Privacy Policy

1) Information About the Collection of Personal Data and Contact Details of the Data Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. Below you will find information on how we handle your personal data when you use our website. Personal data means any information that can identify you personally.

1.2 The data controller within the meaning of the General Data Protection Regulation (GDPR) is Maison London. The controller is the natural or legal person who determines the purposes and means of processing personal data.

1.3 For security reasons, this website uses SSL or TLS encryption to protect the transmission of personal data and confidential content (e.g., orders, enquiries). You can recognize an encrypted connection by the “https://” prefix and the lock symbol in your browser.

2) Data Collection When Visiting Our Website

When using our website for informational purposes only, we collect server log files that your browser automatically transmits. This includes:

  • Website visited

  • Date and time of access

  • Amount of data transmitted

  • Source/Referrer

  • Browser used

  • Operating system used

  • IP address (in anonymized form, if applicable)

Processing is based on Art. 6 (1) lit. f GDPR, due to our legitimate interest in improving stability and functionality. Data will not be shared or used otherwise unless there are concrete indications of unlawful use.

3) Cookies

To improve the functionality of our website and enable certain features, we use cookies:

  • Session cookies – automatically deleted after closing your browser.

  • Persistent cookies – remain stored and allow recognition of your browser on your next visit.

Cookies may store user information (e.g., browser, IP address, location). Persistent cookies are deleted automatically after a defined period.

We may also work with advertising partners who place third-party cookies on your device. You will be informed separately if this applies.

You can manage cookie settings in your browser. Please note that disabling cookies may limit website functionality.

Help guides for cookie settings:

4) Contact

When you contact us (e.g., via contact form or email), we collect personal data only to process your request.

  • Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest).

  • If the request relates to contract performance: Art. 6 (1) lit. b GDPR.

Data will be deleted once your enquiry is resolved, provided no legal retention obligations apply.

5) Data Processing for Customer Accounts and Contracts

In accordance with Art. 6 (1) lit. b GDPR, we collect and process personal data when you provide it for contract execution or account creation.

  • Your customer account can be deleted at any time by contacting us.

  • Data is stored for contract fulfillment and, after completion, retained only as required by tax or commercial law.

6) Use of Data for Direct Marketing

6.1 Newsletter Subscription

When subscribing to our newsletter, we collect your email address (mandatory) and optional personal details.

  • Sent using a double opt-in process.

  • Legal basis: Art. 6 (1) lit. a GDPR (consent).

  • You can unsubscribe anytime via the link in the email.

6.2 Newsletter for Existing Customers

If you provided your email during a purchase, we may send you offers for similar products.

  • Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest).

  • You can opt out anytime.

7) Order Processing

  • Personal data is shared with shipping providers to deliver goods.

  • Payment data is transferred to the credit institution/payment provider.

  • Legal basis: Art. 6 (1) lit. b GDPR.

8) Review Reminders

We may use your email to send one-time reminders to review your order, provided you gave explicit consent (Art. 6 (1) lit. a GDPR).
Consent can be revoked at any time.

9) Use of Social Media Plugins

9.1 Facebook (Shariff Solution)

  • Integrated as HTML links to prevent automatic data transfer.

  • Data is shared with Facebook only if you click the plugin.

  • Facebook Inc. is certified under the EU-US Privacy Shield.

  • Facebook Privacy Policy

9.2 Google+ (Shariff Solution)

  • Integrated via HTML links.

  • Google LLC is certified under the EU-US Privacy Shield.

  • Google Privacy Policy

9.3 Instagram (Shariff Solution)

10) Online Marketing

10.1 DoubleClick by Google

  • Uses cookies to show relevant ads and track conversions.

  • Legal basis: Art. 6 (1) lit. f GDPR.

  • Google Privacy Policy

10.2 Google AdWords Conversion Tracking

  • Tracks performance of advertising campaigns.

  • Cookies expire after 30 days, no personal identification.

  • Legal basis: Art. 6 (1) lit. f GDPR.

  • Google Privacy Policy

11) Web Analytics Services

Google (Universal) Analytics

12) Retargeting & Remarketing

  • Facebook Pixel – tracks ad effectiveness (requires consent).

  • Google AdWords Remarketing – interest-based advertising.

  • Legal basis: Art. 6 (1) lit. f GDPR.

  • Google Ads Policy

13) Rights of the Data Subject

You have the following rights under GDPR:

  • Right of access (Art. 15)

  • Right to rectification (Art. 16)

  • Right to erasure (Art. 17)

  • Right to restriction of processing (Art. 18)

  • Right to data portability (Art. 20)

  • Right to withdraw consent (Art. 7 (3))

  • Right to lodge a complaint (Art. 77)

Right to Object (Art. 21 GDPR)

You may object at any time to processing of your data based on legitimate interest or for direct marketing.

14) Duration of Storage

Personal data is stored for the duration of legal retention periods (e.g., tax, commercial law). After expiry, data is deleted unless further storage is required for contract fulfillment or legitimate interest.