Privacy Policy

Effective date: 18th February 2026
Brand: IYMAA
Contact: clientconcierge@iymaa.com


1. Who we are

This Privacy Policy explains how IYMAA collects, uses, shares, and protects personal data when you visit our website, join our guest list, make a purchase, request an Atelier appointment, or contact us.

We aim to comply with applicable privacy and data protection requirements in the Kingdom of Saudi Arabia and the United Arab Emirates, including Saudi Arabia’s Personal Data Protection Law (PDPL) and the UAE’s Federal Decree Law No. 45 of 2021 on Personal Data Protection.


2. What we collect

Depending on how you interact with us, we may collect:

  • Identity and contact details: name, email, phone number, billing and delivery address

  • Purchase and appointment information: order details, sizing preferences (if provided), appointment requests, correspondence

  • Payment information: payment status and transaction references (payment card details are typically processed by our payment providers, not stored by us)

  • Technical and usage data: device type, browser, pages viewed, approximate location, cookies and similar tracking technologies

  • Marketing preferences: guest list sign ups, consent choices, email engagement


3. How we use your information

We use personal data to:

  • Provide and fulfil services: process orders, deliver items, manage returns and exchanges, confirm appointments

  • Operate and improve the site: performance, security, analytics, troubleshooting

  • Communicate with you: order updates, appointment follow up, customer support

  • Send brand communications: where you opt in, we share releases, collection updates, and guest list information

  • Protect the brand and customers: fraud prevention, misuse detection, legal compliance


4. Legal basis and lawful use

Where required, we process personal data on one or more of the following bases:

  • To perform a contract with you (for example, fulfilling an order)

  • To meet legal and regulatory obligations

  • For our legitimate interests (for example, improving the website, preventing fraud), balanced against your rights

  • With your consent (for example, marketing emails, certain cookies)


5. Sharing your information

We may share personal data with trusted third parties only as needed to operate the brand, including:

  • Payment processors and fraud prevention partners

  • Shipping and logistics providers

  • Website and e-commerce platforms

  • Email and customer support tools

  • Professional advisors (legal, accounting) and regulators where required

We do not sell personal data.


6. International transfers

Because our partners, servers, and service providers may be located in different countries, your personal data may be transferred across borders. Where required, we take steps designed to ensure appropriate safeguards for cross border transfers under applicable laws.


7. Retention

We keep personal data only for as long as necessary for the purposes described above, including order fulfilment, aftercare, compliance, and dispute handling, then securely delete or anonymise it.


8. Your rights

Subject to applicable law, you may have rights to:

  • Request access to personal data we hold about you

  • Request correction, deletion, or restriction of processing

  • Withdraw consent for marketing at any time (unsubscribe links are included in emails)

  • Object to certain processing

  • Request information about data sharing and transfers

To exercise rights, contact clientconcierge@iymaa.com. We may request verification to protect your privacy.


9. Cookies policy

We use cookies and similar technologies to operate the site and understand how it is used. Cookies may include:

  • Strictly necessary cookies required for the site to function

  • Analytics cookies to measure performance and improve experience

  • Marketing cookies to support advertising and retargeting (where enabled)

You can manage cookies through your browser settings and, where available, our cookie preference tools. Disabling certain cookies may affect site functionality.


10. Security

We apply reasonable administrative, technical, and physical safeguards designed to protect personal data. No system is completely secure, but we work to prevent unauthorised access, alteration, or loss.


11. Children

Our website is not intended for children. If you believe a child has provided personal data, contact us and we will take appropriate steps.


12. Changes to this policy

We may update this Privacy Policy from time to time. The latest version will be posted on our website with an updated effective date.