Page Heading


This Privacy Policy describes how www.themanda.nl (the “Site” or “we”) collects, uses, and discloses your Personal Information when you visit or make a purchase from the Site.


Collecting Personal Data

To offer our Website and Services, we process certain personal data. In this Privacy Policy, “Personal Data” refers to information or pieces of information that could allow you to be directly or indirectly identified. This definition is in accordance with the Relevant Legislation.

We collect certain information about your device, your interaction with the Site, and information necessary to process your purchases.

    The Personal Data we process will be deleted if they are no longer necessary for the fulfillment of the purposes mentioned above or are inaccurate unless we are legally obliged to keep the data for a longer period.

     

    Minors

    The Site is not intended for individuals under the age of 18. We do not intentionally collect Personal Information from children. If you are the parent or guardian and believe your child has provided us with Personal Information, please contact us at the address below to request deletion.


    Sharing Personal Information

    We may share your Personal Data with “Data Processors”. Such Data Processors assist us in processing the Personal Data. For example, we use the services of payment providers, storage providers, advertising tools and package and delivery services.

     These Data Processors must strictly follow our instructions. Therefore, they will not use personal data for their own purposes. We make sure all of our Data Processors comply with the relevant privacy legislation.

    Besides the above, we will not share your Personal Data with anyone – unless we are legally obliged to do so.

    • We use Shopify to power our online store. You can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy.
    • We may transfer the Personal Data outside the European Union (EU), if one of our Data Processors is located outside the EU. In case we transfer Personal Data outside the EU, the Personal Data will only be transferred to countries or organizations that provide an adequate level of protection that meets the EU-standards. For example, we will verify if that organization is a Privacy Shield Participant or is listed as third country whose level of protection is approved by the European Commission. The transfer of Data outside the EU will always comply with the Relevant Legislation.


      Behavioural Advertising

      As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:

      • We use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://policies.google.com/privacy?hl=en.You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
      • We share information about your use of the Site, your purchases, and your interaction with our ads on other websites with our advertising partners. We collect and share some of this information directly with our advertising partners, and in some cases through the use of cookies or other similar technologies (which you may consent to, depending on your location).

      For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

      You can opt out of targeted advertising by:

      Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.


      Using Personal Information

      We use your personal Information to provide our services to you, which includes: offering products for sale, processing payments, shipping and fulfillment of your order, and keeping you up to date on new products, services, and offers.

      We may collect the following (Personal) Data from you when you use our Website and/or Services:

      Login information: E-mail address, password
      We use this information to create an account for you and give you access to this account. We need these data to perform our contract with you, i.e. to make an account for you and give you access to it.

      Order information: Name, address, zip code, city, e-mail address, phone number and former order information
      We use this information to: correctly ship and address your order(s), contact you with any updates about your order or give you an overview of the orders you placed on our Website before. We need these data to perform our contract with you, i.e. to process and deliver your orders.

      Payment information: Billing address and payment details
      We use this information to correctly process the payment of your order. We need these data to perform our contract with you, i.e. to process your payment.

      Contest information: Name, e-mail address and date of birth
      We use this information to select and contact the winner of a contest. We ask for your consent to process these data.

      Newsletters: E-mail address
      We use this information to send you our newsletter, so you will be fully informed of (discount) offers and other relevant news. We ask for your consent to process these data. If you are a former customer of us, we can send you newsletters because we have a legitimate interest to do so. You can always unsubscribe from our newsletter.

      Klarna, Buy Now Pay Later

      We use Klarna as the provider of our checkout. This means that we might transfer your personal data in the form of contact and order details to Klarna when the checkout is loaded, in order for Klarna to manage your purchase. Your personal data transferred is processed in line with Klarna’s own privacy notice.

      Lawful basis

      Pursuant to the General Data Protection Regulation (“GDPR”), if you are a resident of the European Economic Area (“EEA”), we process your personal information under the following lawful bases:

      • Your consent;
      • The performance of the contract between you and the Site;
      • Compliance with our legal obligations;
      • To protect your vital interests;
      • To perform a task carried out in the public interest;
      • For our legitimate interests, which do not override your fundamental rights and freedoms.


      Retention

      When you place an order through the Site, we will retain your Personal Information for our records unless and until you ask us to erase this information. For more information on your right of erasure, please see the ‘Your rights’ section below.

      Automatic decision-making

      If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.

      Our processor Shopify uses limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.

      Services that include elements of automated decision-making include:

      • Temporary denylist of IP addresses associated with repeated failed transactions. This denylist persists for a small number of hours.
      • Temporary denylist of credit cards associated with denylisted IP addresses. This denylist persists for a small number of days.

       

        Your rights

        GDPR

        If you are a resident of the EEA, you have the right to access the Personal Information we hold about you, to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information below 

        Your Personal Information will be initially processed in Ireland and then will be transferred outside of Europe for storage and further processing, including to Canada and the United States. For more information on how data transfers comply with the GDPR, see Shopify’s GDPR Whitepaper: https://help.shopify.com/en/manual/your-account/privacy/GDPR.

        If you are a resident of California, you have the right to access the Personal Information we hold about you (also known as the ‘Right to Know’), to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information below 

        If you would like to designate an authorized agent to submit these requests on your behalf, please contact us at the address below.

        Protection Data

        We work hard to protect your personal data from unauthorized or unlawful access, alteration, disclosure, use or destruction. That way, unauthorized persons do not have access to your data. We take at least the following measures to protect your personal data: 

        • Secure network connections with Secure Socket Layer (SSL) technology or a technology that is similar to SSL;
        • The access to the data is limited to the persons that need the data

        Cookies

        A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.

        We use the following cookies to optimize your experience on our Site and to provide our services.

        Reporting and Analytics

        The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.

        You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.

        Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as www.allaboutcookies.org.

        Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Behavioural Advertising” section above.

        Do Not Track

        Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.

        Changes

        We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.

        Contact

        For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at hello@themanda.io

        Last updated: 20/07/2023