Privacy Policy

Perfuma E-Commerce Platform

Website: https://perfumaessence.com/

Last Updated: January 2026

TABLE OF CONTENTS

  1. Introduction
  2. Information We Collect
  3. How We Use Your Information
  4. Legal Basis for Processing
  5. Data Sharing and Third Parties
  6. Data Security
  7. Data Retention
  8. Your Privacy Rights
  9. Children’s Privacy
  10. Cookies and Tracking Technologies
  11. Third-Party Content and Data Sources
  12. External Links
  13. International Data Transfers
  14. Changes to Privacy Policy
  15. Contact Information and Complaints

1. INTRODUCTION

1.1 Policy Overview

Perfuma (« we, » « us, » « our, » « Company ») is committed to protecting your privacy and ensuring you have a positive experience on our website https://perfumaessence.com/ (« Website »). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data in compliance with Moroccan law, particularly:

  • Law No. 09-08 on the Protection of Personal Data
  • Law No. 53-05 on the Electronic Exchange of Legal Data
  • Law No. 31-08 on Consumer Protection
  • Regulations of the Commission Nationale de Contrôle de la Protection des Données à Caractère Personnel (CNDP)

1.2 Scope

This Privacy Policy applies to:

  • Your use of the Website and all pages, services, and features
  • Your Account and interactions with our services
  • Information you provide directly or indirectly
  • Automatic information collected through technologies

This Privacy Policy does NOT apply to:

  • Third-party websites linked from our Website
  • Third-party services and platforms
  • Offline interactions with Perfuma
  • Information collected by third parties independently

1.3 Relationship with Terms & Conditions

This Privacy Policy works together with our Terms & Conditions. Please review both documents to understand how we collect and use information. In case of conflict, the provisions most protective of your privacy will apply.

1.4 Our Commitment

We are committed to:

  • Transparent data processing practices
  • Protection of your personal data
  • Compliance with Moroccan privacy laws
  • Respecting your privacy rights
  • Secure handling of sensitive information

2. INFORMATION WE COLLECT

2.1 Information You Provide Directly

We collect information you voluntarily provide, including:

Account Registration

  • Full name
  • Email address
  • Postal address
  • Telephone number
  • Username and password (encrypted)
  • Date of birth
  • Gender
  • Preferred language

Order and Transaction Information

  • Product selections and quantities
  • Delivery address (may differ from billing address)
  • Billing information (see Payment Information below)
  • Order history and purchase records
  • Tracking preferences
  • Delivery instructions

Payment Information

  • Credit/debit card number (processed securely, never stored on our servers)
  • Card expiration date
  • Cardholder name
  • Billing address
  • Bank account information (for bank transfers)
  • Transaction receipts

Important: Payment information is processed by secure third-party payment processors. We do NOT store complete credit card numbers or sensitive payment data on our servers.

Communication Information

  • Messages sent through contact forms
  • Customer service inquiries and responses
  • Email communications
  • Phone call transcripts (if recorded with consent)
  • Feedback and complaints
  • Survey responses

User-Generated Content

  • Product reviews and ratings
  • Comments and feedback
  • Images or videos uploaded
  • Social media handles (if provided)
  • Public profile information

Marketing Information

  • Newsletter subscription preferences
  • Email marketing opt-in/opt-out choices
  • Promotional offer preferences
  • SMS subscription preferences
  • Push notification preferences

2.2 Information Collected Automatically

We automatically collect certain information when you use our Website:

Browsing Information

  • Pages visited and time spent on each page
  • Links clicked
  • Search queries
  • Referral source (how you found our Website)
  • Browser type and version
  • Operating system and device information
  • Internet Service Provider (ISP)
  • Device identifiers

Connection Information

  • IP address (automatically logged)
  • Geographic location (derived from IP address)
  • Connection speed and type
  • Data transferred

Technical Information

  • Crash reports and error logs
  • Performance metrics
  • Website functionality usage
  • Feature preferences

2.3 Information from Third Parties

We may receive information about you from:

Third-Party Service Providers

  • Payment processors and financial institutions
  • Courier and shipping companies
  • Cloud storage providers
  • Analytics platforms
  • Email service providers
  • Customer service tools

Third-Party Platforms

  • Social media platforms (if you use social login)
  • Marketing partners
  • Advertising networks
  • Data brokers and data providers

Other Sources

  • Business partners
  • Referral programs
  • Public databases
  • Legal and regulatory authorities (when required)

2.4 Information from Cookies and Tracking Technologies

See Section 10 for detailed information about cookies, pixels, and tracking technologies.

3. HOW WE USE YOUR INFORMATION

3.1 Primary Uses

We use your personal data for the following purposes:

Order Processing and Fulfillment

  • Creating and managing your Account
  • Processing your Orders and payments
  • Shipping and delivery management
  • Providing order confirmation and updates
  • Managing returns and refunds
  • Customer service and support

Service Provision and Improvement

  • Responding to your inquiries and requests
  • Providing technical support
  • Improving Website functionality
  • Personalizing your user experience
  • Testing new features and services
  • Conducting user research and surveys

Communication

  • Sending order confirmations and updates
  • Providing customer service responses
  • Sending transactional emails (invoices, receipts, tracking)
  • Informational updates about policy changes
  • Security alerts and notifications

Marketing and Promotional Activities

  • Sending marketing emails (if you opt-in)
  • Promoting new products or services
  • Offering special promotions and discounts
  • Announcing contests and sweepstakes
  • Personalizing marketing content based on preferences

Legal and Regulatory Compliance

  • Complying with Moroccan law and regulations
  • Fulfilling tax and accounting obligations
  • Responding to legal requests from authorities
  • Maintaining records for legal proceedings
  • Enforcing our Terms & Conditions

Fraud Prevention and Security

  • Detecting and preventing fraudulent transactions
  • Verifying user identity
  • Monitoring for suspicious activity
  • Protecting against unauthorized access
  • Investigating security incidents
  • Protecting our legal interests

Data Analysis and Business Intelligence

  • Analyzing user behavior and trends
  • Creating aggregated, anonymized reports
  • Understanding customer preferences
  • Improving our products and services
  • Website and service optimization

3.2 Secondary Uses

We may also use your information for:

  • Creating anonymized and aggregated datasets
  • Conducting market research
  • Testing new marketing strategies
  • Training customer service staff
  • Improving recommendation algorithms
  • Optimizing search functionality
  • Website performance monitoring

3.3 Automated Decision-Making

We may use automated processes for:

  • Fraud detection (high-risk transaction identification)
  • Personalized product recommendations
  • Email filtering and spam detection
  • User segmentation for marketing

If automated decision-making produces a legal or significant effect on you, you have the right to request human review. Contact us using the information in Section 15.

4. LEGAL BASIS FOR PROCESSING

4.1 Lawful Basis

Under Law No. 09-08, we process your personal data only when we have a lawful basis:

Contract Performance

  • Basis: Processing is necessary to perform our contract with you
  • Data: Name, address, payment information, order details
  • Rationale: Cannot fulfill orders without this information
  • Duration: Until order completion and dispute resolution period expires

Legal Obligation

  • Basis: Processing is required by Moroccan law
  • Data: Name, address, payment records, transaction history
  • Rationale: Tax law (10-year retention), consumer protection, anti-money laundering
  • Duration: As required by law (typically 10 years for financial records)

Legitimate Interest

  • Basis: Processing is in our legitimate business interests
  • Data: Browsing data, communication records, fraud indicators
  • Rationale: Operating our business, preventing fraud, improving services
  • Duration: As long as necessary for stated purpose, then deleted

Consent

  • Basis: You have explicitly consented to processing
  • Data: Marketing emails, SMS, newsletters, cookies (non-essential)
  • Rationale: You explicitly opted-in to receive communications
  • Duration: Until you withdraw consent

Public Interest or Legal Claims

  • Basis: Processing is necessary for public interest or legal claims
  • Data: Any data relevant to investigation
  • Rationale: Complying with police/court orders
  • Duration: As required by authorities

4.2 Withdrawal of Consent

For processing based on consent, you may withdraw consent at any time without penalty. We will cease processing for that specific purpose, though processing based on other legal bases may continue.

5. DATA SHARING AND THIRD PARTIES

5.1 When We Share Your Data

We do NOT sell your personal data. However, we may share your data with:

Service Providers

  • Payment Processors: Credit card processors, payment gateways (necessary for payments)
  • Couriers and Shipping Companies: Address, name, contact details (necessary for delivery)
  • Cloud Hosting Providers: Technical infrastructure providers (necessary for Website operation)
  • Email Service Providers: Newsletter platforms (only if you opt-in)
  • Analytics Services: Website usage statistics (aggregated, anonymized where possible)
  • Customer Service Platforms: Ticketing systems, communication tools

Business Partners

  • Affiliate and Referral Partners: Limited information if you came through referral
  • Marketing Partners: Anonymized aggregated data for joint promotions (only if you opt-in)

Legal and Regulatory Authorities

  • Government Agencies: When required by law (court orders, subpoenas)
  • CNDP: Personal data breach notifications or investigations
  • Tax Authorities: Transaction and income records as required
  • Law Enforcement: Information necessary to investigate crimes

Third-Party Data Processors

  • We use Data Processing Agreements with all third parties
  • Third parties are bound to protect your data
  • We remain responsible for third-party compliance

5.2 Data Processor Obligations

All third parties who process your data on our behalf:

  • Must comply with Law No. 09-08
  • Cannot process data for their own purposes
  • Must implement appropriate security measures
  • Cannot share data with other third parties without consent
  • Must assist with your rights requests
  • Must delete or return data upon contract termination

5.3 International Data Transfers

If we transfer data to countries outside Morocco:

  • We ensure equivalent data protection standards
  • We use appropriate safeguards (Standard Contractual Clauses, Binding Corporate Rules)
  • We notify you of international transfers
  • We comply with CNDP requirements for international transfers

5.4 Business Transfers

In the event of merger, acquisition, bankruptcy, or sale of assets:

  • Your data may be transferred as part of the transaction
  • The buyer must respect this Privacy Policy
  • You will be notified of any material changes
  • You may opt-out of new uses of your data

5.5 Third Parties You Choose

If you explicitly authorize us to share data with a third party (e.g., social media login, referral program), we will do so. You are responsible for reviewing that third party’s privacy policy.

6. DATA SECURITY

6.1 Security Measures

We implement comprehensive security measures to protect your personal data:

Technical Security

  • Encryption: SSL/TLS encryption for data in transit
  • Secure Servers: HTTPS protocol for all communications
  • Firewalls: Advanced firewall protection
  • Access Controls: Role-based access restrictions
  • Authentication: Multi-factor authentication where possible
  • Intrusion Detection: Monitoring for unauthorized access attempts

Password Protection

  • Hashing: Passwords stored using strong hashing algorithms (bcrypt, scrypt)
  • Salting: Additional security layer on hashed passwords
  • No Plaintext Storage: Passwords never stored in readable form
  • Minimum Requirements: We recommend strong passwords (12+ characters, mixed case, numbers, symbols)

Data Protection

  • Minimum Access: Data accessed only by authorized personnel
  • Need-to-Know: Employees access only necessary data
  • Background Checks: Staff screening before database access
  • Confidentiality Agreements: All employees sign confidentiality agreements
  • Regular Audits: Security audits and penetration testing

Ongoing Protection

  • Security Updates: Regular software and system updates
  • Vulnerability Assessment: Regular security testing
  • Monitoring: 24/7 security monitoring
  • Incident Response: Rapid response procedures for breaches
  • Business Continuity: Backup and disaster recovery plans

6.2 Your Responsibility

While we take security seriously, no system is completely secure. You are responsible for:

  • Protecting your password and login credentials
  • Not sharing your Account information
  • Logging out of your Account when finished
  • Reporting suspicious activity immediately
  • Keeping your email address up-to-date
  • Using secure devices and networks
  • Being cautious with phishing attempts

6.3 Security Limitations

We cannot guarantee absolute security because:

  • No transmission over the internet is 100% secure
  • No storage system is completely immune to breaches
  • You use the Website at your own risk
  • Third-party processors may have security gaps

7. DATA RETENTION

7.1 Retention Periods

We retain your personal data only as long as necessary:

Account and User Information

  • Duration: While your Account is active, plus 3 years after closure
  • Reason: Tax and accounting compliance, legal claims
  • After Retention: Deleted or anonymized

Order and Transaction Information

  • Duration: Minimum 10 years from transaction date
  • Reason: Moroccan tax law requirement (Article 5, Law 17-97)
  • After Retention: Archived in secure, anonymized format
  • Note: Kept longer if pending disputes or legal claims

Payment Information

  • Duration: 90 days (for reconciliation purposes only)
  • Reason: Payment verification and dispute resolution
  • After Retention: Securely deleted, never stored long-term
  • Note: Complete card numbers NEVER stored

Marketing Data

  • Duration: Until you unsubscribe or opt-out
  • Reason: Fulfilling your marketing preferences
  • After Retention: Immediately deleted from marketing lists
  • Note: May be retained for 6 months to ensure unsubscribe effectiveness

Website Analytics and Cookies

  • Duration: Up to 24 months (aggregated, anonymized data)
  • Reason: Website performance analysis and improvement
  • After Retention: Automatically deleted by analytics platform

Customer Service Records

  • Duration: 3 years after final resolution
  • Reason: Handling disputes and complaints
  • After Retention: Deleted or anonymized

Legal and Compliance Data

  • Duration: As required by law or until legal matter resolved
  • Reason: Compliance with Moroccan law and court orders
  • After Retention: Deleted upon legal obligation expiration

Automated Backups

  • Duration: Up to 90 days in backup systems
  • Reason: Disaster recovery and business continuity
  • After Retention: Automatically overwritten or deleted

7.2 Secure Deletion

When we delete data, we use:

  • Secure deletion methods (wiping, shredding, destruction)
  • Irreversible anonymization techniques
  • Third-party destruction services for physical media
  • Certificate of destruction documentation

7.3 Archived Data

Data kept for legal compliance is:

  • Stored in secure, offline storage
  • Encrypted and access-restricted
  • Not used for any operational purposes
  • Deleted immediately when retention period expires

8. YOUR PRIVACY RIGHTS

8.1 Legal Rights Under Law No. 09-08

You have the following rights regarding your personal data:

Right to Access

  • What: You can request access to your personal data
  • How: Contact us with a written request identifying yourself
  • Timeline: We will provide information within 30 days
  • Format: We will provide data in clear, understandable format
  • Cost: Free (unless request is manifestly unfounded or excessive)

Right to Rectification

  • What: You can request correction of inaccurate data
  • How: Contact us with specific corrections needed
  • Timeline: We will correct information without undue delay
  • Notification: We will notify third parties of corrections where necessary
  • Cost: Free

Right to Erasure (« Right to Be Forgotten »)

  • What: You can request deletion of your data
  • When: Particularly if data is no longer necessary
  • Limitations: Cannot delete if required by law or for legal claims
  • Timeline: Deletion within 30 days of request
  • Third Parties: We will notify processors to delete data
  • Cost: Free

Right to Restrict Processing

  • What: You can request limitation of how your data is used
  • When: If you contest accuracy or processing legality
  • Effect: Data marked and processing limited (except storage)
  • Timeline: Restriction applied immediately
  • Duration: Until issue is resolved
  • Cost: Free

Right to Data Portability

  • What: You can request your data in machine-readable format
  • When: For data you provided or that was generated from your activity
  • Format: Structured, commonly used format (CSV, JSON)
  • How: Contact us with your request
  • Timeline: 30 days from request
  • Use: You can transfer data to another service provider
  • Cost: Free

Right to Object

  • What: You can object to certain types of processing
  • When: Particularly marketing, profiling, automated decision-making
  • Effect: We will cease processing unless we have compelling legitimate grounds
  • Timeline: Cessation without undue delay
  • Marketing: We will immediately remove you from marketing communications
  • Cost: Free

Right to Withdraw Consent

  • What: You can withdraw consent for processing based on consent
  • When: At any time, without penalty or consequence
  • Effect: Processing stops for that specific purpose
  • Timeline: Immediate effect upon receipt of withdrawal
  • Cost: Free
  • Note: Withdrawal doesn’t affect past processing

Right to Lodge a Complaint

  • What: You can file a complaint with the CNDP
  • When: If you believe we are violating your privacy rights
  • Where: Commission Nationale de Contrôle de la Protection des Données (CNDP)
  • How: Submit complaint form to CNDP
  • Cost: Free
  • Effect: CNDP can investigate and impose sanctions

Rights Related to Automated Decision-Making

  • What: You have rights related to decisions made about you by automated means
  • When: If decision produces legal or significant effects
  • Right: To request human review of the decision
  • Timeline: Within 30 days of automated decision
  • Remedy: We can override or reconsider the decision
  • Cost: Free

8.2 How to Exercise Your Rights

To exercise any of your privacy rights:

Contact Methods

  • Email: info@perfumaessence.com
  • Postal Mail: Perfuma, Temara, Rabat-Salé-Kénitra, Morocco
  • Online Form: https://perfumaessence.com/contact/
  • Telephone: +212 663 566 844

Required Information

  • Your name and contact information
  • Clear description of which right you’re exercising
  • Specific data or account involved
  • Proof of identity (copy of ID or passport)
  • Any supporting documentation

Verification

  • We may verify your identity to prevent unauthorized access
  • We may request additional information to locate your data
  • Verification process typically takes 5-10 business days

Response Timeline

  • Acknowledgment: Within 2 business days of request
  • Substantive Response: Within 30 days (extendable to 60 days for complex requests)
  • Explanation: If we cannot fulfill request, we’ll explain why and your options

No Retaliation

  • We will not penalize you for exercising your rights
  • Your service will not be degraded or terminated
  • No discrimination based on rights exercise

8.3 Children’s Privacy Rights

Children (under 18) and their parents/guardians have additional rights (see Section 9).

9. CHILDREN’S PRIVACY

9.1 Children’s Privacy Protection

We are committed to protecting children’s privacy and comply with Moroccan law regarding children and online services.

9.2 Age Restrictions

Our Website is intended for users 18 years and older:

  • We do not knowingly collect data from children under 18
  • Account creation requires being at least 18 years old
  • Products (perfumes) may be age-appropriate but for adult use

9.3 Parental Consent

If we discover a child under 18 has provided data:

  • We will delete the information without delay
  • We will notify the parent/guardian
  • No marketing communications will be sent to children
  • We will not retain the data

9.4 Parental Rights

Parents and guardians can:

  • Request to see what data we have collected from a child
  • Request correction or deletion of a child’s data
  • Withdraw consent for data collection from a child
  • Prohibit future collection of data from a child

9.5 Online Safety

We encourage parents/guardians to:

  • Monitor children’s online activities
  • Teach children about online privacy
  • Review our Privacy Policy with children
  • Discuss what personal information is appropriate to share

10. COOKIES AND TRACKING TECHNOLOGIES

10.1 What Are Cookies

Cookies are small text files stored on your device that help us recognize you and improve your experience.

10.2 Types of Cookies We Use

Essential Cookies

  • Purpose: Required for Website function
  • Examples: Session cookies, login credentials, security tokens
  • Consent: No consent needed (exempt)
  • Duration: Session or short-term
  • Deletable: May disable functionality if deleted

Performance Cookies

  • Purpose: Analytics and Website improvement
  • Examples: Google Analytics, traffic analysis
  • Consent: Required (opt-in)
  • Data: Aggregated, anonymized usage patterns
  • Duration: 24 months
  • Provider: Third-party analytics services

Marketing/Advertising Cookies

  • Purpose: Targeted advertising and remarketing
  • Examples: Facebook Pixel, Google Ads, retargeting pixels
  • Consent: Required (opt-in)
  • Data: Your interests and browsing behavior
  • Duration: Up to 2 years
  • Provider: Third-party advertising networks

Functionality Cookies

  • Purpose: Remembering preferences and settings
  • Examples: Language preference, layout choice, saved items
  • Consent: Required (opt-in)
  • Data: Your preferences
  • Duration: Indefinite or session
  • Deletable: Can disable without breaking core functionality

Third-Party Cookies

  • Purpose: Services from external partners
  • Examples: Social media widgets, chat support
  • Consent: Required (opt-in)
  • Providers: Social media platforms, service providers

10.3 Cookie Consent Management

When you first visit our Website:

  • A cookie consent banner will appear
  • You can choose to:
  • Accept all cookies
  • Reject non-essential cookies
  • Customize your preferences
  • View detailed cookie settings

Your choices are respected and stored.

10.4 Other Tracking Technologies

In addition to cookies, we use:

Web Beacons and Pixels

  • Tiny images embedded in emails and pages
  • Track whether you’ve opened an email or visited a page
  • Help measure campaign effectiveness
  • No personal data collected directly

Log Files

  • Automatically created by servers
  • Record IP address, browser type, pages visited
  • Help diagnose technical issues
  • Retained for security monitoring

JavaScript Tracking

  • Code that runs in your browser
  • Tracks interactions and user behavior
  • Used for analytics and personalization
  • Can be disabled in browser settings

Device Identifiers

  • Unique identifiers assigned to your device
  • Used to recognize returning users
  • Help prevent fraud
  • Not linked to your identity unless you log in

10.5 How to Manage Cookies

Browser Settings:

  • Most browsers allow you to control cookies
  • You can:
  • Accept all cookies
  • Reject all cookies
  • Accept only certain types
  • Block third-party cookies
  • Delete cookies automatically on exit

Website Cookie Preferences:

  • Return to our cookie banner anytime
  • Update your preferences
  • Change consent choices

Browser Extensions:

  • Third-party cookie manager extensions
  • Provide granular cookie control
  • Examples: uBlock Origin, Privacy Badger, Ghostery

Opt-Out Links:

  • Individual services provide opt-out options
  • Google Analytics: Google Analytics Opt-Out Browser Add-on
  • Advertising Networks: Industry opt-out portals

10.6 Impact of Disabling Cookies

Disabling cookies may:

  • Break some Website features
  • Prevent you from logging into your Account
  • Disable personalized recommendations
  • Prevent shopping cart functionality
  • Block cookies you’ve previously accepted

Essential cookies cannot be disabled without breaking Website functionality.

11. THIRD-PARTY CONTENT AND DATA SOURCES

11.1 Third-Party Sourced Content

Some content, product information, and data on our Website originates from third-party sources.

11.2 Types of Third-Party Content

Product Information

  • Source: Fragrance databases, industry resources, manufacturer specifications
  • Examples: Scent notes, ingredients lists, fragrance families, brand descriptions
  • Attribution: See Section 11.4 below
  • Accuracy: We verify information but cannot guarantee completeness

Educational Content

  • Source: Fragrance blogs, industry publications, expert resources
  • Examples: Fragrance history, application guides, care instructions
  • Attribution: Links and citations provided where applicable
  • Use: For informational and educational purposes

Industry Data

  • Source: Market research, fragrance databases, industry reports
  • Examples: Trend analysis, market statistics, category information
  • Attribution: May not be individually attributed but compiled responsibly
  • Limitations: Third-party content may be subject to copyright

Images and Media

  • Source: Product manufacturers, photography resources, stock media services
  • Attribution: Credits provided in image metadata or nearby
  • Licenses: We license or are authorized to use all images
  • Usage: Limited to our Website unless otherwise stated

Reviews and User-Generated Content

  • Source: Customer reviews, social media, user submissions
  • Attribution: Posted under customer’s name (if public)
  • Verification: We may verify authenticity but don’t endorse
  • Responsibility: Users responsible for content accuracy

11.3 Data Privacy for Third-Party Content

When third-party content contains personal data:

  • We respect third-party privacy policies
  • We don’t combine third-party data without consent
  • We comply with data protection requirements
  • Third-party data is processed securely

11.4 Attribution and Source Documentation

We are committed to transparent attribution:

When We Provide Attribution

  • Links to original sources where practical
  • Citations in educational content
  • Credits in image metadata
  • References in product descriptions
  • Acknowledgment of data providers

How to Find Attribution

  • In-Text Links: Click linked source names
  • Footer Information: Check page footers for sources
  • Metadata: Inspect image properties and document metadata
  • Contact Us: Email for specific source information

When Attribution May Not Be Provided

  • Aggregated Data: Combined from multiple sources, individual attribution impractical
  • Public Knowledge: Widely known information in industry
  • Licensed Content: Included as part of licensed services
  • Compiled Information: Our own compilation of publicly available data

11.5 Your Rights Regarding Third-Party Content

If You Created Third-Party Content We Use:

  • You retain ownership of your content
  • You can request attribution or removal
  • Contact us at info@perfumaessence.com with:
  • Specific content identification
  • Your ownership claim
  • Your requested action (attribute, modify, remove)

If Your Privacy is Affected:

  • You can request removal of your personal data
  • We will remove third-party personal data upon request
  • This complies with your right to erasure

Copyright and Intellectual Property:

  • You can report copyright infringement
  • We will investigate and remove infringing content
  • Contact: info@perfumaessence.com with:
  • Copyright registration details
  • Specific infringing content
  • Your contact information

11.6 Third-Party Website Privacy Policies

When we link to third-party websites or services:

  • They have their own privacy policies
  • We are not responsible for third-party practices
  • Review their policies before providing data
  • We cannot guarantee their compliance with law

12. EXTERNAL LINKS

12.1 Third-Party Links

Our Website contains links to third-party websites and services:

  • Not Our Responsibility: We don’t control third-party sites
  • Different Policies: They have separate privacy policies
  • Our Disclaimer: We don’t endorse their practices
  • Your Risk: Use third-party sites at your own risk

12.2 Social Media Integration

We may include social media widgets (Like buttons, Share buttons, Comments):

  • Third-Party Control: Social media companies control these
  • Data Sharing: Social platforms may collect your data
  • Review Policies: Check their privacy policies
  • Opt-Out: You can customize social media settings

12.3 Affiliate Links

Some product links may be affiliate links:

  • Disclosure: Marked when applicable
  • Commissions: We may earn a commission on purchases
  • No Extra Cost: You pay the same price
  • Transparency: We disclose affiliate relationships

13. INTERNATIONAL DATA TRANSFERS

13.1 Data Location

Our Website operates from Morocco. Your data may be:

  • Stored in Morocco: Primary data storage location
  • Processed in Morocco: Primary processing location
  • Transferred Internationally: If necessary for service provision

13.2 International Transfer Safeguards

If we transfer data outside Morocco:

  • Equivalency: We ensure equivalent protection standards
  • Legal Frameworks: We use recognized legal mechanisms:
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules (BCRs)
  • CNDP-approved mechanisms
  • Assessment: We assess third-country protection levels
  • Notification: We inform you of international transfers

13.3 Third-Country Service Providers

Some of our service providers may be located outside Morocco:

  • Payment Processors: May have international operations
  • Cloud Providers: May store data internationally
  • Analytics Services: May process data globally
  • Agreements: All have data protection agreements

13.4 Your Rights for International Transfers

You have the right to:

  • Know where your data is transferred
  • Understand the legal basis for transfers
  • Object to international transfers
  • Request data retained in Morocco

14. CHANGES TO PRIVACY POLICY

14.1 Policy Updates

We may update this Privacy Policy to:

  • Comply with new or amended laws
  • Reflect operational changes
  • Improve clarity and transparency
  • Address new privacy risks
  • Respond to user feedback

14.2 Notification of Changes

When we make material changes:

  • Update Date: We update the « Last Updated » date
  • Email Notice: We email users about significant changes
  • Website Notice: We post prominent notices on the Website
  • Timeline: Reasonable notice before changes take effect (typically 30 days)

14.3 Your Acceptance

Your continued use of the Website after changes are posted constitutes acceptance of the updated Privacy Policy.

14.4 Non-Material Changes

Minor updates (clarifications, corrections, formatting) take effect immediately without notice.

14.5 Historical Versions

Previous versions of this Privacy Policy are available upon request:

  • Email: info@perfumaessence.com
  • We will provide versions from the past 3 years

15. CONTACT INFORMATION AND COMPLAINTS

15.1 Contacting Perfuma

For questions about this Privacy Policy or to exercise your privacy rights:

Email

info@perfumaessence.com

Mailing Address

Perfuma
Temara, Rabat-Salé-Kénitra
Morocco

Telephone

+212 663 566 844

Online Contact Form

Contact

Response Times

  • Email: Within 48 hours (business days)
  • Telephone: During business hours
  • Contact Form: Within 48 hours (business days)

15.2 Data Protection Officer Information

If you wish to discuss privacy matters with our data protection representative:

  • Title: Data Protection Compliance Officer
  • Availability: Available upon request
  • Contact: Request through methods above

15.3 Filing a Complaint with CNDP

If you believe we are violating your privacy rights, you can file a complaint with:

Commission Nationale de Contrôle de la Protection des Données à Caractère Personnel (CNDP)

Official Name: Commission Nationale de Contrôle de la Protection des Données à Caractère Personnel

Purpose: Supervises compliance with Law No. 09-08 on Personal Data Protection

Authority: Can investigate complaints and impose sanctions on non-compliant organizations

Filing a Complaint:

  1. Visit the CNDP official website
  2. Locate the complaint submission form
  3. Provide details about your complaint
  4. Include supporting documentation
  5. Submit the complaint

Your Rights:

  • Submit a complaint free of charge
  • Receive acknowledgment of receipt
  • Get updates on the investigation
  • Request remedies
  • Appeal CNDP decisions

Contact Information:

  • You can request CNDP contact details from us
  • We will provide current contact information upon request

15.4 Informal Resolution

Before filing a formal complaint, we encourage you to:

  1. Contact Us: Reach out with your concern
  2. Provide Details: Explain the issue clearly
  3. Give Us Time: Allow 7-10 business days to respond
  4. Work Together: We will attempt to resolve informally
  5. Escalate: If unresolved, proceed to formal complaint

15.5 Your Rights in Complaint Proceedings

When you file a complaint with CNDP or us:

  • No Retaliation: We will not penalize you for complaining
  • Confidentiality: Your complaint will be handled confidentially
  • Investigation: Your concerns will be investigated fairly
  • Transparency: We will keep you informed of progress
  • Remedy: If violations found, we will implement corrective measures

15.6 Dispute Resolution Process

Step 1: Direct Communication

  • Contact us with your privacy concern
  • Provide specific details and desired resolution
  • Timeline: 7 business days for response

Step 2: Escalation

  • Request escalation to management if unsatisfied
  • We will review the issue
  • Timeline: 10 business days for response

Step 3: CNDP Complaint

  • File formal complaint with CNDP
  • Provide all relevant documentation
  • CNDP will investigate
  • Timeline: Typically 2-3 months

Step 4: Legal Action

  • If CNDP decision is unsatisfactory
  • You can pursue legal action in Moroccan courts
  • Statute of limitations: 2 years from violation

FINAL NOTES

Privacy and Security

Your privacy and the security of your personal data are our highest priorities. We continuously work to improve our data protection practices.

Your Responsibility

While we protect your data, you also play a role:

  • Keep your Account credentials confidential
  • Report suspicious activity immediately
  • Review and update your Account settings regularly
  • Use strong, unique passwords
  • Log out when using shared devices

Governing Law

This Privacy Policy is governed by Moroccan law:

  • Law No. 09-08 on Personal Data Protection
  • Law No. 31-08 on Consumer Protection
  • CNDP regulations and guidance
  • Moroccan Civil and Commercial Code

Severability

If any part of this Privacy Policy is found to be unenforceable, that part will be modified to the minimum extent necessary, or severed. All other parts remain in effect.

Entire Agreement

This Privacy Policy, together with our Terms & Conditions, constitutes the entire agreement regarding data handling. Any other privacy statements or policies are superseded by this document.

ACKNOWLEDGMENT:

By using the Perfuma Website, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy.

Last Updated: January 2026
Effective Date: January 2026

For the most current version of this Privacy Policy, please visit the Website regularly.

© 2026 Perfuma. All rights reserved. This Privacy Policy is protected by copyright and may not be reproduced or distributed without written permission.