Sasha Enterprises
Trading as: Sasha Enterprises
Website: https://sashaenterprises.com
Email: info@sashaenterprises.com
Registered Address: Sasha Enterprises, Cuffe Parade, 13, H 134, MAKER TOWER, G D SOMANI MARG, Mumbai, Maharashtra, 400005, India
This Privacy Policy explains how Sasha Enterprises, trading as Sasha Enterprises (“Sasha Enterprises”, “we”, “us”, or “our”), collects, uses, discloses, stores, and protects personal data when you visit https://sashaenterprises.com, submit a business enquiry, communicate with us, or otherwise interact with us in connection with our B2B trade and sourcing activities.
This policy is designed to comply with the EU General Data Protection Regulation (GDPR), the India Digital Personal Data Protection Act, 2023 (DPDP Act), the CAN-SPAM Act (United States), and other applicable data protection laws.
1. Who We Are
Sasha Enterprises is an India-based B2B import-export and trade-support business serving commercial customers and prospective business partners across India and international markets.
For privacy-related requests, contact: info@sashaenterprises.com
Registered Address: Sasha Enterprises, Cuffe Parade, 13, H 134, MAKER TOWER, G D SOMANI MARG, Mumbai, Maharashtra, 400005, India
2. Scope
This Privacy Policy applies to personal data collected through:
• our Website;
• contact and enquiry forms;
• email, telephone, WhatsApp, Meta lead forms, and similar business communications;
• supplier, customer, and partner onboarding;
• commercial discussions, quotations, purchase documentation, and logistics coordination; and
• cookies and similar technologies where used.
3. Personal Data We Collect
A. Identity and Contact Data
• name, business email address, phone number, job title, company name, business address, country and market of interest
B. Business and Enquiry Data
• product categories of interest, destination country or market, expected volume, shipping preferences, documentation requirements, quotation requests, transaction history and communication content
C. Supplier, Customer, and Compliance Data
• business registration details, tax or trade documentation, payment and invoicing details, due-diligence and sanctions-screening information, authorised representative details
D. Technical and Usage Data
• IP address, browser type, device type, operating system, referral source, pages viewed, timestamps, cookie identifiers and similar online identifiers
E. Marketing and Communications Data
• consent records, subscription preferences, opt-in and opt-out status, campaign engagement data such as opens, clicks, delivery, bounce, and complaint events where email tools are used
4. How We Collect Data
We collect personal data:
• directly from you when you submit a form, contact us, sign up for updates, request a quote, or communicate with us;
• from your employer or organisation where you act as its representative;
• from suppliers, logistics providers, payment institutions, compliance databases, or other counterparties involved in a transaction;
• from public or commercial sources for lawful business due diligence; and
• automatically through cookies, logs, and analytics technologies where applicable.
5. Purposes of Processing
We process personal data for the following purposes:
• to respond to enquiries and provide quotations or business information;
• to assess sourcing needs, supplier fit, destination-market requirements, and logistics options;
• to prepare for, enter into, perform, and manage contracts and transactions;
• to coordinate documentation, shipping, warehousing, dispatch, and post-dispatch support;
• to verify identities, conduct due diligence, and manage compliance, fraud prevention, sanctions screening, and recordkeeping;
• to send service, transactional, or account-related communications;
• to send marketing communications where permitted and where required consents or lawful bases exist;
• to operate, secure, troubleshoot, and improve the Website and our communications systems; and
• to comply with legal, regulatory, tax, accounting, and dispute-management obligations.
6. Legal Bases for Processing
Where GDPR or similar laws apply, we rely on one or more of the following legal bases:
• Consent: for optional cookies, marketing subscriptions, WhatsApp opt-ins, and other situations where consent is required.
• Contractual necessity: where processing is needed to take steps at your request before entering into a contract, or to perform a contract with you or your organisation.
• Legitimate interests: for B2B relationship management, responding to commercial enquiries, supplier and customer due diligence, service improvement, network and information security, fraud prevention, and internal administration, provided our interests are not overridden by your rights.
• Legal obligation: where processing is required to comply with applicable laws, regulations, court orders, trade rules, sanctions rules, tax requirements, or law-enforcement requests.
Where Indian law applies, we process personal data based on consent and other lawful grounds recognised under the DPDP framework.
7. Cookies and Similar Technologies
We may use cookies and similar technologies for essential Website functionality, security and fraud prevention, analytics and performance measurement, remembering user preferences, and advertising or campaign measurement tools (including Meta technologies) where enabled and lawfully used.
Please see our Cookie Policy for full details.
8. Email Communications
We send periodic business communications, including product availability updates, trade offers, logistics notices, and business news, to contacts who have provided explicit opt-in consent or with whom we have an established business relationship. All such communications:
• include clear identification of Sasha Enterprises as the sender;
• include our registered physical business address;
• contain accurate, non-deceptive subject lines;
• contain a one-click unsubscribe mechanism;
• are processed through Amazon Simple Email Service (SES) with full authentication (SPF, DKIM, DMARC).
Unsubscribe requests are processed immediately and honoured for all future communications. You may also opt out by contacting us at info@sashaenterprises.com. See our Email Marketing Policy for full details.
9. WhatsApp Business Communications
We may send business updates and trade-related notifications via WhatsApp Business API to contacts who have explicitly opted in. All WhatsApp communications comply with Meta’s WhatsApp Business Policy and use pre-approved message templates.
You may opt out at any time by replying STOP or contacting us at info@sashaenterprises.com. See our WhatsApp Business Messaging Policy for full details.
10. Data Sharing
We may share personal data with:
• our employees, contractors, and affiliated personnel on a need-to-know basis;
• IT, hosting, cloud, security, CRM, analytics, and communications vendors;
• email delivery providers such as AWS SES or similar services;
• Meta platforms and WhatsApp tools where you engage with us through those channels or where ad/lead tools are lawfully used;
• suppliers, manufacturers, logistics partners, freight handlers, warehouses, customs intermediaries, insurers, payment processors, banks, and other transaction counterparties;
• professional advisers such as legal, compliance, audit, tax, and insurance advisers;
• government, regulatory, law-enforcement, customs, or judicial authorities where required; and
• any acquirer, investor, or successor in connection with a merger, restructuring, financing, sale, or transfer of business assets, subject to appropriate safeguards.
We do not sell personal data.
11. International Transfers
Because we operate internationally and use global service providers, personal data may be accessed, stored, or processed in India and other jurisdictions. Where personal data is transferred from the EEA or another jurisdiction with cross-border transfer restrictions to a country not recognised as providing an adequate level of protection, we will use appropriate safeguards such as:
• the European Commission’s Standard Contractual Clauses;
• contractual protections with processors and partners;
• access controls, confidentiality obligations, and data minimisation;
• supplementary technical or organisational measures where appropriate.
12. Data Retention
We retain personal data only for as long as reasonably necessary for the purposes described above. As a general rule:
• enquiry and prospect records are retained for up to 24 months after the last meaningful interaction;
• transaction, shipping, invoicing, and compliance records may be retained for up to 8 years or longer where required by law or needed to establish or defend legal claims;
• marketing consent and campaign engagement records are retained until consent is withdrawn or the record becomes inactive, plus a reasonable compliance period;
• unsubscribe and suppression records may be retained for as long as necessary to ensure we do not re-contact opted-out recipients;
• routine technical logs are generally retained for up to 12 months, unless a longer period is needed for security or investigations.
13. Your Rights
Depending on your location and applicable law, you may have the right to:
• request access to your personal data;
• request correction, completion, or updating of inaccurate data;
• request deletion or erasure of your personal data;
• request restriction of processing;
• object to certain processing, including direct marketing;
• withdraw consent where processing is based on consent;
• request data portability;
• lodge a complaint with a relevant supervisory or regulatory authority;
• seek grievance redressal under Indian law;
• nominate another person to exercise rights on your behalf where recognised by Indian law.
We may need to verify your identity before acting on a request.
For GDPR-specific rights, see our GDPR Compliance Notice. For India DPDP Act rights, see our India Data Protection Notice.
To exercise any rights, contact: info@sashaenterprises.com
14. Data Security
We maintain reasonable technical, organisational, and administrative safeguards designed to protect personal data against unauthorised access, loss, misuse, alteration, disclosure, or destruction. These include encrypted data transmission (TLS/SSL), access controls, regular security reviews, and secure data storage.
No system can be guaranteed completely secure, but we apply proportionate controls appropriate to the nature of the data and our business.
15. Children’s Data
Our Website and services are intended for business users and are not directed to children. We do not knowingly collect personal data from children.
If you believe a child has provided us with personal data, please contact us and we will take appropriate steps to review and delete that data where required.
16. Third-Party Links and Platforms
Our Website or communications may link to or integrate with third-party websites or platforms. We are not responsible for the privacy practices of third parties, and you should review their policies separately.
17. Changes to This Policy
We may update this Privacy Policy from time to time. The updated version will be posted on the Website with a revised “Last Updated” date.
18. Contact
For privacy requests, complaints, or questions:
Privacy Contact / Compliance Team
Email: info@sashaenterprises.com
Address: Sasha Enterprises, Cuffe Parade, 13, H 134, MAKER TOWER, G D SOMANI MARG, Mumbai, Maharashtra, 400005, India