Privacy Policy

1. Who we are and scope of this Notice

Alisha (“we”, “us”, “our”) operates the website msalishab.com (“Site”). This Privacy Policy explains how we collect, use, disclose, transfer, and safeguard personal data when you visit or interact with the Site or communicate with us. We act as the “controller” for personal data we process about visitors and users of the Site.

By using the Site, you acknowledge that your personal data will be processed as described in this policy and in accordance with applicable laws, including the EU/EEA General Data Protection Regulation (GDPR), the UK GDPR and Data Protection Act 2018, and relevant United States state privacy laws such as the California Consumer Privacy Act as amended by the CPRA (CCPA/CPRA).

2. Contact details

Controller: Alisha

General privacy contact: privacy@msalishab.com

Data Protection Officer: dpo@msalishab.com

3. Personal data we collect

The personal data we collect depends on how you use the Site and interact with us. We may collect:

  • Identification and contact data: name, email address, phone number, postal address (if you choose to provide it), and similar identifiers.
  • Account and profile data: username, password, preferences, and settings (if account features are offered).
  • Communications data: content of messages you send us (e.g., via contact forms or email), support inquiries, and related metadata.
  • Transaction data: records of purchases or paid services (if available), billing details, and necessary payment confirmations handled through secure payment processors.
  • Device and usage data: IP address, device identifiers, browser type, operating system, referring URLs, pages viewed, links clicked, time stamps, session duration, and general location derived from IP.
  • Cookies and similar technologies data: information collected through cookies, pixels, tags, and local storage as described in Section 5.
  • User-generated content: comments, reviews, feedback, and submissions you choose to provide.
  • Public and third‑party sources: information from service providers (e.g., analytics or security vendors), partners, or publicly available sources where permitted by law.

We do not intentionally collect sensitive personal data unless you voluntarily provide it and it is necessary for a specific purpose disclosed to you.

4. Purposes of processing

We use personal data for the following purposes:

  • Providing and operating the Site, content, and features.
  • Responding to inquiries, providing customer support, and communicating with you.
  • Personalizing content, remembering preferences, and improving user experience.
  • Analytics, research, and service improvement, including measuring the effectiveness of content and Site performance.
  • Marketing and newsletters with your consent or as otherwise permitted by law, including managing your subscription and opt-out preferences.
  • Security, fraud prevention, debugging, and protecting the integrity of the Site and our users.
  • Compliance with legal obligations, enforcing our terms, and establishing, exercising, or defending legal claims.
  • Facilitating transactions and providing paid services where offered, through secure third-party payment processors.

5. Cookies and similar technologies

We use cookies and similar technologies to operate and improve the Site. Cookies are small files stored on your device. Depending on your location, non-essential cookies will only be set with your consent.

Types of cookies we may use:

  • Strictly necessary: essential for Site functionality, security, and network management (e.g., session management, load balancing, fraud prevention).
  • Performance/analytics: help us understand how visitors use the Site (e.g., page views, traffic sources) to improve performance.
  • Functional: remember choices and preferences (e.g., language, region).
  • Advertising/targeting: may be used to deliver or measure ads and content relevance. Where applicable, you can opt out or withdraw consent for these cookies.

Cookie management: You can control cookies through your browser or device settings by blocking, deleting, or limiting cookies. Doing so may affect Site functionality. Where required by law, you can update your cookie preferences via the cookie consent interface displayed on the Site.

6. Legal bases for processing (EEA/UK)

Where GDPR/UK GDPR applies, we process personal data under one or more of the following legal bases:

  • Consent: for placing or reading non-essential cookies, sending direct marketing, and other activities requiring consent. You may withdraw consent at any time.
  • Contract: to provide services you requested and take steps at your request prior to entering into a contract.
  • Legal obligation: to comply with laws (e.g., tax, accounting, regulatory requirements, responding to lawful requests).
  • Legitimate interests: to operate, secure, and improve the Site; prevent fraud; and perform analytics and communications, provided such interests are not overridden by your rights and interests.

7. How we disclose personal data

We disclose personal data only as necessary for the purposes described above, including to:

  • Service providers acting on our instructions, such as hosting, security, analytics, customer support, email and newsletter services, payment processing, and professional advisors (e.g., legal, accounting).
  • Affiliates or successors in the event of a reorganization, merger, or transfer of assets, in which case personal data will remain protected consistent with this policy.
  • Authorities, regulators, or courts when legally required or to protect rights, safety, and property, or to enforce our terms.

We do not sell personal information. If we engage in activities considered “sharing” for cross-context behavioral advertising under applicable law, you may opt out as described in Sections 5 and 11.

8. International data transfers

We may transfer personal data to countries outside your country of residence, including to service providers located in jurisdictions that may not provide the same level of data protection. Where required, we implement appropriate safeguards such as the European Commission’s Standard Contractual Clauses and the UK International Data Transfer Addendum, conduct transfer risk assessments, and apply supplementary measures as necessary to protect your data.

9. Retention of personal data

We retain personal data only for as long as needed for the purposes described in this policy, and as required by law. Typical retention periods are:

  • Account/profile data: for the life of the account and up to 3 years after closure.
  • Communications and support records: up to 2 years after resolution.
  • Marketing and newsletter data: until you opt out or after 3 years of inactivity, whichever occurs first.
  • Transaction and billing records: 7 years (or longer if required by tax/accounting law).
  • Security and audit logs: 12 months unless needed longer for investigations.
  • Cookies: per their specific expiration or until you delete them or withdraw consent.
  • Legal claims: as necessary to establish, exercise, or defend claims, typically until resolution plus applicable limitation periods.

10. Your rights (EEA/UK and similar jurisdictions)

Subject to legal limitations, you may have the right to:

  • Access your personal data and receive a copy.
  • Request correction of inaccurate or incomplete data.
  • Request deletion of your data.
  • Restrict or object to certain processing, including processing based on legitimate interests and direct marketing.
  • Data portability, to receive your data in a structured, commonly used, machine-readable format and transmit it to another controller.
  • Withdraw consent at any time where processing is based on consent.
  • Lodge a complaint with a supervisory authority if you believe your rights have been violated.

To exercise rights, see Section 11.

11. U.S. state privacy disclosures (including California)

For residents of California and certain other U.S. states with similar laws, the following applies:

  • Categories of personal information collected: identifiers (e.g., name, email, IP address), internet/usage information, commercial information related to transactions, and inferences drawn from usage data.
  • Sources: directly from you; automatically from your device and interactions with the Site; and from service providers.
  • Business/commercial purposes: as described in Section 4.
  • Disclosure for business purposes: to service providers as described in Section 7.
  • Sale/share: We do not sell personal information. If advertising cookies or similar technologies constitute “sharing” for cross-context behavioral advertising, you may opt out by rejecting advertising cookies via the cookie consent interface and by contacting privacy@msalishab.com with the subject “Opt-Out of Sharing”.
  • Your rights: to know/access, correct, delete, opt out of sale/share, limit the use/disclosure of sensitive personal information (if collected), and be free from discrimination for exercising your rights.
  • Verification: We will verify your request using information you provide and our records. You may designate an authorized agent to act on your behalf if you provide appropriate authorization.
  • Response times: We will respond to verifiable consumer requests within applicable statutory timeframes.

12. Data security

We implement appropriate technical and organizational measures to protect personal data, including encryption in transit, access controls, least-privilege access, secure configurations, monitoring, and staff awareness measures. No method of transmission or storage is completely secure; we continuously assess and improve our safeguards.

13. Children’s privacy

The Site is not intended for children under 16, and we do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, contact privacy@msalishab.com and we will take appropriate steps to remove the information.

14. Automated decision-making and profiling

We do not engage in automated decision-making that produces legal or similarly significant effects on you. We may use limited profiling or segmentation for analytics and to tailor communications, where permitted by law and subject to your rights (including the right to object or withdraw consent where applicable).

15. Your choices and how to exercise your rights

  • Access, correction, deletion, restriction, objection, portability: Email privacy@msalishab.com and describe your request and the jurisdiction you are writing from.
  • Marketing preferences: You can opt out of marketing emails by using any unsubscribe instruction included in our emails or by emailing privacy@msalishab.com.
  • Cookies: Use your browser/device settings to manage cookies and, where available, the cookie consent interface shown on the Site.
  • EEA/UK: You may lodge a complaint with your local data protection authority. We encourage you to contact us first.

We may ask for additional information to verify your identity and to help locate the data we hold about you. We will respond within the timelines required by applicable law.

16. Third-party services and links

The Site may include content or features from third parties. Their processing of personal data is governed by their own privacy policies. We do not control and are not responsible for the privacy practices of third-party websites or services.

17. International users

Your personal data may be processed in the country where you live or in other countries where our service providers operate. We will handle your data as described in this policy and apply appropriate safeguards where required by law.

18. How we update this Privacy Policy

We may modify this Privacy Policy to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will update the “Effective date” below and, where appropriate, provide additional notice (such as a prominent notice on the Site). Your continued use of the Site after an update constitutes acceptance of the revised policy.

19. Contact the Data Protection Officer

If you have questions about this Privacy Policy or our data practices, or if you wish to exercise your rights, you can contact our Data Protection Officer at dpo@msalishab.com.

20. Effective date

Version: 1.0

Effective date: 22 December 2025

About The Editorial Team Terms of Service Legal Notice Privacy Policy Sitemap Contact
© 2026 Alisha