Privacy policy
Seconds by Mai's Privacy Policy
Last updated: December 18, 2023
Why and for whom?
At Second Hand Helper AB reg. no. (559352-5628) ("Seconds by Mai," "we," "us," "our"), we care about personal privacy. This means that we respect and value your privacy and your right to control and transparency when processing your Personal Data.
This Privacy Policy ("Policy") applies to the processing for which Seconds by Mai is the Data Controller. The Policy provides an overview of the purposes for which we need your Personal Data, the legal basis we rely on, and the measures we take to protect personal information. We also inform you about how to exercise your rights related to our processing of your Personal Data.
The Policy informs about our handling of Personal Data when you communicate with us, use the Service, or visit our website secondsbymai.com (collectively, "Features").
This policy is addressed to:
- Users of the Service
- Potential customers
Definitions
- "Processing" of Personal Data includes any action that can be taken with Personal Data, such as storage, modification, reading, transfer, etc.
- "Applicable law" is the legislation applicable to the processing of Personal Data, including the General Data Protection Regulation (GDPR), supplementary national legislation, and the practices, guidelines, and recommendations issued by a national or European supervisory authority.
- "Personal Data" refers to all types of information that can be linked to an identifiable, living person.
- "Data Controller" is the company/organization that determines the purposes and means of processing Personal Data and is responsible for ensuring that Personal Data is processed in accordance with Applicable law.
- "Data Processor" is the company/organization that processes Personal Data on behalf of the Data Controller and may only process Personal Data in accordance with the Data Controller's instructions and Applicable law.
- "Data Subject" means the living, physical person whose Personal Data is processed.
- "Service" means the website and associated features we provide for selling goods to individuals on the second-hand market.
Seconds by Mai's Data Controller Responsibility
The information in this Policy covers the Processing of Personal Data for which Seconds by Mai is the Data Controller, i.e., the Processing for which we determine the purpose (why a processing is done) and the means (how, what Personal Data, how long, etc.). The Policy does not describe how we process Personal Data as a Data Processor – that is, when we process Personal Data on behalf of our users.
We provide a service to sell goods to individuals, pick up the item when sold, and make payments, and we operate an e-commerce platform for the sale of second-hand clothes and collect necessary Personal Data to facilitate transactions and enhance user experience. The Personal Data we collect is necessary to pick up the item at the user's home address and pay the user when the item is sold.
Seconds by Mai's Processing of Personal Data
We have a responsibility to describe and show how we meet the requirements when processing your Personal Data. This section aims to give you an understanding of the types of Personal Data we process about you and for what purposes.
How long do we save your Personal Data?
We save your Personal Data for as long as necessary for the purpose for which they were collected. Depending on the legal basis we rely on, this may a) follow from a contract, b) depend on valid consent, c) be based on legislation, or d) follow from an internal assessment based on a balancing of interests.
We never save your Personal Data longer than necessary and regularly purge Personal Data. Seconds by Mai also takes reasonable measures to keep the processed Personal Data current and to delete outdated and otherwise incorrect or unnecessary Personal Data.
Processing
The main purpose of the processing of Personal Data we perform is to provide, perform, and improve our services to you. There are several reasons why we may need to collect, process, and store your information.
We mainly process the following Personal Data:
- Contact and identification information to confirm your identity, verify your information, and communicate with you.
- Address to ship the item.
How do we access your Personal Data?
We access your Personal Data when you provide it to us through the Service.
Legal grounds
For us to process your Personal Data, there must be a legal basis for each processing. In our business, we primarily process your Personal Data on the following grounds:
- Contract - Processing is necessary for us to fulfill obligations in a contract between us or to prepare for entering into a contract with the Data Subject.
If you want additional information about which legal ground(s) we process your Personal Data, you always have the right to request a so-called register extract. Read more under "How to use your rights" below.
Your rights
You are the one who decides about your Personal Data. We always strive to ensure that you can exercise your rights as effectively and smoothly as possible.
-
Access - You have the right to receive information about the Personal Data Processing related to you in a so-called register extract. The register extract shows, among other things, which of your Personal Data we have stored and for what purposes and on what legal basis. We only provide information if we have been able to ensure that it is indeed you who is requesting the information.
-
Correction - If you find that the Personal Data we process about you is incorrect, please contact us, and we will fix it!
-
Deletion - Do you want us to forget you completely? You have the right to request the deletion of your Personal Data when they are no longer necessary for the purpose for which they were collected. If we are obligated to keep your information according to the law or an agreement we have entered into with you, we will ensure that they are only processed for the specific purpose stated by the law or agreement. After that, we make sure the information is deleted as soon as possible.
-
Objection - Do you disagree that our interest in processing your Personal Data outweighs your interest in protecting personal privacy? No worries – in that case, we review our balancing of interests and ensure that it still holds. We, of course, take your objection into account when making a new assessment to evaluate if we can still justify our Processing of your Personal Data. If you object to direct marketing, we will remove your Personal Data immediately without reviewing our assessment.
-
Restriction - You can also ask us to limit our Processing of your information:
- During the time we handle a request from you for any of your other rights.
- If you, instead of requesting deletion, want us to mark that the information should not be processed for a certain purpose. For example, if you do not want us to send you advertising in the future, we still need to save your name to know not to contact you.
- In cases where we no longer need the information for the purpose for which it was collected, provided that you have no interest in us keeping the information to assert a legal claim.
-
Data Portability - We can provide you with the data you have given us or that we have received from you when we entered into an agreement with you. You get your data in a commonly used and machine-readable format that you can then take to another Data Controller.
-
Withdraw Consent - If you have consented to one or more specific Processing(s) of your Personal Data, you have the right to withdraw your consent at any time and thus ask us to stop the Processing immediately. Note that you can only withdraw your consent for future Processing(s) of Personal Data and not for any Processing that has already occurred.
How to use your rights
Contact us at info@maiapp.se, and we will assist you.