Privacy Policy

Last update date: January 2024

Protecting your personal data is an integral part of SMCP Group's (Maje brand) values. By using our website (the "Site"), or visiting our stores, you acknowledge that you have read this privacy policy ("Privacy Policy") which governs the use and protection of your personal data collected when using our Site, i.e., any information that directly or indirectly identifies you ("Data" or "Personal Data"), such as your name, address, email, customer number.

1. Who are the data controller and the Data Protection Officer?
2. What Personal Data do we collect?
3. Why do we use your Personal Data?
4. What rights do you have regarding your Personal Data?
5. Who are the recipients of your Personal Data?
6. Transfer of your Personal Data outside the European Union
7. Security and confidentiality of your Personal Data
8. How long are your Personal Data retained?
9. Miscellaneous

1. Who are the data controller and the Data Protection Officer?

As part of protecting your data, the regulations define two key roles:

- The data controller who determines the purposes of collecting your Data. This is the company Maje, whose registered office is located at 2 rue de Marengo 75 001 Paris, registered with the Paris Trade and Companies Register under number 382 544 310 ("Maje," "we") reachable by phone at 01 58 16 77 00 and by email by filling out the contact form, with the subject "Personal Data" located on the contact page of the Site;

- The Data Protection Officer who advises and supports our company in our compliance with personal data regulations. The latter can be contacted for any questions regarding your Personal Data by email at the following address: dpo@smcp.com or by mail to: DPO – GDPR, Maje, 49 rue Etienne Marcel 75001 Paris.

2. What Personal Data do we collect?

Your Personal Data is collected, for example, when you provide it in dedicated forms on the Site or when creating your customer account in-store, when you place an order on the Site, during your exchanges with customer service, and more generally during your navigation on our Site. These are the following Personal Data:

  • Information collected when creating your account in our stores such as your name, address, email, date of birth, and telephone number, your contact preferences regarding subscribing to our newsletter;

  • Information collected when creating your account on the Site such as your name, email address, password, your contact preferences regarding subscribing to our newsletter, your telephone number, and date of birth.

  • Information necessary for the management and tracking of your orders such as your credit card data for transaction processing, your order history (for example, purchase amount, product references ordered), your written or telephone exchanges with our customer service;

  • Information collected during your navigation on the Site such as your browsing history (for example, date, time of connection and/or navigation, pages visited), type of terminal and browser, your location, browser language, access provider, IP address.

3. Why do we use your Personal Data?

We use your Personal Data for several reasons.

Our primary goal is, of course, to always satisfy you as a customer. As such, we collect most of your Data in the context of your purchase acts in order, notably, to deliver your orders and to support you in monitoring our relationship.

Furthermore, we may collect your Data when you give us your consent for purposes that will optimize your experience with our brand.

Finally, other Data is collected because it arises from a legitimate interest (for example, to allow you access to our Site and its use).

Below are further examples of the purposes of Data collection:

Your purchase act:
- Ensure the delivery of your ordered products
- Manage customer relationship and any complaints
- Manage requests related to the exercise of your personal data rights

Your consent:
- Receive our newsletters and personalized offers via any electronic communication service
- Enjoy a personalized browsing experience based on your purchase history and navigation on the Site
- Benefit from our personalized advertising offers on third-party platforms

Our legitimate interest:
- Access the Site and its use
- Analyze and improve the quality and performance of services
- Monitor the use of the Site and improve your experience
- Preserve our rights
- Manage transactions and combat fraud
- Develop statistics and segmentations, studies and analyses to improve our knowledge of customers
- Share data within the SMCP group for customer knowledge purposes

4. What rights do you have regarding your Personal Data?

In accordance with applicable personal data regulations, you have and can exercise the following rights with us:

  • Right of access: you have the right to access the Personal Data we process;
  • Right to rectification: you have the right to request the rectification of your Data if it is inaccurate or incomplete;
  • Right to erasure: you have the right to request the deletion of your Data (subject to the terms set out in Article 8 below);
  • Right to object: you have the right to request to no longer receive communications from us by using our online forms, our links present at the bottom of our emails, or by replying STOP via SMS.
  • Right to data portability: you have the right to request the portability of your Data, if the conditions for exercising this right are met;
  • Right to information: you have the right to obtain information on how we process your Data.
To exercise your right, you can send us an email by filling out the contact form, with the subject "Personal Data" located on the contact page of the Site or a letter to the following address: DPO – GDPR, Maje, 2 rue de Marengo 75 001 Paris. We may ask you to provide proof of identity. We undertake to respond to you as soon as possible upon receipt by our services of your request.

If you no longer wish to receive our newsletters, you can click on the unsubscribe link at the bottom of our emails or reply STOP via SMS, or adjust the newsletter settings in your account, if you have one. Please note that you can register on a telemarketing opt-out list, and in this case, we will not contact you on the contact details provided to the opt-out list.

5. Who are the recipients of your Personal Data?

Your Data is mainly intended to be used by our services. They may sometimes be communicated to external recipients or to our partners for the reasons described below. In any case, the recipients of your Data are selected by us based on their competence in terms of Data security and confidentiality. We enter into contracts with these recipients to ensure the high level of security of their systems. These are our service providers responsible for optimizing the operation of our sites, ensuring your transactions and payment security, our providers responsible for logistics (storage, preparation, and delivery of your products), or our customer service, our providers responsible for marketing studies, commercial studies, or advertising providers.

Your Data may also be transferred to third parties, (1) subject to your prior consent, for processing in accordance with the purpose or purposes for which your Data was collected or (2) in cases where we are required by law, as part of a judicial procedure, or if it is an imperative request from a public authority or (3) if we are involved in a merger, acquisition, asset transfer.

6. Transfer of your Personal Data outside the European Union

In the event that Personal Data is transferred to a country outside the European Union, we undertake to take the necessary technical and organizational measures to ensure the adequate level of security of your Data as if it had remained within the European Union.

Indeed, we require these Data recipients to implement the required measures to ensure the same level of protection as required by European data protection regulations, for example by using the European Commission's standard contractual clauses, binding corporate rules (BCRs).

7. Security and confidentiality of your Personal Data

We implement technical and organizational measures to ensure the security, integrity, authenticity, and confidentiality of Personal Data. We ensure that our partners maintain a level of protection similar to ours regarding your Personal Data. We also ensure that your transactions are secure through the implementation of appropriate measures, and fighting against fraud.

8. How long are your Personal Data retained?

We retain your Personal Data for the strictly necessary duration for the achievement of the purposes for which they were collected. Thus, we retain:

- Your Personal Data, with the exception of your bank details which are collected and processed by our payment providers, for 3 years from the date of the last interaction between us (i.e., your last purchase, last contact (call, email, chat or social networks) with our customer service, opening of our newsletter, or failing that, the date of creation of the customer profile);

- Login logs that are collected, provided you consent, using cookies and other trackers used as part of the service, for a period not exceeding thirteen (13) months. For more details, refer to the "Cookie Policy".

Your bank details are retained by our payment partners, Hipay and Adyen. During your online purchases, you will need to enter your bank details in the fields provided for this purpose. If you agree, and to facilitate your payments, you can choose to have our payment provider securely store your bank details so that they can be used for future purchases. You can then check the box "Save your payment data" when paying for your order. At any time, you can request the deletion of the registered credit card by going to your account, "My payment options" section, or writing to us via our contact form.

Once your Data is deleted from our database, some of your Data may be kept as archives with restricted and strictly limited access for the purpose of complying with our legal, accounting, and tax obligations, as well as to manage your any claims and warranty requests within the limits of the applicable limitation periods.

Once your Personal Data are no longer necessary for the purposes or for archiving purposes to comply with our legal obligations or for the needs of the applicable limitation period, your Data will be irreversibly anonymized.

At any time, you have the option to request the deletion of all or part of your Data, to object to their processing, or to request their limitation, in accordance with Article 4 above. If you request the deletion of your Data, it will be deleted from our database and kept as archives as described above.

9. Miscellaneous

In the event of any changes to these terms for the processing of your Data, we will update our Privacy Policy and keep you informed of them. Finally, we inform you that if you have any complaints relating to the protection of your Personal Data, you may also contact the Irish supervisory authority, the Office of the Data protection Commissioner, whose website is located at the following address http://ico.org.uk