Privacy Policy

Effective date: 11/06/2026
Last updated: 11/06/2026

This Privacy Policy explains how Dreampick di Frosi Nicole, trading under the brand Khoraia (“Khoraia”, “we”, “us” or “our”), collects, uses, stores and protects personal data through the website www.khoraia.com, the B2B member area and related online services.

This Policy applies to:

website visitors;
business contacts;
retailers;
distributors;
B2B partners;
members;
any person who contacts us or uses our website.

1. Data Controller

The data controller is:

Information

Details

Business name

Dreampick di Frosi Nicole

Owner

Frosi Nicole

Registered address

Via Anna Frank 23, Vicenza, Italy

VAT / Tax ID

IT04092400243

info@dream-pick.com

For any privacy-related request, you may contact us at the email address above.

2. Nature of the Website

Khoraia is a jewelry and fashion accessories brand website.

The website is mainly used to:

showcase Khoraia products;
provide information about the brand;
receive contact and B2B distribution requests;
allow approved business users to access a member area;
allow B2B retailers, shops, distributors or partners to submit product order requests.

We do not sell products directly through an online checkout on the website.

B2B orders may be submitted through the member area or through contact forms, but payments are handled outside the website, for example by:

bank transfer;
payment on delivery;
other payment methods agreed directly between the parties.

3. Personal Data We Collect

Depending on how you use the website, we may collect the following categories of personal data.

3.1 Website Browsing and Technical Data

When you visit the website, technical information may be collected automatically by our website platform and hosting provider, Wix, including:

IP address;
device and browser information;
operating system;
pages visited;
date and time of access;
technical logs;
cookie identifiers;
security and session information;
analytics and performance information, where applicable.

This data is necessary for the technical operation, security and performance of the website.

3.2 Contact Form Data

If you contact us through a contact form, we may collect:

first name;
last name;
company name;
email address;
physical address, where requested;
country, city and postal code, where requested;
message content;
any information you voluntarily include in the message.

Please do not include sensitive personal data in free-text fields unless strictly necessary.

3.3 B2B Account and Member Area Data

If you create or use a B2B member account, we may collect:

email address;
first name and last name of the business owner, contact person or representative;
company name;
business address;
telephone number;
order information;
product types and quantities requested;
communications relating to orders or business requests.

Passwords are managed through the Wix platform and should never be shared with us by email or message.

We will never ask your credentials.

3.4 Wix CMS and B2B Data Storage

We use Wix CMS collections to store, organize and manage the same B2B-related data collected through the member area and order/request features.

This may include:

business contact details;
member account-related information;
company details;
delivery or business addresses;
telephone numbers;
order requests;
product types and quantities requested;
communications related to B2B orders or requests.

We do not use Wix CMS to store:

payment card details;
sensitive personal data;
identification documents;
any data that is not necessary for managing the B2B relationship, member area or order requests.

Access to CMS collections containing personal data is restricted to authorized users only.

CMS permissions are configured so that B2B member data and order/request data are not publicly accessible.

3.5 B2B Order and Commercial Relationship Data

When a retailer, distributor, business partner or anyone else submits an order or request, we may process:

business contact details;
delivery or business address;
products requested;
quantities;
order history;
payment method selected outside the website;
delivery-related information;
administrative and accounting information, where applicable.

3.6 Email Automation Data

We may use Wix Automations or similar Wix tools to send transactional or operational emails, such as:

confirmation that a request or order has been received;
order-related communications;
member account or service notifications;
operational updates.

We do not use these automated emails for marketing unless we have a valid legal basis to do so.

4. Purposes and Legal Bases for Processing

If you are located in the European Economic Area, the United Kingdom or another jurisdiction requiring a legal basis for processing, we process your personal data for the following purposes and legal bases.

Purpose

Personal Data Involved

Legal Basis

To operate and secure the website

Technical data, logs, security cookies

Legitimate interest; technical necessity

To respond to contact requests

Contact form data, message content

Pre-contractual steps requested by you; legitimate interest

To create and manage B2B accounts

Account data, email, business contact details

Contractual necessity; pre-contractual steps

To receive and manage B2B orders

Business contact data, order details, product quantities

Contractual necessity; pre-contractual steps

To store and manage B2B data in Wix CMS

Member data, order/request data, company and contact details

Contractual necessity; legitimate interest

To communicate about orders

Email, phone number, order information

Contractual necessity; legitimate interest

To comply with legal, tax and accounting obligations

Order, invoice and business information

Legal obligation

To prevent fraud, misuse or unauthorized access

Technical data, account data, logs

Legitimate interest

To analyze website performance, where allowed

Analytics data, cookies or similar technologies

Consent where required; legitimate interest only where legally permitted

To send marketing communications, if introduced in the future

Email and communication preferences

Consent or another valid legal basis, where permitted

We do not use your personal data for automated decision-making that produces legal or similarly significant effects on you.

5. Cookies and Similar Technologies

The website uses cookies and similar technologies.

Some cookies are necessary for the website to function, including:

security;
session management;
login;
member-area functionality;
cookie preference management.

Other cookies or analytics technologies may require your consent depending on their purpose and configuration.

For more information, please read our Cookie Policy.

You can manage your cookie preferences through the cookie banner or cookie settings tool available on the website.

6. Wix as Website Platform and Service Provider

Our website is built, hosted and operated through Wix.

Wix provides:

hosting;
security;
website infrastructure;
member account tools;
forms;
analytics;
automations;
CMS features.

For the personal data of our website visitors, members and business contacts, Khoraia determines what data is collected and why.

Wix processes certain data on our behalf as a service provider / data processor, according to its contractual terms and data processing documentation.

As part of our Wix website infrastructure, Wix CMS is used to store and manage B2B member-area data and order/request information.

Wix processes this data as part of the website services provided to us.

7. Other Recipients of Personal Data

We may share personal data only where necessary with:

Wix and Wix group companies;
Wix sub-processors and infrastructure providers;
email automation and website service providers used through Wix;
accounting, tax or administrative consultants, where needed;
delivery or logistics providers, if needed for business orders;
legal, professional or public authorities, where required by law.

We do not sell personal data.

We do not share personal data for third-party targeted advertising unless this is clearly disclosed and, where required, consent or an opt-out mechanism is provided.

8. International Data Transfers

Because our website is operated through Wix and because we may serve users internationally, personal data may be processed or stored outside your country, including outside the European Economic Area.

Where required by applicable law, transfers of personal data outside the EEA are protected by appropriate safeguards, such as:

adequacy decisions;
standard contractual clauses;
data processing agreements;
other lawful transfer mechanisms.

9. Data Retention

We keep personal data only for as long as necessary for the purposes described in this Policy, unless a longer retention period is required or permitted by law.

Indicative retention periods are:

Type of Data

Retention Period

Contact form requests

Up to 24 months from the last interaction, unless a business relationship follows

B2B account data

For as long as the account remains active, and thereafter for a reasonable period necessary to manage legal, administrative or security matters

B2B order and commercial data

For the duration necessary to manage the order and business relationship, and up to 10 years where required for tax, accounting or legal purposes

Wix CMS records containing B2B/member/order data

For the same retention period applicable to the related B2B account, request or order

Technical logs and security data

For the period necessary for security, troubleshooting and platform operation

Cookie consent records

For the period required or recommended by applicable law and the consent management platform

Marketing consent records, if applicable in the future

Until consent is withdrawn and for the period necessary to demonstrate compliance

We may retain limited information where necessary to establish, exercise or defend legal claims.

10. Your Rights

Depending on your location and applicable law, you may have the right to:

access your personal data;
request correction of inaccurate data;
request deletion of your personal data;
restrict the processing of your data;
object to processing based on legitimate interests;
receive a copy of your data in a portable format;
withdraw consent at any time, where processing is based on consent;
lodge a complaint with a supervisory authority.

If you are in Italy or the European Union, you may lodge a complaint with the Italian Data Protection Authority, the Garante per la Protezione dei Dati Personali, or with the supervisory authority of the EU Member State where you live or work.

To exercise your rights, contact us at:

info@dream-pick.com

We may need to verify your identity before responding to your request.

11. Notice for California and U.S. Residents

This section applies where U.S. privacy laws, including the California Consumer Privacy Act as amended by the California Privacy Rights Act, are applicable to our business.

We may collect the following categories of personal information:

identifiers, such as name, email address, phone number, business address and IP address;
commercial information, such as products requested, order information and B2B relationship details;
internet or electronic network activity information, such as website usage data, device data and cookie identifiers;
professional or business-related information, such as company name, role or business contact details;
account login information, such as email and password credentials, used only for account authentication and security.

We collect and use this information for the purposes described in this Policy, including:

operating the website;
managing B2B accounts;
responding to requests;
processing B2B orders;
storing B2B records through Wix CMS;
security;
legal compliance;
communications.

We do not sell personal information.

We do not knowingly share personal information for cross-context behavioral advertising.

If this changes in the future, we will update this Policy and provide the required opt-out mechanisms.

Depending on applicable law, U.S. residents may have rights to:

know;
access;
delete;
correct;
opt out of sale or sharing;
limit the use of sensitive personal information;
not be discriminated against for exercising privacy rights.

To submit a request, contact:

info@dream-pick.com

12. Children’s Privacy

The website and B2B member area are not directed to children.

We do not knowingly collect personal data from children under 13 years of age or from minors where parental consent is required by applicable law.

The member area is intended for business users and professional contacts only.

If you believe that a child has provided us with personal data, please contact us so that we can take appropriate action.

13. Security

We use reasonable technical and organizational measures to protect personal data against:

unauthorized access;
loss;
misuse;
alteration;
disclosure.

Our website infrastructure is provided by Wix, which applies security measures for hosting, authentication and website operation.

Wix CMS collections containing personal data are configured with restricted access permissions.

However, no website, online transmission or storage system can be guaranteed to be completely secure.

14. Third-Party Links

The website may contain links to third-party websites or platforms.

We are not responsible for the privacy practices, content or security of those third-party services.

Please review their privacy policies before providing personal data.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, technologies or business practices.

The updated version will be published on this page with a new “Last updated” date.

16. Contact

For questions about this Privacy Policy or to exercise your privacy rights, contact:

Information

Details

Business name

Dreampick di Frosi Nicole

info@dream-pick.com

Address

Via Anna Frank 23, Vicenza, Italy