Macaroon Collection (Pty) Ltd is committed to protecting the privacy of everyone who shops or interacts with us on our online platforms, and this policy sets out our commitment to you on privacy.
Macaroon Collection abides by the Protection of Personal Information Act, No4 of 2013 (POPI)
WHAT PERSONAL INFORMATION DO WE COLLECT?
Macaroon Collection may collect personal information from you including your name, billing address, delivery address, phone and other contact details, email address, merchandise information, and method of payment, bank card or account details. Macaroon Collection may also collect transaction information relating to your purchases with Macaroon Collection and your preferences.
Macaroon Collection collects personal information in the normal course of providing services to you. These services include:
- Providing information in person in our showroom;
- Processing online purchases and payments;
- Registering an online Macaroon Collection account;
- When you contact Macaroon Collection customer service;
- Processing credit/ debit card purchases;
- Purchases and arranging product holds;
- Using Macaroon Collection social media;
- Entering Macaroon Collection competitions;
- Using of social media pages and log-in (which may be hosted by third parties);
- Processing refunds and exchanges; and
- Signing up to receive Macaroon Collection email marketing communication
Macaroon Collection may also collect personal information for recruitment and employment purposes, for trade references or other contractual arrangements.
WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as name, billing address, delivery address, phone and other contact details, email address, merchandise information, and method of payment, bank card or account details.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
We collect personal information as detailed above, which we may later use to customise our services, to provide relevant consumer information and to provide marketing and re-marketing communications across Macaroon Collection.
In most circumstances personal information will be collected directly from you. Macaroon Collection may use your personal information to keep you up to date with Macaroon Collection’s product ranges, specials, promotions and offers that you may be interested in including for direct marketing. Specifically, you authorise Macaroon Collection to contact you regarding your purchase and use of our online store.
Any information collected is safely and securely stored and only used for the purposes for which it was collected. We restrict access to your personal information, maintain technology products to prevent unauthorised computer access and use SSL (secure sockets layer) encryption technology when processing your financial details at our online store. The majority of personal information collected is stored within South Africa, however several third parties that we contract with may host this data in a cloud based system or in America.
Macaroon Collection does not sell or trade any personal information collected. However, we may share some of the personal information we collect with our related corporations and service providers, contractors who help us provide services, or trading partners. We often need to share your information with companies who perform parts of our service delivery. This may include:
- Banking institutions and payment gateways e.g. Paygate, Ozow, Pay Just now, FNB, Bidvest DPO;
- Third party courier and fulfilment services e.g. uAfrica, The courier guy, DawnWing, CourierIt, Postnet;
- Service providers e.g. IT services, mailing services, remarketing platforms, data analysis;
- Companies assisting Macaroon Collection with marketing and competitions;
- Regulatory authorities;
- Professional advisors; and
- Any other third party required by law.
Where we share your information, Macaroon Collection will ensure that these third parties protect your privacy in accordance with POPI. Macaroon Collection has taken every precaution to ensure these related corporations and service providers, contractors who help us provide services, and trading partners comply with the POPI Act. Please review the THIRD PARTY SERVICES SECTION below.
Macaroon Collection may also publish some of your personal information on our website or social media pages where you have entered a competition or promotion run by Macaroon Collection.
Email communications and marketing
Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates.
If you have registered to receive email marketing communications from Macaroon Collection we reserve the right to contact you in regards to Macaroon Collection. You can opt-out of receiving email marketing communications at any time. To unsubscribe, click to unsubscribe from the bottom of any of our email marketing communications.
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, it is implied that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at email@example.com
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
For more insight, you may also want to read Shopify’s Terms of Service (http://www.shopify.com/legal/terms) or Privacy Statement (http://www.shopify.com/legal/privacy).
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers. Please see PAYMENT section above
In order for us to fulfil your order Macaroon Collection uses the following courier and fulfilment service providers, and their privacy policies can be found on their respective website at the links provided:
- uAfrica - https://www.uafrica.com/privacy-policy
- The Courier Guy - https://www.thecourierguy.co.za/privacy-policy/
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
Macaroon Collection adheres to credit card and personal information being kept secure at all times. Therefore, to help ensure that your shopping experience is safe and secure Macaroon Collection uses Secure Socket Layer (SSL) technology. Extended Validation SSL Certificates give high-security Web browsers information to clearly identify a Web site organisational identity. This encrypts all the information you send across to us including your credit card details. All pages that require you to enter your personal information or payment details on our site have the Extended Validation Standard, which will cause the URL address bar to turn green in your browser; this verifies the authenticity of our online security.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard and American Express.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
Macaroon Collection uses the following financial service providers, and their privacy polices can be found on their respective website at the links provided
- Paygate DPO – https://www.paygate.co.za/privacy-policy/
- BIDVest (card processing merchant portal) – https://www.bms.co.za/downloads/paia.pdf
- Ozow – https://ozow.com/privacy-policy/
- Pay Just Now – https://payjustnow.com/privacy-policy
- Yoko (in store card payments) - https://www.yoco.com/za/terms/privacy-and-app/
THIRD PARTY LINKS
When you click on links and banners on our site that take you to third-party websites, you will be subject to that third-party's privacy policies. While we support the protection of privacy on the Internet, Macaroon Collection is not responsible for the actions of any third-party web sites. We encourage you to be aware when you leave our site and to read the privacy statements of each and every website that collects personally identifiable information. This privacy statement applies only to information collected by us.
Transfers of Personal Information outside of South Africa
Your data may be transferred to, stored at, and processed at a destination outside of South Africa by our service providers (e.g. Apple iCloud and WhatsApp). By submitting your Personal Information, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with applicable legislation or other relevant and appropriate laws.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
Our websites use "cookies" - small data files that are stored on your computer when you visit a website. Cookies enable you to shop on our website and may be used in a variety of ways to enhance or personalise your online browsing and shopping experience. Cookies may eliminate the need to repeatedly enter the same information, enabling us to improve the content, reliability and functionality of our websites, evaluate the effectiveness of advertising on our websites, and track website usage patterns. Accepting a cookie will not give us access to any data on your computer other than the data stored in the cookie. You may experience a loss of functionality as a result of configuring your web browser not to accept cookies.
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence, and you have given us your consent to allow any of your minor dependents to use this site.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
YOUR DATA RIGHTS
Your rights as a data subject The data protection laws give you certain rights in relation to the data we hold on you. These are:
- the right to be notified. This means that we must tell you how we use your Personal Information, and this is the purpose of this Privacy Notice;
- the right of access. You have the right to access the Personal Information that we hold on you. To do so, you should make a subject access request;
- the right for any inaccuracies to be corrected. If any Personal Information that we hold about you is incomplete or inaccurate, you are able to require us to correct it;
- the right to have information deleted. If you would like us to stop processing your Personal Information, you have the right to ask us to delete it from our systems where you believe there is no reason for us to continue processing it;
- the right to restrict the processing of the Personal Information. For example, if you believe the Personal Information we hold is incorrect, we will stop processing it (whilst still holding it) until we have ensured that it is correct;
- the right to portability. You may transfer the Personal Information that we hold on you for your own purposes;
- the right to object to the inclusion of any information. You have the right to object to the way we use your Personal Information where we are using it for our legitimate interests;
- the right to regulate any automated decision-making and profiling of Personal Information. You have a right not to be subject to automated decision making in way that adversely affects your legal rights
If you have a concern about any aspect of our privacy practices, you can make a complaint. This will be acted upon promptly. To make a complaint, please contact us via one of the methods set above. You undertake to first make a good faith attempt to resolve same with the Practice. If you are not first satisfied with our response to your complaint, you have the right to then lodge a complaint with our supervisory authority, the Information Regulator. You can find details about how to do this on their website: https://www.justice.gov.za/inforeg
QUESTIONS AND CONTACT INFORMATION
The internet is an open medium and we cannot guarantee that any information you send to us by email or via our sites will not be intercepted or tampered with; any transmission is at your own risk. Once we have received your information, we will use appropriate procedures and security features to prevent unauthorised access.
If you would like to: access, correct, amend or delete any personal information we have about you, or simply want more information, contact our Privacy Compliance Officer at firstname.lastname@example.org
You have the right to request a copy of the Personal Information we hold about you. If you would like a copy of some or all of this information you may contact us.
Michelle du Plessis