PRIVACY POLICY
1. General provisions
This Privacy Policy explains the principles of processing personal data of customers of Maybell's Diana Koval online store, operating at:
maybells.shop
We care about data security and make every effort to ensure that processing is carried out in accordance with:
-
Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR),
-
the Personal Data Protection Act,
-
Act on the provision of services by electronic means.
By using the store and placing an order, you accept the rules described in this document.
2. Data controller
The administrator of your personal data is:
Maybell's Diana Koval
Forest Estate 11/76
66-470 Kostrzyn nad Odrą
Tax Identification Number: 5993271800
REGON: 524362051
Email: maybells.shop@gmail.com
3. What data do we process?
Depending on how you use the store, we process the following data:
3.1. Order fulfillment data
-
name and surname,
-
delivery address,
-
email address,
-
phone number,
-
invoice details (company, NIP),
-
information about purchased products.
3.2. Payment details
Processed only by payment operators (not by the store):
-
Przelewy24 (PayPro SA)
-
PayPal
The store does not receive the customer's payment card details.
3.3. Data collected automatically
When you use the website, the following information is automatically collected:
-
IP address,
-
device identifier,
-
browser data,
-
cookies,
-
website behavior (Shopify Analytics).
3.4. Newsletter
If you subscribe to the newsletter, we process:
-
email address.
4. Purpose and legal basis of data processing
We process your data:
4.1. In order to fulfill the order
-
preparation, shipping, returns, complaints, contact
Legal basis: Article 6(1)(b) of the GDPR (performance of the contract)
4.2. To process payments
-
payment verification, refunds
Legal basis: Article 6(1)(b) of the GDPR
4.3. For contact purposes
-
responses to messages, inquiries, forms
Basis: Article 6(1)(f) (legitimate interest)
4.4. For marketing purposes
-
newsletter, promotions, news
Legal basis: Article 6(1)(a) (consent)
4.5. For analytical and statistical purposes
-
store improvement, traffic analysis
Legal basis: Article 6(1)(f) (controller's interests)
5. Data Sharing
Your data may only be shared with entities that help us run the store:
5.1. Payment Operators
-
Przelewy24 (PayPro SA)
-
PayPal
5.2. Courier companies
-
InPost
-
DHL
-
German carriers (for international shipments)
5.3. Shopify Platform
Data is processed within Shopify's infrastructure (Canada/US/EU) using the EU-US Data Shield.
5.4. Marketing and analytical services
-
Shopify Analytics
-
Google Ads / Meta Ads (if used)
We never sell your data.
6. Data storage period
Your data is stored:
-
order data: 6 years (tax and accounting requirements),
-
correspondence: 12 months,
-
newsletter: until you unsubscribe,
-
technical data (cookies): in accordance with cookie settings.
7. Your rights
You have the right to:
-
Access to data
-
Data rectification
-
Data deletion (“right to be forgotten”)
-
Processing restrictions
-
Data transfer
-
Objection to processing
-
Withdrawal of consent (e.g. newsletter)
You can do this by writing to:
maybells.shop@gmail.com
8. Cookies
The store uses cookies to:
-
proper functioning of the website,
-
remembering the basket,
-
analytics,
-
content personalization,
-
marketing (if enabled).
Types of cookies:
-
technical – necessary for the operation of the store,
-
analytical (Shopify / Google Analytics),
-
marketing (if used).
You can disable cookies in your browser settings.
9. Security
We use:
-
SSL encryption,
-
Shopify security,
-
data protection through anti-spam and anti-fraud systems,
-
limited access to data only for authorized persons.
10. Transfer of data outside the EU
Shopify may process data outside the EU (Canada/US).
This is done in accordance with:
-
European Commission adequacy decision,
-
Data Privacy Framework mechanisms,
-
standard contractual clauses (SCC).