Wearscrubs ("we", "us") is committed to protecting the privacy of every customer — primarily Indonesian medical professionals — who interacts with our services through wearscrubs.id or our official WhatsApp. This document explains the data we collect, how we use it, and your rights as a customer.

1. Data We Collect

When you use our website or place an order, we may collect:

• Identity data: full name, professional title (e.g. dr., drg.), WhatsApp number.
• Shipping data: full address, destination city, postal code, special delivery notes.
• Order data: products selected (model, size, color, variant), quantity, embroidery instructions for name/logo including logo image files you upload.
• Cart data: cart items are stored in your browser's localStorage — not sent to our server until checkout.
• Communication data: WhatsApp or email correspondence related to your order, complaints, or product inquiries.

2. How We Use Your Data

• To process your order — payment confirmation, custom embroidery production, and shipping coordination.
• To send order status updates (WhatsApp notifications for confirmation, shipping, tracking).
• To answer questions, handle complaints, or process returns per our Terms of Service.
• To comply with legal obligations (transaction records per Indonesian tax and e-commerce regulations).
• To improve our service — aggregate analytics for product, sizing, and UX improvements. No personal data is sold or transferred to third parties for advertising purposes.

3. Third Parties Processing Your Data

For operations, limited data is shared with service providers:

• Couriers (J&T, JNE, Lion Parcel, Sentral Cargo, Gosend/Grab): name, address, WhatsApp, package description — limited to delivery purposes.
• Receiving banks (BCA, Mandiri a/n Priscilla Lavine): only sender name & amount appear from your transfer process. We do not store your card/account data.
• Hosting & database providers: our servers are hosted on cloud services (Railway & Supabase) with industry-standard encryption.
• Fonnte: WhatsApp gateway for automated notifications (order confirmation, embroidery reminders).

We do not sell your personal data to any third party for marketing purposes.

4. Storage & Security

• Order data is stored in databases protected by at-rest and in-transit encryption (HTTPS/TLS).
• Internal access is granted only to verified admins via token-based authentication (JWT) with limited validity.
• Embroidery logo files you upload are stored in Supabase Storage and used only for production of the related order.
• Transaction data is retained for at least 5 years per Indonesian tax administration requirements.

5. Cookies & Local Storage

Our website uses browser localStorage to save your shopping cart and display preferences (light/dark mode). No third-party advertising tracking cookies are used. You can clear this data anytime via your browser settings.

6. Your Rights as a Customer

• Access: request a copy of personal data we hold about you.
• Correction: request correction of inaccurate data (e.g. typo in address).
• Deletion: request your data be deleted, except records we are legally required to keep (e.g. transaction invoices).
• Marketing opt-out: stop receiving newsletters by replying STOP or clicking unsubscribe.

To exercise these rights, contact us via WhatsApp +62 878-8717-2220 or email wearscrubs.id@gmail.com.

7. Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our service or legal requirements. The "Last updated" date at the top of this page is the authoritative version reference. Significant changes will be communicated via WhatsApp or email to active customers.

8. Contact

Questions about this policy can be directed to: