Catalog
New
Brands
Dinnerware
Glassware
Flatware
Table Accessories
Home Textiles
Home Décor
Gifts
Services
Blog
Trade Program
Home>Privacy Policy

Privacy Policy

Effective date: 1 January 2023

Last updated: 22 February 2026

1. Introduction

At MDMAISON, we respect your privacy and are committed to protecting your personal data.

This Privacy Policy explains how we collect, use, disclose, and protect personal data when you visit www.mdmaison.com, place an order, contact us, or otherwise interact with us through our website or related digital channels.

We process personal data in accordance with applicable data protection law, including the General Data Protection Regulation (GDPR) where applicable.

2. Who We Are

MDMAISON OÜ is the data controller responsible for the processing of your personal data in connection with our website, customer communications, and order-related services.

For privacy-related questions, you may contact us at: info@mdmaison.com

Registered address: Pärnu mnt 142, Tallinn 11317, Estonia

Company registration number: 16292812

3. What Personal Data We Collect

Depending on how you interact with us, we may collect the following categories of personal data:

  • Identity and contact data, such as your name, email address, phone number, billing address, and delivery address;
  • Order and transaction data, such as products ordered, delivery details, payment status, and related communications;
  • Technical and usage data, such as IP address, browser type, device information, and website interaction data;
  • Marketing and communications data, such as whether you open or interact with our emails or advertisements, where applicable.

We do not store your full payment card details. Payments are processed through external payment providers.

4. How and Why We Use Your Data

We use personal data only where reasonably necessary to:

  • process and fulfil orders;
  • arrange delivery and related customer communications;
  • respond to enquiries and provide customer support;
  • maintain legal, tax, and accounting records;
  • protect our website, business, and customers from fraud, misuse, or security risks;
  • improve our website and services;
  • send service-related or marketing communications where permitted by law or where you have provided consent;
  • measure website performance, audience engagement, and, where applicable, advertising effectiveness.

5. Legal Grounds for Processing

We process personal data on one or more of the following legal bases, as applicable:

  • performance of a contract — where necessary to process your order, arrange delivery, or respond to your request;
  • legal obligation — where required for tax, accounting, consumer, or other legal compliance purposes;
  • legitimate interests — where necessary to operate, protect, and improve our business, website, and customer service, provided such interests are not overridden by your rights and interests;
  • consent — where required by law, including for certain marketing, analytics, advertising, or similar tracking technologies.

Where processing is based on consent, you may withdraw that consent at any time. Withdrawal does not affect processing already carried out before withdrawal.

6. Data Sharing and Service Providers

We share personal data only where reasonably necessary and only with service providers or recipients involved in operating our website, processing payments, supporting deliveries, maintaining security, or complying with legal obligations.

These may include:

  • payment providers;
  • shipping, logistics, customs, and delivery providers;
  • website hosting, infrastructure, and security providers;
  • analytics or advertising service providers, where applicable;
  • professional advisers or public authorities where required by law.

We do not sell or rent your personal data.

7. International Transfers

Some service providers may process personal data outside the European Economic Area (EEA), including in the United States.

Where this happens, we use appropriate safeguards in accordance with applicable law, which may include reliance on the EU-U.S. Data Privacy Framework, Standard Contractual Clauses approved by the European Commission, or another valid transfer mechanism.

You may contact us at info@mdmaison.com for further information about the safeguards used for relevant international transfers.

8. Data Retention

We retain personal data only for as long as reasonably necessary for the purposes for which it was collected, including to fulfil orders, maintain customer communications, comply with legal, tax, and accounting obligations, resolve disputes, and protect legal rights.

In particular, transaction, invoice, and accounting-related records may be retained for 7 years where required by applicable Estonian tax and accounting laws.

Other retention periods may vary depending on the nature of the data and the purpose of processing. When personal data is no longer required, it will be deleted, anonymized, or otherwise securely removed from active use.

9. Your Rights

Subject to applicable law, you may have the right to:

  • request access to your personal data;
  • request correction of inaccurate data;
  • request deletion of your data;
  • request restriction of processing;
  • object to certain processing;
  • withdraw consent where processing is based on consent;
  • request data portability where applicable.

To exercise your rights, please contact info@mdmaison.com.

You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) or your local data protection authority.

10. U.S. State Privacy Rights

If you are a resident of certain U.S. states, you may have additional privacy rights under applicable law, which may include the right to:

  • know whether we process your personal data;
  • request access to personal data we hold about you;
  • request correction of inaccurate personal data;
  • request deletion of personal data, subject to applicable exceptions;
  • opt out of certain processing activities, including, where applicable, targeted advertising, the sale of personal data, or certain profiling activities.

Where required by applicable U.S. state law, we will also honor valid opt-out preference signals, including browser-based signals, where we are able to identify the relevant request as applying under such law.

To exercise any applicable rights, please contact us at info@mdmaison.com.

Where required by applicable law, you may also have the right to appeal our decision regarding a privacy rights request by contacting us again at the same email address and clearly stating that you wish to appeal the decision.

11. Cookies and Tracking Technologies

We use cookies and similar technologies for essential website functionality, security, and, where applicable, analytics or marketing.

Where required by law, non-essential cookies or similar technologies are used only after the relevant consent has been provided.

We may use analytics and advertising technologies, including for audience measurement and, where applicable, remarketing or similar advertising purposes, subject to the required consent.

You can manage cookie preferences through available consent tools or your browser settings. Disabling certain cookies may affect website functionality or your user experience.

12. Third-Party Platforms and Communication Channels

If you communicate with us through third-party platforms or social media services, such as messaging applications or social networks, those services may also process your personal data in accordance with their own privacy policies and terms, in addition to this Privacy Policy.

13. Data Security

We use appropriate technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, or unlawful disclosure.

14. Provision of Data

Some personal data is necessary for us to process orders, arrange delivery, communicate with you, and provide customer support.

If you do not provide the data required for these purposes, we may be unable to process or fulfil your order or respond fully to your request.

15. Automated Decision-Making

MDMAISON does not use personal data for automated decision-making that produces legal effects or similarly significant effects on individuals.

16. Updates to This Policy

We may update this Privacy Policy from time to time. The most recent version will always be available on our website.

17. Contact

If you have any questions about this Privacy Policy or the way we process personal data, please contact:

MDMAISON OÜ info@mdmaison.com