GDPR Compliance Policy

We are committed to ensuring the privacy and protection of your personal data in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679. This GDPR page outlines how we collect, use, and protect your personal data and informs you of your rights regarding your personal information.

1. Data Controller

We are the data controller of your personal data, which means we are responsible for deciding how and why your personal data is used.

2. Data We Collect

We may collect the following types of personal data from you:

- **Personal identification details:** Name, address, phone number, email address.

- **Transaction data:** Information related to purchases, orders, and payment information.

- **Usage data:** Information about how you use our website, products, and services, such as your IP address, browser type, and website activity.

 3. How We Use Your Data

We use your personal data for the following purposes:

- **To process orders:** Delivering products, managing payments, and handling returns.

- **To improve customer experience:** Providing you with customer service and personalized offers.

- **Marketing purposes:** Sending promotional offers and updates if you have given us consent.

- **Legal obligations:** To comply with tax and legal requirements.

 4. Legal Basis for Processing Data

We collect and process your data based on the following legal grounds:

- **Performance of a contract:** Necessary for fulfilling your orders and delivering products.

- **Legitimate interests:** To provide you with the best service and user experience.

- **Consent:** For marketing communications and newsletters.

- **Compliance with legal obligations:** To meet regulatory requirements such as tax laws.

 5. Your Rights Under GDPR

You have the following rights regarding your personal data:

- **Right to access:** You can request a copy of the personal data we hold about you.

- **Right to rectification:** You can request that we correct any inaccurate or incomplete personal data.

- **Right to erasure:** You have the right to request the deletion of your personal data, provided there is no legal obligation for us to retain it.

- **Right to restrict processing:** You can request that we limit the use of your data in certain circumstances.

- **Right to data portability:** You can request your personal data in a structured, machine-readable format.

- **Right to object:** You can object to the processing of your data for marketing or other purposes.

- **Right to withdraw consent:** If we are processing your data based on your consent, you have the right to withdraw your consent at any time.

 6. Data Retention

We retain your personal data only for as long as necessary for the purposes it was collected for, including to comply with legal, accounting, or reporting requirements.

 7. Data Security

We take your data security seriously. We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. This includes encryption, firewalls, and secure data storage methods.

 8. Sharing Your Data

We may share your data with third-party service providers who help us with:

- Payment processing

- Product delivery

- Marketing services

We ensure that these third parties also comply with GDPR and protect your personal data.

 9. Cookies

We use cookies to improve your experience on our website. You have the option to accept or decline cookies through your browser settings. For more details, refer to our Cookie Policy.

 10. International Transfers

We do not transfer your personal data outside the European Economic Area (EEA). In the event that we do, we will ensure that your data is protected in line with GDPR standards.

 11. Lodging a Complaint

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your national data protection authority.

 12. Contact Information

If you have any questions about this GDPR policy or want to exercise your rights, please contact us at:

- **Email:** Contact@MiShopito.com

- **Address:** Coronation Road, Dephna House, London, United Kingdom, NW10 7PQ 

This GDPR policy was last updated on 2024. We may make updates to this policy, and any changes will be posted on this page.