Privacy Policy

At Organzo.pk, we are committed to safeguarding your personal information and ensuring a secure online shopping experience. This Privacy Policy outlines how we collect, use, store, and protect your data in compliance with Pakistani laws, including PECA 2016 (amended 2025), the ETO 2002, and sector-specific regulations from the State Bank of Pakistan (SBP) and Pakistan Telecommunication Authority (PTA). We also align with best practices from the anticipated Personal Data Protection Bill to prepare for future regulations.

Information We Collect

To deliver high-quality herbal products and services, we collect the following data:

• Personal Information: Full name, billing and shipping addresses, email address, phone number, and other details provided during account creation, order placement, or customer support interactions.

• Payment Information: Credit/debit card details, bank transfer information, or other payment data processed securely through SBP-licensed payment gateways compliant with PCI-DSS standards.

• Browsing Data: IP address, browser type, operating system, device information, and website navigation patterns to optimize user experience and analyze site performance.

• Cookies and Tracking Technologies: Cookies, web beacons, and similar tools to enhance functionality, personalize content, and track site usage. You can manage cookie preferences via your browser settings.

• User-Generated Content: If applicable, reviews, comments, or feedback submitted on our website, which may include personal opinions or experiences.

How We Use Your Information

We use your data to provide a seamless shopping experience and support natural remedies for hormonal balance:

• Order Fulfillment: Process orders, manage payments, arrange shipping, and provide delivery updates.

• Customer Communication: Send order confirmations, respond to inquiries, and provide support via email or phone.

• Website Optimization: Analyze browsing patterns to improve website functionality, user interface, and product offerings.

• Marketing and Promotions: Send newsletters or promotional offers about our herbal products, with a clear opt-out option in every communication.

• Legal Compliance: Meet obligations under PECA 2016 (Section 38, prohibiting unauthorized data disclosure) and other laws, including cooperation with the National Cyber Crime Investigation Agency (NCCIA).

• Fraud Prevention: Detect and prevent fraudulent activities, ensuring secure transactions.

Your Rights

In line with global best practices and the anticipated Personal Data Protection Bill, we recognize the following user rights:

• Access: Request a copy of your personal data held by Organzo.pk.

• Correction: Update inaccurate or incomplete information.

• Deletion: Request removal of your data, subject to legal retention requirements (e.g., PECA 2016, Section 29, mandates one-year retention of traffic data).

• Withdraw Consent: Opt out of data processing for non-essential purposes, such as marketing.

• Data Portability: Receive your data in a structured, machine-readable format (where feasible).

• Object to Automated Processing: Avoid decisions based solely on automated systems.

To exercise these rights, contact us at organzopk@gmail.com or 03039316330. We will respond within 30 days, as per best practices.

Security Measures

We implement robust measures to protect your data, aligning with the National Cyber Security Policy 2021 (NCSP) and PECA 2016:

• SSL Encryption: All data transmissions are secured using Secure Socket Layer technology.

• Access Controls: Only authorized personnel with strict access protocols can handle your data.

• Regular Security Audits: Periodic reviews to identify and address vulnerabilities.

• PKCERT Compliance: Adherence to guidelines from the Pakistan Computer Emergency Response Team (PKCERT), established in March 2024, for incident response and cybersecurity.

• Payment Security: Use of SBP-licensed gateways and PCI-DSS compliance to safeguard financial transactions.

Data Sharing and Disclosure

We do not share your personal information with third parties without your explicit consent, except in the following cases:

• Order Fulfillment: Sharing necessary details (e.g., address) with trusted shipping partners.

• Legal Requirements: Disclosing data to comply with court orders, investigations by the NCCIA, or other legal obligations under PECA 2016, Section 38.

• Service Providers: Engaging third-party vendors (e.g., payment processors, analytics providers) bound by confidentiality agreements and compliant with Pakistani laws.

Data Retention

We retain your data only as long as necessary for the purposes outlined or as required by law:

• Traffic data is retained for one year, per PECA 2016, Section 29.

• Personal and payment data is kept for the duration of your account or as needed to fulfill orders, unless deletion is requested.

• Marketing data is retained until you opt out.

International Data Transfers

If data is transferred outside Pakistan (e.g., for cloud storage or analytics), we ensure compliance with ETO 2002 and use providers with robust data protection standards, anticipating requirements of the Personal Data Protection Bill.

Cookies and Tracking

We use cookies to enhance your experience:

• Essential Cookies: Enable core website functions, such as cart management and secure checkout.

• Analytics Cookies: Track site usage to improve performance and content.

• Marketing Cookies: Deliver personalized ads, which you can disable via browser settings.

You can manage cookies through your browser or by contacting us. Disabling cookies may limit some website features.

Compliance with Regulatory Bodies

We comply with oversight from the SBP, PTA, and the newly established Social Media Protection and Regulatory Authority (SMPRA) and Digital Rights Protection Authority (DRPA), as per the PECA Amendment Act 2025. If user-generated content (e.g., reviews) is hosted, we ensure mechanisms to address unlawful content, aligning with SMPRA guidelines.

Updates to This Policy

We may update this Privacy Policy to reflect changes in practices, legal requirements, or regulatory guidance (e.g., enactment of the Personal Data Protection Bill). Updates will be posted on our website, with significant changes notified via email.

Contact Us

For questions, concerns, or to exercise your rights, contact:

• Email: organzopk@gmail.com

• Phone: 03039316330