Introduction At mitch matcha & more ("we," "us," or "our"), we are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you make a purchase from us
Data Controller The data controller responsible for your personal data is:
Personal Data We Collect We may collect and process the following personal data:
Identification Information: Your name.
Contact Information: Your phone number and email address.
Shipping Information: Your delivery address.
Transaction Information: Details about payments to and from you and information about products you have purchased from us.
Note: We do not collect or store your payment card details; all payments are securely processed by EveryPay in collaboration with Swedbank.
Legal Basis for Processing We process your personal data based on the following legal grounds:
Performance of a Contract: To fulfill our contractual obligations when you purchase our products.
Legal Obligations: To comply with laws and regulations, such as tax and accounting requirements.
Legitimate Interests: For our legitimate interests in conducting and managing our business, provided that your interests and fundamental rights do not override those interests.
Purpose of Data Processing We use your personal data for the following purposes:
Order Processing and Fulfillment: To process and deliver your orders, including managing payments.
Customer Communication: To contact you regarding your orders and provide customer support.
Shipping Status Tracking: To keep you informed about the status of your delivery.
Legal Compliance: To comply with applicable laws and regulations.
Data Sharing We may share your personal data with:
Service Providers: o Payment Processors: EveryPay and Swedbank for secure payment transactions. o Shipping Companies: To deliver your orders.
Professional Advisors: Accountants, auditors, and legal advisors as necessary.
Regulatory Authorities: If required by law or legal processes.
International Data Transfers We do not transfer your personal data outside the European Economic Area (EEA). If this changes, we will ensure appropriate safeguards are in place as required by GDPR.
Data Retention We retain your personal data only for as long as necessary to fulfill the purposes we collected it for, including satisfying legal, accounting, or reporting requirements. Typically, we retain order information for seven years to comply with tax and accounting laws.
Data Security We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way. Access to your personal data is limited to employees and third parties who have a business need to know and are bound by confidentiality obligations.
Your Rights Under GDPR Under the GDPR, you have the following rights regarding your personal data:
Right of Access: Request access to your personal data.
Right to Rectification: Request correction of inaccurate or incomplete data.
Right to Erasure: Request deletion of your personal data, subject to legal obligations.
Right to Restrict Processing: Request to suspend processing of your personal data.
Right to Data Portability: Receive your personal data in a structured, commonly used format.
Right to Object: Object to processing based on legitimate interests.
To exercise any of these rights, please contact us using your validated email (the email used for your order and payment) at [email protected].
Complaints If you have any concerns or questions about how we handle your personal data, we encourage you to contact us first so we can address your concerns promptly:
We are committed to resolving any issues swiftly and to your satisfaction.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law, you have the right to lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) or your local supervisory authority.
Changes to This Privacy Policy We may update our Privacy Policy from time to time. Any changes will be communicated to you through appropriate means.
Contact Us If you have any questions or concerns about this Privacy Policy, please contact us at:
