Personal Data Processing

EFFECTIVE DATE: JULY 15, 2025

AT MCMT (REFERRED TO AS “WE”, “OUR”, OR “US”), WE ARE COMMITTED TO PROTECTING YOUR PERSONAL DATA AND HANDLING IT RESPONSIBLY AND TRANSPARENTLY. THIS PERSONAL DATA PROCESSING POLICY EXPLAINS HOW WE COLLECT, USE, STORE, AND PROTECT YOUR PERSONAL INFORMATION WHEN YOU INTERACT WITH OUR ONLINE STORE: WWW.SHOPMCMT.COM.

1. WHO IS RESPONSIBLE FOR YOUR DATA?
THE CONTROLLER OF YOUR PERSONAL DATA IS:

MCMT
WEBSITE: WWW.SHOPMCMT.COM
EMAIL: SALESMCMT@GMAIL.COM

2. WHAT PERSONAL DATA DO WE COLLECT?
WE COLLECT AND PROCESS THE FOLLOWING CATEGORIES OF PERSONAL DATA:

A) DATA YOU PROVIDE DIRECTLY

• NAME

• SHIPPING AND BILLING ADDRESS

• PHONE NUMBER

• EMAIL ADDRESS

• PAYMENT DETAILS (HANDLED SECURELY VIA THIRD-PARTY PAYMENT PROCESSORS)

B) DATA COLLECTED AUTOMATICALLY

• IP ADDRESS

• DEVICE AND BROWSER INFORMATION

• COOKIES AND USAGE DATA (SEE OUR COOKIE POLICY)

• SESSION DATA (E.G., CART CONTENTS, RECENTLY VIEWED PRODUCTS)

C) DATA FROM THIRD PARTIES

• ANALYTICS TOOLS (E.G., GOOGLE ANALYTICS)

• ADVERTISING PLATFORMS (E.G., FACEBOOK, TIKTOK, KLAVIYO)

3. WHY DO WE PROCESS YOUR PERSONAL DATA?

4. WHO HAS ACCESS TO YOUR DATA?
WE SHARE YOUR PERSONAL DATA ONLY WHEN NECESSARY AND ONLY WITH TRUSTED THIRD PARTIES SUCH AS:

• SHOPIFY (PLATFORM PROVIDER)

• PAYMENT PROCESSORS ==

• LOGISTICS PARTNERS (FOR SHIPPING AND DELIVERY)

• MARKETING TOOLS (E.G., KMETA, GOOGLE ADS)

• ANALYTICS SERVICES (E.G., GOOGLE ANALYTICS)

WE ENSURE ALL PARTNERS ARE GDPR-COMPLIANT AND PROCESS DATA ONLY ON OUR BEHALF.

5. HOW LONG DO WE KEEP YOUR DATA?
WE RETAIN YOUR PERSONAL DATA ONLY AS LONG AS NECESSARY TO:

• FULFILL YOUR ORDERS AND PROVIDE SERVICES

• COMPLY WITH LEGAL OBLIGATIONS (E.G., TAX, ACCOUNTING)

• ENFORCE OUR TERMS AND CONDITIONS

• MAINTAIN RECORDS FOR CUSTOMER SERVICE AND DISPUTE RESOLUTION

• MARKETING DATA IS STORED UNTIL YOU WITHDRAW CONSENT OR UNSUBSCRIBE.

6. YOUR RIGHTS UNDER THE GDPR
YOU HAVE THE FOLLOWING RIGHTS REGARDING YOUR PERSONAL DATA:

• RIGHT TO ACCESS – YOU CAN REQUEST A COPY OF YOUR PERSONAL DATA.

• RIGHT TO RECTIFICATION – YOU CAN ASK US TO CORRECT INACCURATE DATA.

• RIGHT TO ERASURE – YOU CAN REQUEST DELETION OF YOUR PERSONAL DATA.

• RIGHT TO RESTRICT PROCESSING – YOU CAN LIMIT HOW YOUR DATA IS USED.

• RIGHT TO DATA PORTABILITY – YOU CAN REQUEST YOUR DATA IN A MACHINE-READABLE FORMAT.

• RIGHT TO OBJECT – YOU CAN OBJECT TO DATA PROCESSING BASED ON LEGITIMATE INTEREST OR DIRECT MARKETING.

• RIGHT TO WITHDRAW CONSENT – AT ANY TIME, WITHOUT AFFECTING THE LAWFULNESS OF PRIOR PROCESSING.

TO EXERCISE THESE RIGHTS, CONTACT US AT: SUPPORT@SHOPMCMT.COM

7. HOW DO WE PROTECT YOUR DATA?
WE IMPLEMENT APPROPRIATE TECHNICAL AND ORGANIZATIONAL SECURITY MEASURES, INCLUDING:

• SSL ENCRYPTION FOR DATA TRANSMISSION

• ACCESS CONTROLS AND AUTHENTICATION

• SECURE SERVERS AND BACKUPS

• THIRD-PARTY PROCESSORS WITH STRICT DATA PROTECTION AGREEMENTS

8. INTERNATIONAL DATA TRANSFERS
IF WE TRANSFER YOUR DATA OUTSIDE THE EUROPEAN ECONOMIC AREA (EEA), WE ENSURE SUCH TRANSFERS ARE DONE IN COMPLIANCE WITH GDPR THROUGH:

• ADEQUACY DECISIONS

• STANDARD CONTRACTUAL CLAUSES (SCCS)

• BINDING CORPORATE RULES, WHERE APPLICABLE

9. COOKIES AND TRACKING TECHNOLOGIES
WE USE COOKIES AND SIMILAR TECHNOLOGIES FOR ANALYTICS, PERFORMANCE, AND MARKETING PURPOSES. YOU CAN LEARN MORE AND MANAGE YOUR PREFERENCES IN OUR COOKIE POLICY.

10. CONTACT AND COMPLAINTS
IF YOU HAVE QUESTIONS ABOUT THIS POLICY OR YOUR DATA RIGHTS, CONTACT:

MCMT
EMAIL: SALESMCMT@GMAIL.COM

IF YOU BELIEVE YOUR DATA PROTECTION RIGHTS HAVE BEEN VIOLATED, YOU HAVE THE RIGHT TO LODGE A COMPLAINT WITH YOUR NATIONAL DATA PROTECTION AUTHORITY (FOR EXAMPLE, THE COMMISSION FOR PERSONAL DATA PROTECTION IN BULGARIA).