessary to:

  • Fulfill contractual obligations
  • Meet legal and regulatory requirements
  • Support legitimate business operations

11. Data Security Measures

We implement robust security measures, including:

  • Encryption technologies
  • Secure hosting infrastructure
  • Restricted access controls
  • Continuous monitoring and system updates

12. Data Breach Notification

In the event of a data breach:

  • Affected users will be notified where required by law
  • Notifications will be made in a timely manner in accordance with GDPR obligations

13. Data Protection Officer (DPO)

If a Data Protection Officer (DPO) is appointed, their contact details will be provided here.

If no DPO is appointed, users may contact our support team for all data protection inquiries.

14. Automated Decision-Making and Profiling

We may use automated processes for:

  • Product recommendations
  • Personalized marketing

However:

  • No significant decisions affecting users are made solely through automated processing
  • Human oversight is maintained where necessary

15. Cookies and Tracking Compliance

We use cookies only after obtaining user consent (where required).

Users can:

  • Accept or reject non-essential cookies
  • Manage preferences at any time

For more details, please refer to our Cookie Policy.

16. Complaints and Supervisory Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a relevant EU data protection authority.

We encourage users to contact us first so we can resolve concerns promptly.

17. Ecommerce Data Usage Clause

We use customer data responsibly for:

  • Personalized product recommendations
  • Style and trend suggestions
  • Improving shopping experience

We do not misuse personal styling preferences or sensitive data.

18. Policy Updates

We may update this GDPR Compliance page periodically to reflect changes in regulations or business practices.

Updates will be posted on this page.

19. Contact Information

For GDPR-related inquiries or to exercise your rights:

Website:nextwavefashions.com 

Email: support@nextwavefashions.com
Address: B19, PAPERMILL QUARTERS, JEBBA,KWARA STATE, NIGERIA