Privacy Policy

Privacy Policy
– Mary & Susan

DATA PROTECTION

INFORMATION ON THE COLLECTION OF PERSONAL DATA AND CONTACT DETAILS OF THE CONTROLLER

1.1 We are delighted that you are visiting our website and thank you for your interest. Below, we inform you about the handling of personal data when using our website. Personal data includes all data with which you can be personally identified.

1.2 The controller for data processing on this website, within the meaning of the General Data Protection Regulation (GDPR), is Mary & Susan, who is responsible for processing. The controller for personal data is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data.

1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (such as orders or inquiries to the responsible person). You can recognize an encrypted connection by the string “https://” and the lock symbol in your browser bar.

2. DATA COLLECTION WHEN VISITING OUR WEBSITE

When you use our website for informational purposes only, without registering or providing information in any other way, we only collect the data that your browser sends to our server (server log files). When you visit our website, we collect the following data, which is technical and necessary to display the website to you:

  • The website visited

  • Date and time of access

  • Amount of data sent in bytes

  • Source/reference from which you accessed the page

  • Browser used

  • Operating system used

  • IP address used (possibly anonymized)

Processing is carried out in accordance with Article 6(1)(f) of the GDPR based on our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way, but we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.

3. COOKIES

To make your visit to our website attractive and to enable the use of certain functions, we use various types of cookies on different pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e., when you close your browser (session cookies). Other cookies remain on your device and allow us or our partner companies to recognize your browser on your next visit to the website (persistent cookies).

These persistent cookies are automatically deleted after a specified period, which may vary depending on the type of cookie.

Some cookies are used to store settings and simplify the ordering process (e.g., remembering the contents of a virtual shopping cart for a later visit to the website).

If cookies process personal data implemented by us, this is done in accordance with Article 6(1)(b) of the GDPR to fulfill the contract, or in accordance with Article 6(1)(f) of the GDPR to protect our legitimate interests in providing the best possible functionality of the website and a customer-friendly and effective design of page visits.

We may collaborate with advertising partners to make our website more interesting for you. When you visit our website, cookies from partner companies may also be stored on your device (third-party cookies). If we collaborate with advertising partners, you will be informed about the use of such cookies and the scope of the information collected in the following paragraphs, where you will be individually and separately informed.

Please note that you can set your browser to inform you about the setting of cookies and individually decide whether to accept them, or you can disable the acceptance of cookies for specific cases or in general. The way in which cookie settings are managed varies by browser and is described in the help menu of each browser, explaining how to change your cookie settings. You can find this information for each browser via the following links:

  • Internet Explorer: support.microsoft.com …

  • Firefox: support.mozilla.org …

  • Chrome: support.google.com …

  • Safari: support.apple.com …

  • Opera: help.opera.com …

Please note that if you do not accept cookies, the functionality of our website may be limited.

4. CONTACT US

When you contact us (e.g., via the contact form or email), we collect personal data. The specific data collected via a contact form can be found in the respective form. This data is used solely to respond to your request and for associated technical administration. The legal basis for processing this data is our legitimate interest in responding to your request, in accordance with Article 6(1)(f) of the GDPR.

If your contact is related to concluding a contract, Article 6(1)(b) of the GDPR also applies as the legal basis for processing. Your data will be deleted once your request has been fully processed, which occurs when the matter is clarified, and there is no legal obligation to retain the data to the contrary.

5. DATA PROCESSING WHEN OPENING A CUSTOMER ACCOUNT AND FOR CONTRACT EXECUTION

In accordance with Article 6(1)(b) of the GDPR, personal data is still collected and processed when you provide it to us for the execution of a contract or to open a customer account. The specific data collected is determined based on the information you provide via the relevant input forms. You can have your customer account deleted at any time by sending a message to the controller’s address above. We store and use the data you provide for the processing of the contract.

Once the contract has been fully executed or your customer account has been deleted, your data will be processed for tax and accounting purposes. Commercial law retention periods are observed, and your data will be deleted once these periods have expired, unless you expressly consent to further processing of your data or further processing is permitted by law, as we inform you below.

6. USE OF YOUR DATA FOR DIRECT ADVERTISING

6.1 Registration for our email newsletter
When you subscribe to our email newsletter, we regularly send you information about our offers. The only mandatory data for sending the newsletter is your email address. Any additional data may be voluntarily provided and used to address you personally. For sending the newsletter, we use the double-opt-in procedure. This means that we only send you an email newsletter after you have explicitly confirmed that you agree to receive it.

We will then send you a confirmation email with a link to confirm that you want to receive the newsletter.

By clicking the confirmation link, you give us permission to use your personal data, in accordance with Article 6(1)(a) of the GDPR. When you subscribe to the newsletter, we store your data, including the IP address from which you registered, as well as the date and time of registration, to prevent any future misuse of your email address. The data collected during your subscription to the newsletter is used solely for advertising purposes via the newsletter.

You can unsubscribe from the newsletter at any time via the link in the newsletter or by sending a message to the controller mentioned above (Mary & Susan via Marysusancanada@gmail.com). Once you unsubscribe, your email address will be immediately removed from our newsletter distribution list, unless you expressly agree to further use of your data or further processing is permitted by law.

6.2 Sending the email newsletter to existing customers
If you have provided us with your email address when purchasing goods or services, we reserve the right to send you offers for similar goods or services to those you have already purchased from us. No separate consent is required for this form of direct advertising from you. The processing of your data is based solely on our legitimate interest in personalized direct advertising, as intended in Article 6(1)(f) of the GDPR.

If you object to the use of your email address for this purpose, we will refrain from sending emails. You have the right to object at any time to the use of your email address for direct advertising in the future by notifying the controller as previously mentioned. This can be done at no cost using the standard rates. Upon receipt of your objection, the use of your email address for advertising purposes will be immediately discontinued.

7. DATA PROCESSING FOR ORDER PROCESSING

7.1 The personal data we collect is processed as part of the contract processing with the transport company responsible for delivery, as far as necessary for the delivery of the goods. Your payment details will be passed on to the respective credit institution for payment processing, if necessary. If payment service providers are used, explicit information will be provided. The legal basis for data transfer is Article 6(1)(b) of the GDPR.

7.2 Use of payment service providers (payment service providers)
PayPal
When paying via PayPal, credit card via PayPal, direct debit via PayPal, or - if offered – “purchase on account” or “installment payment” via PayPal, your payment data will be transmitted to PayPal (Europe) S.a.r.l. et Cie, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”). The transmission takes place in accordance with Article 6(1)(b) of the GDPR and only to the extent necessary for payment processing.

PayPal reserves the right to conduct a credit check when paying by credit card via PayPal and by direct debit via PayPal or - if offered – “purchase on account” or “installment payment” via PayPal. For this purpose, your payment data will be used if necessary, in accordance with Article 6(1)(f) of the GDPR based on PayPal’s legitimate interest in passing it on to credit agencies to determine your creditworthiness.

The results of the credit check, including score values, are used by PayPal to decide on offering the respective payment method. More information on data protection, including the credit agencies used, can be found in PayPal’s privacy policy: https://www.paypal.com/en/webapps/mpp/ua/privacy-full. You can object to this processing of your data at any time by sending a message to Mary & Susan California via Marysusancanada@gmail.com.

(SOFORT / andere betalingsmethoden: gelijke voorwaarden als in het origineel of zoals je zelf gebruikt)

8. CONTACT FOR REVIEW REMINDER

If you have expressly consented during or after your order, we will use your email address for a one-time reminder to send an email asking you to review your order via the review system we use, in accordance with Article 6(1)(a) of the GDPR. You can revoke your consent at any time by sending a message to the controller (Mary & Susan, Marysusancanada@gmail.com).

9. USE OF SOCIAL MEDIA: SOCIAL PLUGINS

9.1 Facebook plugins with Shariff solution
Our website uses so-called social plugins (“plugins”) from the social network Facebook, operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA (“Facebook”).
To enhance the protection of your data when visiting our website, these buttons are not displayed as complete plugins but are only integrated as an HTML link on the page. This integration ensures that when you visit a page on our website with such buttons, no connection is made to the Facebook servers yet. However, when you click the button, a new browser window opens, and you will have access to the Facebook page, where you can interact with the plugins there (possibly after entering your login details).

… etc., verder hetzelfde als in het origineel, met telkens verwijzingen naar Mary & Susan, Marysusan melbourne@gmail.com waar relevant.

10. ONLINE MARKETING
(zoals boven)

11. WEB ANALYSIS SERVICES Google (Universal) Analytics
(zoals boven, indien je dit gebruikt)

12. RETARGETING / REMARKETING / REFERRAL ADVERTISING
(zoals boven)

13. RIGHTS OF THE DATA SUBJECT

13.1 The applicable data protection legislation grants you extensive rights with regard to the processing of your personal data by the controller. Below, we will inform you about your rights as a data subject (right to information and intervention):

  • Right to information …

  • Right to rectification …

  • Right to erasure …

  • Right to restriction of processing …

  • Right to data portability …

  • Right to withdraw consent …

  • Right to lodge a complaint with a supervisory authority …

13.2 Right to object
You have the right, for reasons arising from your particular situation, to object to the processing of your personal data for future use when that processing is based on legitimate interest. … etc.

14. DURATION OF STORAGE OF PERSONAL DATA

The duration of storage of personal data is determined based on the respective legal retention period (e.g., commercial and tax retention periods). After the deadline expires, the relevant data will be routinely deleted unless it is no longer necessary to fulfill the contract, conclude a contract, and/or there is no legitimate interest on our part justifying the storage.