1. Introduction

MP, accessible at salkk.xyz, is committed to complying with the General Data Protection Regulation (GDPR) (EU) 2016/679. This policy outlines how we collect, process, store, and protect personal data for residents of the European Union and United Kingdom. By using our website or services, you consent to the data practices described in this policy.

MP is operated by MP, located at Unit 1, New Hythe Lane, Aylesford, Kent, ME20 7FE. For inquiries, contact us at [email protected] or 01622236610.

 

2. Lawful Basis for Processing

We process personal data under the following lawful bases as per GDPR:

– Contractual Necessity: To fulfill orders, process payments, and manage shipping and returns.

– Consent: For marketing communications, such as promotional emails, where you have opted in.

– Legitimate Interests: To improve our website, analyze user behavior, and prevent fraud.

– Legal Obligation: To comply with applicable laws, such as tax or consumer protection regulations.

 

3. Personal Data We Collect

We may collect the following personal data:

– Identity and Contact Data: Name, email address, phone number, billing and shipping addresses.

– Financial Data: Payment details (processed securely via Google Payment Gateway).

– Technical Data: IP address, browser type, device information, and browsing behavior collected via cookies.

– Account Data: Username, password, and other details if you create an account.

 

4. How We Use Your Data

We use your personal data to:

– Process and deliver orders, including shipping (6-8 business days to the UK and EU) and handling returns (within 15 days).

– Communicate about your orders, account, or customer service inquiries.

– Send marketing communications (with your consent, which you may withdraw at any time).

– Analyze website usage to improve our services and user experience.

– Comply with legal obligations or protect against fraudulent activities.

 

5. Data Sharing and Transfers

We may share your personal data with:

– Service Providers: Third parties such as Google Payment Gateway, shipping couriers, and analytics providers, who are bound by GDPR-compliant agreements.

– Legal Authorities: When required by law or to protect MP’s rights, safety, or property.

Data may be transferred outside the EU/UK to service providers (e.g., Google Payment Gateway). We ensure such transfers comply with GDPR through Standard Contractual Clauses or other approved mechanisms.

 

6. Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, or misuse. For example, payment details are encrypted via Google Payment Gateway. However, no online system is entirely secure, and we cannot guarantee absolute security.

 

7. Your GDPR Rights

As an EU/UK resident, you have the following rights under GDPR:

– Access: Request a copy of the personal data we hold about you.

– Rectification: Correct inaccurate or incomplete data.

– Erasure: Request deletion of your data (subject to legal obligations).

– Restriction: Limit how we process your data in certain circumstances.

– Portability: Receive your data in a structured, machine-readable format.

– Objection: Object to processing based on legitimate interests or for marketing purposes.

– Withdraw Consent: Withdraw consent for marketing or non-essential data processing at any time.

To exercise these rights, contact us at [email protected] or 01622236610. We will respond within one month, as required by GDPR.

 

8. Cookies and Tracking

We use cookies to enhance your experience, analyze traffic, and deliver personalized content. You can manage cookie preferences via your browser or our cookie consent tool. Categories include:

– Essential Cookies: Required for website functionality.

– Analytics Cookies: To understand user behavior.

– Marketing Cookies: For targeted advertising (with consent).

 

9. Data Retention

We retain personal data only as long as necessary for the purposes outlined or as required by law. For example:

– Order data is kept for 7 years to comply with tax and accounting laws.

– Account data is retained until you request deletion or the account becomes inactive.

– Marketing data is kept until you withdraw consent.

 

10. Complaints

If you believe your data protection rights have been violated, you may lodge a complaint with a supervisory authority, such as the UK Information Commissioner’s Office (ICO) or your local EU data protection authority. We encourage you to contact us first to resolve any issues.

 

11. Updates to This Policy

We may update this GDPR Compliance Policy to reflect changes in our practices or legal requirements. Updates will be posted on our website, effective upon posting. We encourage you to review this policy periodically.

 

Contact Us

For questions or to exercise your GDPR rights, please contact our Data Protection Officer:

– Address: Unit 1, New Hythe Lane, Aylesford, Kent, ME20 7FE

– Phone: 01622236610

– Email: [email protected]