Privacy Policy

  1. Information We Collect & Context: As a Hong Kong-based global retailer specializing in vacation-style women’s dresses, we collect two categories of information to deliver a seamless shopping experience. Personal Identifiable Information (PII) is collected when you interact with our platform: this includes your full name, email address, shipping and billing addresses (critical for delivering your resort wear to destinations worldwide), phone number (to coordinate delivery with carriers), and payment details (e.g., credit card numbers or PayPal account info) when completing purchases. We only ask for PII that is directly necessary—for example, we don’t require additional personal details like occupation or travel plans unless you voluntarily share them. Non-Personal Information is gathered automatically via cookies and analytics tools: this includes your browser type (e.g., Chrome, Safari), device model (e.g., iPhone 15, laptop), IP address (used to approximate your region for shipping estimate accuracy), browsing behavior (e.g., which floral maxi dresses or linen sundresses you viewed, time spent on product pages), and referral sources (e.g., how you found our site—social media, search engines). This non-identifiable data helps us refine our product offerings (e.g., prioritizing popular tropical prints) and fix technical issues (e.g., optimizing mobile browsing for users shopping on-the-go for vacation).​
  1. Purpose of Data Use – Tailored to Vacation Apparel Shoppers: Every use of your personal data is tied to enhancing your experience with our vacation dress collection. We use PII to:​
  • Process and fulfill orders: This includes verifying payment, generating shipping labels for your resort wear, and updating you on delivery status (e.g., “Your beach dress has shipped” or “Delivery to your hotel is scheduled for Friday”).​
  • Provide customer support: If you reach out with questions (e.g., “Will this linen dress arrive in time for my Bali trip?” or “Can I change the shipping address to my vacation rental?”), we use your order and contact data to resolve inquiries efficiently.​
  • Ensure accuracy: We cross-check shipping addresses with carriers to avoid delivery delays—critical for customers ordering dresses for upcoming trips.​

We never use your data for unsolicited purposes (e.g., sharing your email with travel agencies) without explicit consent, and we avoid overcollecting information that doesn’t serve your shopping needs.​

  1. Marketing Consent – Focused on Vacation Style: We understand that vacation dress shoppers may want updates on new collections (e.g., summer beachwear, winter resort dresses) or exclusive discounts, but we never send promotional content without your explicit opt-in. You can choose to opt in during account creation (via a clearly labeled checkbox) or when signing up for our newsletter (e.g., to receive “Vacation Style Guides”). All marketing emails include a prominent “Unsubscribe” link at the bottom—clicking this will remove you from our marketing list within 48 hours, and we’ll confirm your opt-out via a follow-up email to ensure no further promotions are sent. You can also opt out by emailing our support team directly, and we’ll update your preferences immediately. We limit marketing frequency to 1–2 emails per month to avoid overwhelming your inbox, and all content is relevant to vacation apparel (e.g., “5 Must-Have Sundresses for Your Greek Island Trip”).​
  1. Third-Party Sharing – Limited to Order Fulfillment: We strictly prohibit the sale, rental, or trade of your personal data to any third parties for commercial gain—this includes fashion brands, travel companies, or data brokers. The only third parties with access to your data are trusted partners who assist in delivering our core services, and these partners are contractually obligated to protect your information and use it exclusively for the tasks we assign. These partners include:​
  • Payment processors: Companies like PayPal, Stripe, and major credit card issuers (Visa, Mastercard) receive limited PII (e.g., payment amount, billing address, last four digits of your card) to securely process transactions for your vacation dress orders. They do not store your full payment details on our behalf and adhere to global payment security standards (PCI DSS).​
  • Shipping carriers: Global carriers like DHL, FedEx, and Hong Kong Post receive your shipping address, phone number, and order details (e.g., “1 floral maxi dress”) to deliver your package—this is critical for ensuring your dress arrives on time, especially if you’re ordering for a specific vacation date.​
  • Customer support tools: We use a third-party email support platform to manage inquiries, but this tool only accesses your conversation history and order number (not full payment details) to help our team resolve issues like size changes or delivery tracking.​

We never share non-personal data with third parties unless it is aggregated (e.g., “60% of users viewed beach dresses in July”) and stripped of all identifying information.​

  1. Data Security – Protecting Vacation Shoppers’ Information: We recognize that many customers shop for vacation dresses in advance, and protecting their personal and payment data is a top priority. We implement industry-leading security measures to prevent unauthorized access, theft, loss, or modification of your data:​
  • SSL encryption: All data transmitted between your browser and our website (e.g., when entering your shipping address or payment details) is encrypted using Secure Sockets Layer (SSL) technology. This means your information is converted into a code that only our secure servers can decode, preventing interception by hackers.​
  • Secure servers: Your data is stored on servers located in secure facilities with 24/7 physical security (e.g., surveillance cameras, access control systems) and digital protections (e.g., firewalls, anti-malware software) that are updated daily to address new threats.​
  • Access controls: Only authorized employees (e.g., order processing teams, customer support staff) have limited access to your data, and they must use unique login credentials and complete annual privacy training. No single employee can access all your data (e.g., support staff can’t view full payment details).​
  • Payment security: We do not store full credit card numbers or bank account details on our servers. Instead, we use tokenization—replacing sensitive payment data with a unique “token”—so even if our systems were breached, your financial information would remain protected.​

In the unlikely event of a data breach that could affect your PII, we will notify you via email within 72 hours (as required by laws like GDPR and CCPA) and provide clear steps to protect your data (e.g., changing your account password).​

  1. Cookie Control – Balancing Functionality and Choice: Cookies are small text files stored on your device that help our website work efficiently and personalize your experience. We use two types of cookies, and we give you control over non-essential ones:​
  • Essential cookies: These are required for basic website functions that make shopping for vacation dresses possible. They include cookies that remember items in your shopping cart (so you don’t lose your selected sundresses if you close your browser), maintain your login session (so you don’t have to sign in repeatedly), and enable checkout. You cannot disable essential cookies without breaking core features—for example, you won’t be able to complete an order without them.​
  • Non-essential cookies: These enhance your experience but aren’t required. They include analytics cookies (from tools like Google Analytics) that track website traffic and user behavior (e.g., which dress categories are most popular) to help us improve our site, and preference cookies that remember your language or currency settings (useful for international shoppers). You can disable non-essential cookies via your browser settings (e.g., in Chrome, go to “Settings > Privacy and security > Cookies and other site data”)—this won’t affect your ability to browse or buy dresses, but you may see the same default settings (e.g., USD currency) each time you visit.​

All cookies we set expire within a reasonable timeframe: session cookies expire when you close your browser, while preference and analytics cookies expire after 12 months of inactivity.​

  1. Data Retention – Aligned with Vacation Shopping Needs: We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by Hong Kong law (e.g., tax record-keeping). Our retention periods are tailored to the needs of vacation dress shoppers:​
  • Order-related data: We store your order history (e.g., which dresses you purchased, shipping address, payment amount) for 3 years after your last order. This allows us to handle returns or exchanges (e.g., if you want to return a dress after your vacation) and comply with tax regulations. After 3 years, we anonymize the data—removing your name, email, and address so it can only be used for internal analytics (e.g., “20% of customers bought maxi dresses in 2024”).​
  • Account data: If you have an account, we retain your name, email, and saved addresses for as long as your account is active. If your account is inactive for 12 consecutive months (no logins, orders, or inquiries), we will send you a notification via email. If you do not reactivate your account within 30 days, we will securely delete all your personal data (except anonymized order history).​
  • Marketing data: We retain your opt-in status for marketing communications until you opt out. After you opt out, we store your email address on a “do not contact” list for 5 years to ensure we don’t accidentally send you promotions in the future.​

You can request the deletion of your personal data at any time by emailing our support team. We will review your request within 3 business days and confirm deletion (or explain any legal reasons we need to retain certain data, such as tax records) via email.​

  1. Contact for Queries – Support for Global Vacation Shoppers: We understand that privacy concerns can arise, especially for international shoppers ordering vacation dresses from Hong Kong. Our support team is available to answer questions, address concerns, or assist with data-related requests (e.g., accessing your order history, correcting a shipping address). You can contact us via email at our dedicated support address—we respond to all privacy-related inquiries within 2 business days (excluding Hong Kong public holidays) to ensure timely assistance. Common queries we handle include:​
  • Requesting a copy of the personal data we hold about you (e.g., your order history or saved addresses).​
  • Correcting inaccurate data (e.g., updating your email address or changing a saved shipping address).​
  • Clarifying how we use your data (e.g., “Will my phone number be shared with carriers outside my country?”).​
  • Reporting concerns about data security (e.g., “I think someone accessed my account”).​

We also welcome feedback on our privacy policy—if you have suggestions for how we can improve how we protect your data, please let us know. Our goal is to make shopping for vacation dresses with MIST LIMITED not only stylish but also secure and transparent.​