This policy was last updated on 05/15/2018 in line with GDPR requirements. It may be updated in the future and we will post the new version here on our website. We will never deviate from our overall philosophy of maintaining your privacy, though.
1. General Information
2. What information we collect about you
Your personal data
When we say your "personal data", we mean any information that identifies any person that you provide to us. Your "personal data" may also be contained in information that we collect about you in connection with your order or otherwise interact with us for example by electronic mail. When it comes to your personal data, we comply with our obligations under the General Data Protection Regulation and any other applicable data protection legislation from time to time.
Your personal data includes the information you provide, on the maxsprecher.com website (including any forms you complete), or during an electronic mail enquiry about you. Examples of this personal data include your name, your email address, address including postal code which you provide to us when you set up an account and subsequently amend in the My Account section when you go to checkout; and any correspondence when you contact us. We do not knowingly collect or solicit any personal data from anyone under the age of sixteen or knowingly allow such persons to purchase goods from us. maxsprecher.com is not directed at children under the age of sixteen. In the event that we learn that we have collected personal data from a child under age sixteen without verification of parental consent, we will delete that information as quickly as possible.
Information we collect - We collect information about your website usage, to improve our service and to understand trends to enhance and customize our website. Some of this data may be "personal data", where it identifies a person.
maxsprecher.com does not store any credit card data. When payments are processed via credit card, maxsprecher.com uses third-party vendors that are PCI-DSS compliant. At no point does maxsprecher.com have access to your credit card information.
3. How we use the information we collect
We use your personal data for legitimate business reasons, for example email you when your order has been received. It will also enable us to contact you by email, fax, post, SMS, social media or telephone where necessary concerning maxsprecher.com or an order you have placed; to record your personal preferences; to personalize our services to you (such as by pre-populating fields to make it easier for you to provide information when you return to the maxsprecher.com. It will also enable us to produce reports you request as part of the services we provide.
Contacting you for Marketing Purposes - We may use your personal data to contact you by email, fax, post, SMS, social media and/or telephone to let you know about our other maxsprecher.com and/or third-party services, content, offers or product ranges which may be of interest to you. We will only use your data in this way where you have provided consent, we have legitimate business reasons for doing so, or where we are otherwise entitled by law to do so. If you would like us to stop providing you with such notifications, just contact us using the details in Section “How to Contact Us” at the end of this policy. Please note, this may take up to one working day to take effect. To stop receiving emails from maxsprecher.com itself, you should cancel your maxsprecher.com account or unsubscribe from our mailing list.
Cookies - We may further use, or permit selected third parties to use, your personal data to enable us to track and analyze maxsprecher.com website traffic and visitor trends, improve your browsing experience and to personalize and enhance the content and advertising we display.
Legal Requirements – We may use your personal data to comply with any legal obligations to which we are subject.
4. Why do we use your personal data?
We collect and use your personal data for a variety of reasons. We need some data to enter into and perform our contract with you. The lawful basis for processing your personal data is Consent as you have consented to provide your personal details to us to allow us to provide a service to you. If you fail to provide such data we will be unable to provide our service to you.
Other information we collect because we have legitimate business interests, for example, in:
• Fulfilling your order and providing updates on the order.
• Understanding how our customers use our products, services and websites;
• Understanding and responding to customer feedback;
• Researching and analysing the services our customers want;
• Improving our product and better understanding how our customers use it
5. How we share information we collect
Except as described in this policy, maxsprecher.com does not divulge any personal information gathered via its services to third parties.
We may share your personal data with third parties in certain circumstances:
• if we are under a duty to disclose or share your personal in order to comply with any legal obligation; to cooperate with law enforcement officials in the investigation of unlawful activities of [your store name] website users or relating to [your store name] users; or in order to enforce or apply any contract with you; or to protect our rights, property, or safety of our employees, customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection or unlawful activity.
We also utilize a number of carefully selected third parties to help provide our services to you. Examples of these functions include website creation and hosting, email, providing marketing assistance and data analysis, data management, handling credit card transactions and providing customer service. In choosing to work with any such third parties, we will always ensure that the security policies and confidentiality arrangements of those third parties adhere to the same requirements we ourselves impose and expect, as a minimum. No ownership rights to the data will be transferred to any third party.
Sub-processors we use:
6. How long do we store your data for?
We only store your data for as long as necessary for the purposes of processing set out in this policy.
Order Data: Indefinitely for legal bookkeeping and tax purposes
Invoice’s/Sales Receipt: Indefinitely for legal bookkeeping and tax purposes
My account: Active until user unsubscribes or makes an individual request
Newsletter subscriptions: Active until user unsubscribes
You are free to change your personal details in the My Account section of your account at any time, if you have set up an account with us. You can also ask us for a copy of your personal data that we hold. We may ask for proof of your identity before providing any information and reserve the right to refuse to provide information requested if identity is not established. Please see “Your Individual Rights” below. Generally, we will retain your personal data for a reasonable period, or for as long as the law requires.
7. Your individual rights
1. Access to your personal data: You can ask us to confirm if we are processing your personal data and you may request a copy of your personal data by contacting us. See Section “How to Contact Us” at the end of this policy. 2. Right to change or withdraw your consent: Where you have given us consent to make use of your personal data for any of the purposes outlined in this policy, you may withdraw that consent at any time by contacting us using the details located at Section “How to Contact Us” at the end of this policy. If you wish to change your contact preferences or no longer wish to be contacted for marketing purposes, use the Unsubscribe link in the email or get in touch. See Section “How to Contact Us” at the end of this policy.
3. Right to Rectification: You may ask us to update out of date or inaccurate information we hold about you. To do so, please log on to your [your store name] account and update your information or get in touch using the details at Section “How to Contact Us” at the end of this policy.
4. Right to Erasure: In certain circumstances you may ask us to erase your Personal Data. If you would like us to erase the personal data we hold about you, please get in touch using the details at Section “How to Contact Us” at the end of this policy
5. Right to Data Portability: In certain circumstances you may ask us to provide you with the personal data that we hold about you in a structured, commonly used, machine readable form, or ask for us to send such personal data to another data controller.
6. Right to object: In certain circumstances you may object to our processing of your personal data. Please get in touch using the details at Section “How to Contact Us” at the end of this policy.
7. Right to restrict processing: You can ask us to restrict the processing of personal data we hold about you in certain circumstances. Please get in touch using the details at Section “How to Contact Us” at the end of this policy.
8. Make a complaint: You may make a complaint about our data processing activities, please contact us. See Section “How to Contact Us” at the end of this policy.
We take security and privacy seriously. We will endeavor to take all reasonable steps to keep your personal data secure once it has been transferred to our systems. We adopt appropriate, industry standard data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction.
Industry-standard encryption technologies - including, but not limited to, SSL (Secure Socket Layer) technology - are used when transferring and receiving transaction data exchanged with our Website. Standard security measures are in place at our physical facilities to protect against the loss, misuse or alteration of information collected from you at our website.
The checkout process is secured by HTTPS / TSL encryption. TLS (Transport Layer Security) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and secure. TLS is the industry standard and is used by millions of websites in the protection of their online transactions with their customers. Additionally, we only work with payment gateways that offer the highest level of security certification (PCI DSS Level 1).