Privacy Policy


This Privacy Policy is a legal document between You (an individual who uses SURLEEN services) and SURLEEN. We know that You care how information about You is used and shared, and We appreciate Your trust that We will do so carefully and sensibly. This Privacy Policy describes how SURLEEN collects and processes Your personal information through SURLEEN website (https://surleen.com/), devices, products, services and online stores that reference this Privacy Policy (together "SURLEEN Services"). BY VISITING OUR WEBSITE, PROVIDING YOUR INFORMATION OR USING SURLEEN SERVICES, YOU CONFIRM THAT YOU HAVE READ AND UNDERSTOOD THE PRACTICES DESCRIBED IN THIS PRIVACY POLICY.
In addition to the general terms, and in order to comply with applicable local laws, SURLEEN offers specific supplementary terms for consumers residing in Saudi Arabia, the United Arab Emirates (UAE), California, Colorado, Connecticut, Virginia, as well as residents of the EU, Switzerland (CH), and the UK.

1. PERSONAL DATA WE COLLECT ABOUT YOU

Personal data refers to any information that can be used—directly or indirectly—to identify you. This also includes anonymized data if it can be linked back to information that identifies you. However, personal data does not include data that has been irreversibly anonymized or aggregated, making it impossible for us to identify you, even when combined with other data.

1.1 Information You Provide to Us

We collect and store the information you provide when using SURLEEN online apparel retail services. While you can choose not to share certain details, doing so may limit your access to some SURLEEN website features, checkout, delivery and after-sales functions.

Information you actively submit includes: name, delivery address (Saudi Arabia/UAE local address), contact mobile number, email, payment billing information, order notes, account login credentials, size/preference notes for abaya, kaftan, modest dresses, customer service consultation records, and review content you post on our site.

1.2 Automatic Information Collection

We may automatically collect and store certain types of information about your use of SURLEEN Services, including your browsing records, product clicks, add-to-cart actions, order interactions with modest dresses, abayas, kaftans and other apparel on our website. Like many e-commerce websites, we use "Cookies" and other unique identifiers, and we obtain certain types of information when your web browser or device accesses https://surleen.com/ and third-party content embedded on our website.

Automatically collected data includes device model, browser type, IP address, website access time, page dwell time, cart abandonment records, and marketing click tracking data.

1.3 Information from Other Sources

We may receive information about You from other sources, such as updated delivery and address information from our Saudi & UAE logistics carriers, payment service providers, and official postal partners, which We use to maintain accurate delivery records and facilitate your future apparel purchases.
Click here to see full examples of what We collect.

2. For What Purposes Does SURLEEN Use Your Personal Information

We use your personal information to operate, provide, develop, and improve the modest women’s apparel products and services that we offer to customers in Saudi Arabia and UAE. These purposes include:

(1) Purchase and delivery of apparel products and services. We use your personal information to take and handle dress/abaya orders, deliver goods across Saudi Arabia and UAE, process SAR payments, and communicate with you about order status, product restocks, size guidance, shipping updates, and promotional offers for modest wear.

(2) Provide, troubleshoot, and improve SURLEEN Services. We use your personal information to maintain website functionality, analyze page performance, fix checkout/loading errors, and optimize the usability of our kaftan, evening gown and loungewear product pages.

(3) Recommendations and personalization. We use your personal information to recommend modest dresses, floral kaftans, embroidered abayas and formal evening gowns that might match your style preferences, identify your size and style inclinations, and personalize your shopping experience on our site. We will request for your prior explicit consent before we conduct such personalized product recommendations or targeted marketing.

(4) Comply with legal obligations. In certain cases, we collect and use your personal information to comply with Saudi PDPL, UAE federal data protection regulations, CCPA, GDPR and other applicable local data laws.

(5) Fraud Prevention and Credit Risks. We use personal information to prevent and detect fake orders, payment fraud and abusive account activity in order to protect the security of our customers, SURLEEN, payment partners and logistics providers. We may also use scoring methods to assess and manage payment credit risks.
Click here to see examples of how We use collected data.

3. Cookies

3.1 Definition of "Cookies"

Cookies are small pieces of text used to store information on web browsers. Cookies are widely used to store and receive identifiers and other information on computers, mobile phones, and other devices. We also use equivalent tracking technologies, including local data stored on your web browser or device, device unique identifiers, and embedded tracking scripts, for similar purposes. In this Cookie Statement, we refer to all of these tracking technologies collectively as "cookies."

3.2 Use of Cookies

With your explicit consent obtained via our website cookie pop-up, we may use cookies to recognize your browser or device, learn more about your modest fashion interests, and provide you with essential shopping features and services, as well as for additional purposes including:

(1) Recognizing you when you sign in to your SURLEEN member account. This enables us to provide you with abaya/kaftan product recommendations, display personalized style content, recognize you as a registered member, enable one-click checkout purchasing, and save your size and shipping preferences.

(2) Keeping track of your specified privacy and marketing preferences. This enables us to honor your choices, such as whether or not you would like to receive interest-based modest fashion ads. You may adjust your cookie and marketing preferences anytime through your Account page.

(3) Keeping track of apparel items stored in your shopping basket, including abandoned kaftan and maxi dress carts.

(4) Conducting anonymous research and diagnostics to improve SURLEEN’s product pages, website layout, checkout flow and customer shopping experience.

(5) Preventing fraudulent order and payment activity on our website.
Approved third parties may also set cookies when you interact with SURLEEN website. These third parties include search engines, web analytics service providers, social media marketing platforms, and regional advertising companies serving Saudi and UAE markets. Third parties use cookies to deliver modest fashion ads relevant to your interests, measure ad campaign effectiveness, and perform marketing analytics services on behalf of SURLEEN.
SURLEEN uses cookies to track items you add to your shopping cart, including abandoned carts, and this information is used to determine when to send cart reminder SMS messages for Saudi/UAE local mobile numbers.
You can fully manage browser cookies through your browser settings. The 'Help' feature on all mainstream browsers will explain how to block new cookies, enable cookie notification prompts, delete stored cookies, and set cookie expiration rules. If you block all cookies on your browser, neither we nor third parties will store cookies on your device. However, if you fully disable cookies, you may have to manually re-enter shipping addresses and size preferences every time you visit our site, and core shopping functions like saved carts and member login may not operate properly.

4. Data Collection Restrictions

4.1 Location Data Advertising Restriction

We will not collect or use Your precise/approximate device location data for targeted advertising purposes without obtaining your separate prior written consent.

4.2 Permanent Device Identifier Restrictions

We shall not associate a permanent device identifier with other personal data, sensitive user data, or resettable device identifiers, except for the following limited purposes:

(1) For telephone services linked to SIM identity information (e.g., Wi-Fi calling services tied to your Saudi/UAE carrier account).

(2) For enterprise device management applications operated under full device owner authorization.
Should any of the aforementioned purposes apply, We will conspicuously disclose such data usage within this privacy policy and on our website consent pop-ups.

4.3 Sensitive Permission & API Restrictions

We shall not employ sensitive information permissions and data APIs for collecting user or device data in undisclosed, unimplemented, or unauthorized functions or purposes. Furthermore, for sales and marketing promotion purposes, We shall not sell or share, without user explicit consent, personal or sensitive data obtained through sensitive information access permissions or APIs.

4.4 Restricted Permissions Opt-out Policy

User or device data accessed through restricted device permissions is classified as personal and sensitive user data. If You decline to grant restricted device permissions, We will fully respect Your decision. We will take reasonable technical measures to enable users who have not granted sensitive permissions to browse, add items to cart and complete apparel orders normally on our website. However, You understand and acknowledge that minor auxiliary services (such as location-based shipping estimation) may not be available if You deny these permissions.

4.5 SMS & Call Record Limitations

SMS and call records are classified as personal and sensitive user data. The usage of related device permissions will be subject to the constraints of this privacy policy and the following strict limitations:

(1) Call Log Permission Group: Users may voluntarily register our website as the default phone assistant handler for their device if they choose; our site will never automatically retrieve call logs in the background without manual user activation.

(2) SMS Permission Group: Users may voluntarily register our website as the default SMS assistant handler for their device if they choose; our site will never actively collect or automatically pull SMS records in the background.

4.6 Device Location Information Rules

Device location information is personal sensitive user data. We will not passively collect location data without consent. We will also not request users to grant location permissions solely for advertising or market data analysis.

Even if location data is necessary to provide shipping estimation features for Saudi/UAE delivery, We will request Your separate explicit consent. Our website will only request the minimum necessary location permissions (i.e., approximate regional location instead of precise GPS coordinates, foreground-only location access without background tracking), and the scope of location data requested shall align with reasonable user expectations for an apparel e-commerce store.

4.7 Device Storage & Camera Access Rules

The file and directory attributes stored on the user's device are considered personal and sensitive user data. If core shopping functions require temporary access to device storage (e.g., uploading product review photos), We will only request storage access strictly necessary for completing that function.

We will never access Your device's camera or local photo files without obtaining Your separate consent. We will not request storage access for purposes unrelated to core website shopping functionality, nor will we share storage access data with any third-party partners.

5. Disclosure of Personal Data

5.1 Data Sharing Scope

Customer information constitutes a core part of our e-commerce business operations; however, we do not sell our customers' personal information to any third-party advertisers, resellers or data brokers. We share customers' personal information solely as described below and exclusively with strategic partners that are either bound by this Privacy Policy or maintain data protection practices at least as protective as those outlined herein:

(1) Upon obtaining your prior explicit consent, we may disclose specific personal data to strategic partners who collaborate with us to deliver apparel shipping, payment processing, or assist in regional modest fashion marketing for Saudi Arabia and UAE customers.

(2) Subject to your prior consent and in circumstances involving mergers, reorganizations, acquisitions, joint ventures, asset assignments, spin-offs, business transfers, or the sale/disposition of all or any portion of SURLEEN’s business (including bankruptcy proceedings), we may transfer all relevant personal data to the acquiring third party.

(3) With your prior consent, SURLEEN may embed third-party service tools, product widgets and payment gateways accessible via our website.

(4) Following your prior consent, SURLEEN may engage trusted third-party companies and individuals to perform functions on our behalf, including but not limited to: order fulfillment, Saudi/UAE package delivery, SMS and email order notifications, customer account maintenance, website data analytics, regional marketing support, payment processing, credit risk assessment, and multilingual customer service. These third-party service providers shall only access the personal information strictly necessary to perform their designated functions and are contractually prohibited from using such information for any unrelated purposes.

(5) Our website may embed third-party code (analytics SDKs, payment SDKs, social sharing plugins). We guarantee that all third-party code deployed on surleen.com complies with Saudi PDPL, UAE data protection rules, Google Play & Apple App Store platform policies. Specifically, we enforce written agreements ensuring all SDK providers do not sell or resell personal or sensitive user data collected from our website visitors.

(6) With your prior approval and as part of ongoing business development, we may participate in transactions involving the purchase or sale of complementary apparel retail businesses. In such transactions, customer information will remain subject to the commitments laid out in this Privacy Policy unless you separately consent to new data handling terms. Should SURLEEN or substantially all of its business assets be acquired, customer information will be included among transferred assets with unchanged data protection obligations.

(7) We may disclose account and other personal information when we determine such disclosure is legally required or appropriate to: 1) comply with mandatory local laws (Saudi PDPL, UAE data regulations, CCPA, GDPR etc.); 2) enforce our Website Terms and Conditions and other service agreements; or 3) protect the rights, property, or safety of SURLEEN, our customers, logistics partners, payment providers or the general public. This includes limited information sharing with fraud prevention service providers and credit risk management organizations.
Except as specified above, you will receive clear advance notification whenever your personal information may be shared with unrelated third parties and will be provided an easy opt-out mechanism for such sharing.
Notwithstanding the foregoing, we may be legally required to disclose personal data in response to binding local laws, official legal processes, litigation, formal requests from Saudi SDAIA, UAE federal data authorities, or other governmental regulatory bodies. We may also determine that limited disclosure is necessary for national security, law enforcement, or other significant public interest matters as required by regional regulators.

5.2 Confidential Financial & ID Data

We shall not publicly disclose any personal sensitive data related to financial payment records, bank card information, transaction history, or government-issued national identification numbers of Saudi and UAE customers.

5.3 Third-Party Contact Information Protection

We will not publish or disclose non-public contact information of other customers, delivery partners or third-party merchants without full written authorization from the data owner.

6. Children's Personal Information

SURLEEN website and apparel retail services target adult consumers aged 16 and above, and are not designed or marketed to children under 16 years old. SURLEEN does not knowingly solicit or collect personal information online from minors under 16 without verifiable parental guardian consent.

If We discover we have collected personal information from a child under 16 without valid parental consent, We will either obtain formal guardian consent or permanently delete all associated minor user data within 7 working days. If You believe a child under 16 has submitted personal information to our website without guardian approval, please contact us via legal@surleen.com immediately.

7. Your Data Subject Rights

7.1 Core Privacy Rights Under Global & Middle Eastern Data Laws

We fully respect your privacy choices and comply with Saudi PDPL, UAE data protection rules, CCPA, CPRA, GDPR and other regional data laws. You hold the following enforceable rights regarding all Personal Data we collect about you:

(1) Right to Know

You have the right to request that we fully disclose detailed information about our collection and processing of your Personal Data, including the exact categories of personal data stored, the source of that information, all business purposes for data collection, and the complete list of third-party service providers we share data with.

(2) Right to Access & Data Portability

You have the right to request a full copy of all Personal Data we hold about you, provided in a structured, machine-readable portable format that allows you to transfer the data to another retail platform without obstruction. We may deliver this data via your SURLEEN member account dashboard or direct email to the address linked to your request.

(3) Right to Delete Data

Subject to narrow legal exceptions (tax record retention, fraud investigation records), you have the right to request full permanent deletion of all your Personal Data stored on our systems. After we receive your deletion request and complete identity verification, we will review applicable legal retention exceptions. All data not covered by retention obligations will be fully erased or irreversibly de-identified, and we will direct all third-party service partners to delete your data as well.

(4) Right to Correct Inaccurate Data

Subject to limited legal exceptions, you have the right to request correction of incomplete or inaccurate Personal Data (e.g., wrong Saudi/UAE shipping address, incorrect mobile number, misspelled customer name). Once we verify your identity, we will process your correction request and notify our logistics and payment partners to update matching records. We may request supplementary proof to confirm the inaccurate information you wish to amend.

(5) Right to Opt-out of Data Sale & Third-Party Sharing

You have the absolute right to opt out of any sale or commercial cross-context sharing of your personal data for advertising purposes.

7.2 Supplementary User Rights & Complaint Process

We take reasonable operational steps to ensure your stored personal data remains accurate, complete and up-to-date. At any time, you may submit requests to access, correct, delete or restrict further processing of your personal data, or object to marketing data processing entirely. You also have the right to receive your personal data in standardized structured digital format.

If you believe SURLEEN has violated your regional data privacy rights, you retain the right to lodge a formal complaint with Saudi SDAIA (Saudi Data & Artificial Intelligence Authority), UAE federal data protection authorities, EU data supervisory authorities, or California CCPA regulators.
To protect the security of your personal data, We may request supplementary identity verification information before fulfilling your data rights requests, to locate and retrieve your stored records. Please note that applicable local laws may permit or require us to temporarily refuse certain data access or deletion requests (e.g., mandatory financial record retention for tax compliance in Saudi Arabia and UAE).
To exercise any of your data privacy rights, please submit a written request to our dedicated legal email. We will respond to all valid consumer data requests within a reasonable timeframe, and in all cases no later than 30 calendar days from receipt of your verified request.

8. Third-Party Websites & External Services

Our SURLEEN website may contain hyperlinks to external third-party shopping sites, social media platforms, payment gateways and logistics tracking portals. SURLEEN bears no legal responsibility for the independent privacy policies, data handling practices or content of these external third-party platforms. This Privacy Policy applies exclusively to personal data collected directly through surleen.com and SURLEEN’s official retail services. We strongly recommend you review the standalone privacy policy of any third-party website before submitting your personal information.

9. Information Security & Data Retention

We deploy comprehensive technical, administrative and physical security safeguards designed to prevent unauthorized access, disclosure, alteration or destruction of your personal data stored on our servers, in compliance with Saudi PDPL and UAE data security standards.
We will retain Your personal data only for the minimum period necessary to fulfill the business purposes outlined in this Privacy Policy, unless a longer mandatory retention window is required by Saudi, UAE, US or EU local law (e.g., mandatory financial transaction record retention for tax and accounting compliance). After the retention period expires, all customer data will be irreversibly anonymized or permanently deleted.
All our data processing activities abide by core data protection principles: legality, fairness, transparency, data minimization, purpose limitation, and storage limitation. We implement layered technical and administrative security controls to protect all user sensitive data. We use collected personal data to verify account ownership, monitor suspicious order activity, prevent payment fraud, and investigate potential violations of our website Terms & Conditions; this processing is justified under our legitimate business interest of maintaining a secure regional e-commerce platform for Saudi and UAE modest apparel shoppers.

10. Changes to this Privacy Policy

We may revise this Privacy Policy periodically to adapt to new regional data protection regulations (Saudi PDPL updates, UAE data law amendments, CCPA/GDPR revisions), evolving e-commerce industry practices, and new website service features. Your continued browsing, account creation, ordering or use of SURLEEN services after the updated policy effective date constitutes your full acceptance of the revised Privacy Policy terms.

If You do not agree to the updated policy version, please cease all use of surleen.com and contact us to submit an account closure request to delete all your personal records.

11. Governing Terms, Disputes & Policy Revisions

All use of SURLEEN website services, and any privacy-related legal disputes, shall be governed by this Privacy Policy and our official Website Terms and Conditions, including liability limitation clauses, dispute resolution rules, and applicable regional commercial law for Saudi Arabia and the United Arab Emirates.

If You hold any concerns or complaints regarding this Privacy Policy or our data handling practices, please send a detailed written description to our legal team via the official contact email listed below, and We will make reasonable efforts to resolve your concerns promptly.
Our business operations and website features evolve continuously, so this Privacy Policy will be updated as required. You should regularly check surleen.com to view the latest policy revisions. Unless explicitly stated otherwise, the current version of this Privacy Policy applies to all historical personal data we have collected from you and your member account.

We will never implement material negative changes to our data protection commitments that reduce privacy safeguards for historical customer data without obtaining separate consent from affected users.

Specific Supplementary Terms for Saudi Arabian Consumers

This supplementary section applies solely to permanent residents of Saudi Arabia and complies with the Saudi Personal Data Protection Law (PDPL) and all supporting implementing regulations. It governs all personal information SURLEEN collects from Saudi customers via surleen.com, both online and offline order channels.
  1. Notice to Saudi Residents

    We may collect (and may have collected within the 12 months prior to this policy update date) the following categories of your personal information solely for the retail apparel business purposes described in this policy: delivery address, contact mobile number, email, payment details, order history, size/style preferences, website browsing data, and customer service records. Click here to view full examples of collected data and their authorized usage under Saudi PDPL.

    The exact data categories collected depend on which SURLEEN website features and apparel purchasing functions you utilize.
  2. Sources of Saudi Customer Personal Information

    Within the 12-month policy review window, we may obtain your personal data from three authorized sources: information you actively submit on our website, automatically collected browsing & cart data, and supplementary delivery address updates provided by our Saudi logistics partners and payment service providers.
  3. Personal Data Retention Rules for Saudi Users

    We retain your Saudi customer personal data only for the reasonable period required to complete your apparel orders, fulfill after-sales support, and comply with Saudi PDPL mandatory record retention statutes, official tax accounting rules, and internal business record policies. Upon expiration of the legal retention window, your data will be permanently erased or anonymized.
  4. PDPL Consumer Data Rights for Saudi Residents

    You hold full enforceable data rights under Saudi PDPL as follows:
  • Access Right: Request full disclosure of all personal data we store about you, including data categories, collection sources, business processing purposes, third-party data sharing partners, and specific individual data records linked to your account.
  • Correction Right: Request immediate amendment of any inaccurate delivery, contact or billing information stored in our systems.
  • Deletion Right: Request full permanent deletion of your personal data subject to mandatory legal retention exceptions under Saudi law.
  • Opt-out Right: Fully opt out of all commercial sale or cross-context advertising sharing of your personal information.

Specific Supplementary Terms for UAE Consumers

This section exclusively applies to residents of the United Arab Emirates, aligned with UAE federal data protection regulations and DIFC data protection rules for e-commerce retailers.
  1. Data Subject Rights

    All UAE customers hold full access, correction, deletion, data portability and marketing opt-out rights as defined under UAE data protection law. Any data processing request you submit to SURLEEN will be processed within the 30-day mandatory response window.
  2. Appeal Mechanism

    If we decline or partially reject your data rights request, you may submit a formal written appeal to our legal team via legal@surleen.com for secondary internal review.
  3. Regulatory Complaint Channel

    If our internal appeal response remains unsatisfactory to you, you may file an official data protection complaint with the UAE federal data protection regulatory authority directly.

Specific Terms for Colorado, Connecticut, and Virginia Residents

  1. Right to Appeal

    If you submit a data access, correction or deletion request and we are unable to fully comply with your demand, you hold the right to submit a formal appeal of our decision to SURLEEN’s legal department.
  2. Additional Regulatory Remedies

    If you remain dissatisfied after completing our internal appeal process, you may contact your respective U.S. state Attorney General office to file an official privacy complaint.
  3. Nevada Resident Special Right

    Residents of Nevada retain the statutory right to opt out of all sale of their personal identifiable information to external third-party data brokers and advertising companies.

Specific Terms for EU, Switzerland & UK Residents

  1. Definition Glossary for EU/UK/CH Users
  • “Consumer”: Any natural person physically located within the EU, United Kingdom or Switzerland, excluding individuals acting in professional employee capacity.
  • “Controller”: SURLEEN, the entity that independently determines the purposes and methods of all personal data processing operations on surleen.com.
  • “DPF Principles”: The Data Privacy Framework Principles and supplementary supplementary rules established by the EU-U.S. DPF.
  • “Personal Data”: All identifiable information relating to an EU/UK/CH consumer received by SURLEEN via our website, including all categories of sensitive personal data as defined under GDPR.
  • “Processor”: Third-party logistics, payment, analytics and marketing service providers that process personal data exclusively on SURLEEN’s written instructions.
  • “Sensitive Data”: Special category personal data under GDPR including health information, religious beliefs, political opinions, biometric data, financial payment records and legal proceeding records.
  • “Services”: SURLEEN website (https://surleen.com/), all apparel retail functions, member accounts, checkout, delivery and customer support tools.
  • “UK”: The United Kingdom of Great Britain and Northern Ireland.
  1. Data Collection & Authorized Usage

    Click here to view full categorized examples of all personal data we collect from EU, UK and Swiss consumers and the lawful business purposes for each processing activity under GDPR.
  2. Consumer Choice & Consent Rules

    3.1 SURLEEN provides all EU/UK/CH consumers full clear choice over whether their Personal Data may be disclosed to independent third-party controllers or repurposed for marketing uses unrelated to the original data collection purpose. For all GDPR special category sensitive data, we obtain separate explicit opt-in consent before any processing or sharing. Consumers may contact our legal team at any time to fully withdraw previously granted consent for data processing. We will only process your personal data for purposes materially consistent with those disclosed in this policy unless you provide separate new consent for alternate usage.

    3.2 We may share consumer personal data with our authorized regional business partners. We reserve the right to disclose personal data without opt-out consent only in three limited scenarios: (i) data shared with contracted third-party processors acting solely under our written instructions; (ii) mandatory disclosure required by binding EU/UK/Swiss law or court legal process; (iii) lawful official requests from public law enforcement and national security authorities. We may also transfer personal data during business asset sales, mergers, acquisitions or company reorganization proceedings.

    3.3 Except when legally permitted or required, SURLEEN provides consumers a clear opt-out mechanism before sharing personal data with independent third-party controllers. All third-party controllers receiving your personal data must sign formal written contracts committing to: (i) only process data for limited, consented business purposes; (ii) maintain data protection standards equivalent to DPF/GDPR requirements; (iii) immediately notify SURLEEN and cease all unauthorized data processing if they cannot uphold required privacy safeguards.

    3.4 For all data transfers to third-party processors, SURLEEN completes the following mandatory GDPR compliance steps: (i) execute formal data processing contracts with every processor; (ii) limit data transfers to only narrow consented purposes; (iii) verify processors maintain equivalent GDPR-level data protection safeguards; (iv) conduct regular oversight audits to confirm compliant data processing; (v) require immediate written notification if a processor cannot uphold privacy obligations; (vi) take immediate remedial action to stop unauthorized processing upon receiving such notification; (vii) provide full copies of processor contract privacy clauses to EU regulatory authorities upon formal request.
  3. Data Security

    SURLEEN implements proportionate, robust technical and organizational security measures to protect EU/UK/CH consumer Personal Data against loss, unauthorized access, disclosure, alteration and permanent destruction, taking full account of processing risk levels and the nature of sensitive personal data collected via our e-commerce website.
  4. Data Integrity & Purpose Limitation

    SURLEEN strictly limits all personal data processing to information directly relevant to the disclosed retail business purposes. We will never process your personal data in ways incompatible with the original collection purpose or your subsequent explicit consent. We maintain reasonable operational processes to ensure stored personal data is accurate, complete and current; consumers may submit correction requests at any time via our legal email to update outdated records.

    We only retain personal data in identifiable format for the minimum duration required to fulfill consented business purposes or comply with mandatory EU/UK/Swiss legal retention statutes. After this period, all data will be fully anonymized or permanently deleted.
  5. Data Access Rights

    All EU, UK and Swiss consumers hold the statutory right to access all personal data SURLEEN stores about them. We provide reasonable, free access to your complete personal data records upon verified request, alongside the ability to correct, amend or erase inaccurate or unlawfully processed data. We may limit or deny access requests only where the administrative burden is disproportionate to consumer privacy risks, or where granting access would violate the privacy rights of other individuals. All data access requests can be submitted via our official legal contact email.
  6. Recourse, Compliance Enforcement & Liability

    SURLEEN maintains formal internal compliance mechanisms to verify full adherence to DPF and GDPR privacy rules. We conduct an annual independent self-assessment of all EU/UK/CH consumer data processing practices to confirm all privacy commitments outlined in this policy are fully implemented.

    Consumers may submit formal privacy complaints regarding SURLEEN’s data handling practices via our legal email address. We will complete a full investigation and implement corrective remedial actions for all verified compliance violations within the mandatory GDPR response window.

Contact Us

If You have any questions, requests or formal complaints regarding this Privacy Policy or our data collection and processing practices, please contact our legal team via the official dedicated email address:

legal@surleen.com
SURLEEN

Website: https://surleen.com/

Last updated: June 24, 2026