GDPR Compliance

PRIVACY POLICY

This Privacy Policy describes how your personal information is stored, collected, used, and shared when you visit or make a purchase from maiook.com (the “Site”).
I respect your privacy and promise to use any information I hold about you in a safe and responsible way. By shopping with me, you are agreeing to my Privacy Policy, in particular, my use of your information, as outlined below.

Data Controller:
The data controller in respect of this website is Maja Zurovac s.p., Triglavska ulica 17, 4000 Kranj, Company ID Number: 6132383000, VAT Number:  72196734, email address: maja@maiook.com


PERSONAL INFORMATION WE COLLECT

When you visit my website, I automatically collect certain information to analyse how my users interact with our website and its features (lawful basis: legitimate interest). For example, I collect information about a number of visits and unique visitors, location, what websites or search terms referred you to the Site, your browser and your device (tablet, desktop, mobile phone). This information is obtained through cookies. With the use of these cookies, the identification of the individual is not possible. For more on cookies we use, click here.

Additionally, when you make a purchase or attempt to make a purchase through the Site, I collect the following information:
- name and surname;
- billing and delivery address;
- company name or name of a legal entity (if a user is a legal entity); 
- tax number of legal entity (if a user is a legal entity); 
- email address (username);
- contact phone number;
- country of residence;
- payment information;
- credit card type (Visa or Mastercard);
- IP address;
- number of orders;
- origin/referrer of the first visit to our website;
- number of visits to our website;
- any other information that you voluntarily share in forms on our website;
- any other information that you voluntarily share when you register. 



HOW DO WE USE YOUR PERSONAL INFORMATION?

I use the information related to purchasing that I collect for the following purposes:

a) for the purposes of processing and fulfilment of orders including arranging for shipping, providing you with invoices and order confirmations (lawful basis: necessary to perform a contract) I collect and process the following data: name and surname, billing and delivery address, company name or name of legal entity (if user is a legal entity), tax number of legal entity (if user is a legal entity), email address, contact phone number, country of residence, payment information, credit card type.

b) for the purposes of complying with legal obligations such as issuing an invoice, keep accounting records, including records of transactions (lawful basis: legal obligation) I collect and process the following data: name and surname, billing and delivery address, company name or name of legal entity (if user is a legal entity), tax number of legal entity (if user is a legal entity), country of residence, payment information.

c) for the purposes of identification, verification and screening our orders for potential risk or fraud (lawful basis: necessary to perform a contract) I collect and process the following data: name and surname, billing and delivery address, company name or name of legal entity (if user is a legal entity), tax number of legal entity (if user is a legal entity), email address, contact phone number, country of residence, payment information, credit card type, IP address.

d) for improvement of our services and of user experience (lawful basis: legitimate interest) I collect and process the following data: number of orders, origin/referrer of the first visit to my website, number of visits to my website.

e) on the basis of your explicit consent  I also collect and process the following data:
- name, surname and email address you provide when creating a user account on our Site. Creating a user account is not necessary for the completion of a purchase.
- the email address used to sign up for our mailing list;
- any other information that you voluntarily share in forms on our website;
- any other information that you voluntarily share when you register.


MY EMAIL POLICY

collect email addresses when you a) place an order (lawful basis: necessary to perform a contract), b) sign up for our mailing list (lawful basis: consent) or c) send me an email to any of the email addresses posted on my Site (lawful basis: necessary to perform a contract).

a)  Email address you provide during the ordering process will be used solely for the purpose to communicate with you regarding your order: providing you with order and shipping confirmation and communicating with you regarding any changes regarding your order. Your email address will not be used to send you my mailing list or any marketing materials either by me or third parties.
If you would like to receive our mailing list, you can sign up by either checking the tick box while placing an order or putting your email address in the sign-up form.

b) When subscribing to our mailing list, your email address will be used only for purposes of sending you my newsletter, nothing else. If you are already receiving our mailing list and you at any point wish to unsubscribe, you can do so by following the 'unsubscribe' link located near the bottom of each newsletter.

I use Mailerlite to manage our email marketing subscriber list and to send emails to our subscribers. Mailerlite is a third-party provider, which may process your data using industry standard technologies to help us monitor and improve my newsletter. You can read their Privacy Policy here.

c) When you send me an email to any of the email addresses posted on my Site I will use your email for communication purposes only (to reply to your initial email and any further emails).


PAYMENT PROCESSING

In order to process your payment, I use third-party payment processors PayPal and Stripe. The third-party processors process your information including your payment information in accordance with their privacy policies: PayPal and Stripe


SHARING YOUR PERSONAL INFORMATION

I use a number of third parties to provide us with services which are necessary to run our business or to assist us with running our business.

Your information will be shared with these service providers where necessary to provide you with the service you have requested, whether that is accessing our website, ordering goods and services from me or delivering goods. I will share your personal information with these third parties only to the extent necessary to perform these services.

I share information with our accountants for tax purposes. For example, I share invoices I issue and receive with our accountants for the purpose of completing tax returns and our end of year accounts.

Compliance with laws. I may collect, use, retain, and share your information if I have a good faith belief that it is reasonably necessary to (a) respond to legal process or to government requests; (b) enforce our agreements, terms and policies; (c) prevent, investigate, and address fraud and other illegal activity, security, or technical issues; or (d) protect the rights, property, and safety of our customers, or others.


DATA RETENTION

I will retain your data no longer than needed taking into consideration:
- the purpose and use of your information now or in the future;
- whether we have legal information to continue to process your information (recordkeeping obligations imposed by laws and regulations);
- whether we have the legal basis to process your information (your consent);
- any agreed industry practices on how long the information should be retained.

After that, any and all information will be deleted, destroyed or blocked.


YOUR RIGHTS

Subject to certain restrictions you have the following rights in relation to your information:

(a) the right to access and correct your information

(b) the right to erasure
You have the right to have your personal data erased if:
- the personal data is no longer necessary for the purpose which we originally collected or processed it for;
- I m relying on consent as our lawful basis for holding the data, and you withdraw your consent;
- I am relying on legitimate interests as our basis for processing, you object to the processing of your data, and there is no overriding legitimate interest to continue this processing;
- I am processing the personal data for direct marketing purposes and you object to that processing;
- I have processed the personal data unlawfully (ie in breach of the lawfulness requirement of the 1st principle);
- I have to do it to comply with a legal obligation; or
- I have processed the personal data to offer information society services to a child.

(c) the right to restrict our use
You have the right to obtain from us restriction of processing where one of the following applies:
- the accuracy of the personal data is contested by you, for a period enabling me to verify the accuracy of the personal data;
- the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
- I no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims;
- you have objected to processing pending the verification whether our the legitimate grounds override yours

(d) the right to data portability gives you the right to receive personal data you have provided to a controller in a structured, commonly used and machine-readable format. It also gives you the right to request that I transmit this data directly to another controller.


ACTIONS TAKEN IN CASE OF BREACH

In the case of a personal data breach, I will without undue delay notify the personal data breach to the supervisory authority competent, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.
If a breach is likely to result in a high risk to the rights and freedoms of individuals, I will inform those concerned directly and without undue delay.


ACCURACY OF INFORMATION

I am not responsible for the credibility and accuracy of personal and contact information provided by you, the user. I am also not responsible for any damages caused by inaccurate, dated or insufficient information pertaining to the user.


COOKIES

Our website uses cookies. Cookies are usually small text files that are stored on your computer's browser directory or program data subfolders. For more information about what cookies are in which cookies we use on our website click here


CHANGES TO THE POLICY

may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.


CONTACT ME

For more information about our privacy practices, or if you have any other questions, please contact me by email at maja@maiook.com

 Valid from 04.02.2021