Privacy Policy

MILAN AND MAPLE: WEBSITE TERMS AND CONDITIONS

1. DEFINITIONS:

In these Terms and Conditions, the words and expressions below will be interpreted to have the meanings adjacent to them:

1.1. “Chargebacks” means the procedure by which, and the value of, a sales draft (or disputed portion thereof) returned to a banking institution by a card issuer;

1.2. “Costs” includes costs, charges, outgoings and expenses of every description

1.3. “ECT” means the Electronic Communications and Transactions Act 25 of 2002;

1.4. “Goods” means the extensive range of products, such as inter alia clothing, swimwear, underwear, handbags and jewellery, made available to you from time to time and for purchase by Milan and Maple in terms of the website; 

1.5. “Intellectual property” means any and all patents, trademarks, service marks, domain names, registered designs, utility models, applications for and the right to make applications for any of such rights, inventions, unregistered trademarks and service marks, trade and business names, including rights in any get-up or trade dress, copyrights (including rights in computer software and in websites), unregistered design rights and other rights in designs and rights in databases, subsisting anywhere in the word; the right for a maker of a database to prevent extraction or reutilisation or both of the whole or a substantial part of the content of that database, consents, orders, statutes or otherwise in respect of any rights of the nature specified in this definition; and rights of the same or similar effect or nature as or to those above in each case in any jurisdiction;

1.6. “Intellectual property rights” means the right to exploit any intellectual property or any right which is similar or analogous to any intellectual property; any moral right; any licence; right or interest of any kind arising out of or granted or created in respect of any intellectual property; any right to bring an action for passing off or any similar or analogous proceeding;

1.7. “Loss” includes losses, liabilities, claims, costs, charges and outgoings of every description (including legal expenses on the attorney and own client scale, collection costs, tracing fees and investigation costs), compensation payable under contracts with third parties, loss of normal operating profits, loss of opportunity, loss of goodwill, loss of revenue from related contracts and pure economic loss;

1.8. “Milan and Maple” means the entity Tambora Travel (Pty) Ltd (Registration No: 2014/070673/07), a company registered in accordance with the laws of the Republic of South Africa, trading as, Milan and Maple;

1.9. “Milan and Maple’s Privacy Policy” means this Privacy Policy, applicable to the submission of your personal information to Milan and Maple by way of the website;

1.10. “Person” includes any individual, partnership, firm, trust, body corporate, unincorporated body of persons or association and a reference to a person includes a reference to that person’s successors and permitted assigns;

1.11. “Special order” encompasses goods which Milan and Maple do not have in stock at the time of your order and which Milan and Maple is required to order from the supplier of the goods for you;

1.12. “The CPA” means the Consumer Protection Act 68 of 2008;

1.13. “The website” means the website, located at www.milanandmaple.co.za, owned and operated by Milan and Maple and all subpages thereof, excluding any links to external websites;

1.14. “These Terms” means these Terms and Conditions entered into by and between you and Mila and Maple by way of your access to, and use of, the website;

1.15. “TLS” means Transport Layer Security. It is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible. The TLS protocol aims primarily to provide security, including privacy (confidentiality), integrity, and authenticity through the use of cryptography, such as the use of certificates, between two or more communicating computer applications. It runs in the presentation layer and is Itself composed of two layers: the TLS record and the TLS handshake protocols (Source: https://en.wikipedia.org/wiki/Transport_Layer_Security);

1.16. “Transaction” means the sale and purchase of goods from Milan and Maple by a consumer in terms of an order, which is facilitated by way of the website;

1.17. “Transaction data” means and all information relating to the sale and purchase of goods from Milan and Maple by a consumer, which is facilitated by way of the website;

1.18. “User” means any person or entity who accesses the website;

1.19. "Yoco” means third-party payment processor, Yoco Technologies Proprietary Limited;

1.20. “You” means any person who accesses or makes use of the website.

 

2. INTRODUCTION:

2.1. We respect the privacy of every User who visits this Website. As a result of this, we would like to inform you regarding the way we would use your personal data.

2.2. We are committed to protecting your privacy and personal data. This Privacy Policy describes how we collect and process personal data collected through our website www.milanandmaple.co.za and any of our products and services.

2.3. We encourage you to read this Privacy Policy carefully when using our website or Services. By using our Products or Services, you are telling us that you agree to our collection and use of data in accordance with this Privacy Policy and any privacy documentation related to this policy which may be referenced herein. If you have any questions about this policy, our privacy practices or don’t agree with this policy, please let us know (refer to the end of this Privacy Policy for information on how to contact us) and don’t request to use the Services until your query/ issue has been resolved.

2.4. This Privacy Policy also applies if you contact us or we contact you about our Products or Services, whether by telephone, email, text message, post, push notifications or via third party platforms (including websites or social media platforms).

2.5. The points below will help you understand our general approach towards the use of your personal data, however, to the extent that there is any conflict as a result of a waiver of this clause by a User, that specific clause, and not the general approach, will be enforced and supersedes the general approach.

2.6. By submitting your personal data to us, it will be deemed to have been given with your permission, where necessary and appropriate, for disclosures referred to in this policy.

 

3. GENERAL APPROACH TO PERSONAL DATA:

3.1. We do not and will not amend or alter any personal information provided by a User, unless expressly authorised by the User to do so. It is the User’s responsibility to update their information.

3.2. We will collect and use personal information solely with the objective of fulfilling those purposes specified and for other compatible purposes, unless we obtain the consent of the individual concerned or as required by law.

3.3. We will only retain personal information as long as necessary for the provision of our products and services, maintenance of the same, and any related activities.

3.4. We will only collect personal information by lawful and fair means and, where appropriate, with the knowledge or consent of the individual concerned.

3.5. Personal data should be relevant to the purposes for which it is to be used, and, to the extent necessary for those purposes, should be accurate, complete, and up-to-date.

3.6. We will protect personal information by reasonable security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification.

3.7. We are committed to conducting business in accordance with these principles in order to ensure that the confidentiality of personal information is protected and maintained, however we do not guarantee a breach of such confidentiality arising out of malicious activities and/or activities over which it has no control.

3.8. It is recognised and agreed that we store backups of all data, as part of our best practice standard operating procedure.

3.9. All Users expressly opt-in and agree that all Milan and Maple technical support personnel are entitled to access all personal data. It is recognised, expressly, that without opting-in and agreeing to this, it is entirely impossible for us to offer any technical support to Users.

3.10. You may not request our Services if you are younger than 18 years old or do not have the legal capacity to conclude legally binding contracts.

 

4. TYPES OF DATA WE PROCESS:

4.1. You control the data that you provide to us and we will always strive to process your data consistently with the purposes for which you’ve engaged us. You may only send us your own personal data or the information of another data subject where you have their consent to do so.

4.2. Identity and contact data. This is personal data that can identify you, such as your name and email address. We collect information when you register an account or create a profile to use our Service.

4.3. Bank account data. This may also include usernames and access tokens in order to access transactional information from your bank account and credit cards, investment accounts and/or loans. Milan and Maple do not store your usernames and access tokens for any financial institutions on our servers. If you choose to use the Milan and Maple service, we will request this kind of data from you. We work with our banking partners to collect your bank account data from your accounts on your behalf. Your bank account transaction data is transmitted securely with TLS. Our banking partners also store your bank account data, subject to their own privacy policies.

4.4. Interactive Data. We use various technologies to collect data from your devices and about your activities and interactions on our website. We gather certain information automatically and store it in log files. This information may include Internet Protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We do not link this automatically collected data to other information we collect about you.

4.5. Cookies. We use cookies to remember users’ settings, for authentication. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our website, but your ability to use some features or areas of our Services may be limited.

4.6. Marketing & Support: If you reach out to Milan and Maple, we’ll gather the information you provide so that we may best support you as a User of the Services. We may also use your personal data to contact you with marketing or promotional materials, and other information that may be of interest to you provided that if you are a new user, you have opted-in to receiving these commercial communications. If you are an existing user, you may opt-out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any electronic communication we send. Please be aware that even if you opt-out (or do not opt-in) of receiving these communications from Milan and Maple, you will still receive administrative messages from us regarding our Service, our terms of service or this Privacy Policy.

4.7. Personal data does not include data that has been made anonymous to the extent that it does not identify a specific person; or permanently de-identified data that does not relate or cannot be traced back to a person specifically; and non-personal aggregated and/or statistical information collected and compiled by us. This data is not covered by this Policy.

 

5. HOW WE USE THE INFORMATION WE COLLECT:

5.1. We may use or process the information that we collect about you to: 5.1.1. deliver, operate and maintain the Services;

5.1.2. provide you with user support;

5.1.3. perform research and analysis about your use of the Services;

5.1.4. communicate with you by email or telephone about Milan and Maple’s products or services;

5.1.5. enforce our terms and conditions;

5.1.6. comply with applicable laws and administrative requests, protect our rights, assert and defend against claims;

5.1.7. detect, prevent, or otherwise address fraud, security, unlawfulness, or technical issues; or

5.1.8. perform functions as otherwise described to you at the time of collection.

5.2. We aggregate your data and similar data from other users into larger sets of anonymous personal financial data. This aggregated information does not identify particular users or otherwise allow anyone to recover sensitive information about individual users. Aggregate information belongs to Milan and Maple, and is not subject to this Privacy Policy.

 

6. DATA SECURITY:

 6.1. We use commercially reasonable efforts to implement technical, administrative, and physical safeguards to protect the functionality of the services and the functionality and availability of the platform. However, no security system is perfect, and you agree that while we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

6.2. We take appropriate security measures (including physical, electronic and procedural measures) to help safeguard your personal data from unauthorised access and disclosure. For example, only authorised employees are permitted to access personal data, and they may do so only for permitted business functions. In addition, we use encryption in the transmission of your personal data (such as credit card number) between your computer and our system, we encrypt the transmission of that information using Transport Layer Security (TLS) technology, and we also use firewalls to help prevent unauthorised persons from gaining access to your personal information.

6.3. Milan and Maple undertakes to take all necessary precautions to preserve the security of personal data and, in particular, to protect personal data against any accidental or unlawful destruction, accidental loss, corruption, distribution or unauthorised access, as well as against any other form of unlawful processing or disclosure to unauthorised individuals.

6.4. You are solely responsible with regard to usage and security of your credentials and any activities that occur under your account. You shall not use the account of anyone else at any time. You shall ensure that your users are aware of and adhere to these obligations.

 

7. DATA TRANSFER AND RETENTION:

7.1. When you provide personal data through our website and Service, the data may be sent from South Africa to and/or stored on servers located outside of the Republic of South Africa. If you provide data to us, please note that we may transfer the data to the United States of America or other jurisdictions for processing. You consent to the transfer of your data when agreeing to this Privacy Policy and our Terms and Conditions. Milan and Maple will take reasonable steps to ensure that your data is secure when transferring it to other jurisdictions.

7.2. Milan and Maple will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy. We retain your personal data for as long as you keep an active account with us or we are providing you with a Service. In the instance that you do not close your account, same will stay active and your personal data shall be retained.

7.3. We also retain certain data in a depersonalised or aggregated form for legitimate business reasons, e.g. to improve our Service or create new Services. We will also retain and use your personal data to the extent necessary to comply with our legal obligations (for example, to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

7.4. When we dispose of personally identifiable information, we aim to use secure means, such as either physically or electronically erasing this information or making it anonymous in a non-recoverable manner. Any personal data provided to our service providers will be retained in accordance with those service providers’ data retention policies, which we make sure are in line with applicable laws.

 

8. ACCESS:

8.1. If you utilise our products or services, you have the ability to delete your personal data online and close your account by contacting our support team at loveit@milanandmaple.co.za.

8.2. If you request for us to delete your data, we will delete your personal financial and transaction data. After you terminate your services, you will not be able to sign in to the Service or your account or access any of your personal data. However, you can open a new account at any time. If you terminate your services, we may still retain certain information associated with your account (such as your email address and certain communications with you) for analytical purposes and recordkeeping integrity, as well as to prevent fraud, enforce our terms and conditions, take actions we deem necessary to protect the integrity of our website or our users, or take other actions otherwise permitted by law. If you terminate your services, we will delete the transaction data we collected from your bank/ financial institution.

 

9. SHARING DATA:

9.1. Milan and Maple does not sell your personal data to others.

9.2. We may share your personal data with third-party service providers or affiliates to help us operate our business and develop and improve the Services or administer activities on our behalf, such as analysing the behaviour of users on our website. We may share your personal data to these third parties for those limited purposes. The processing of information on this basis will always be based on our instructions and in compliance with our Privacy Policy and any other appropriate confidentiality and security measures we have set in place.

9.3. We may also combine information internally across the different Services covered by this Privacy Policy to help improve our Services and help our Services be more relevant and useful to you and others.

9.4. Some of our pages utilise framing techniques to serve content from our partners. Please be aware that you are providing your personal data to these third parties.

9.5. You understand that we rely on a number of business partners and suppliers to provide the Services and agree to us engaging a subcontractor to process personal data on your behalf, to the extent necessary to provide the Services. We will ensure that any such subcontractor is bound by data protection obligations equivalent to those set out in this Privacy Policy. We will notify you of any significant changes to our subcontracting policy such as the addition or replacement of a subcontractor. If you are not in agreement with any change, please contact us and do not use the Services.

9.6. We may have to share or disclose your personal data if the law requires us to or if we have to respond to valid requests by public authorities.

 

10. PROTECTION OF PERSONAL INFORMATION ACT (POPIA):

10.1. We abide by the principles set out in POPIA which governs data processing activities in South Africa. In accordance with POPIA requirements we only collect personal data for one or more of the following legal purposes: 10.1.1. Based on your consent: We will collect and use certain personal data because you have consented to us collecting and using it and will only use it for a lawful purpose and the purpose for which the data is required.

10.1.2. To satisfy a legitimate interest: We are allowed to collect certain personal data where it satisfies a legitimate business interest. For example, where we collect data about how you use our website, we will use such information to improve our services, prevent fraud and improve your user experience.

10.1.3. To comply with legal obligations: We will collect certain data, such as details about your browser and transactions to enforce our terms and conditions and comply with applicable laws (for example, where we are required to maintain records of transactions for certain periods).

10.1.4. To honour a contract: We will process personal data to provide the Service and to perform in terms of a contract we have with you.

 

11. YOUR RIGHTS UNDER POPIA:

11.1. Withdrawing your consent: If you have consented to our use of your personal information for a specific purpose, you have the right to change your mind at any time (though this will not affect any processing that has already taken place). Where we are using your personal data because we or a third party have a legitimate interest to do so, you have the right to object to that use, though in some cases this may mean you may no longer be able to use the Services.

11.2. Data access and correction: You have the right to request access to and edit, correct or update the personal data you have submitted to us. You may request to exercise this right by directly emailing us through our contact details below.

11.3. Data deletion: You have the right to request the deletion of your data or client account at any time. To request the deletion of your personal data or client account, directly email us via our contact details below. Please, note that we will only delete certain data to the extent permissible by law or where it does not override our legitimate interest (for example, where we are required by applicable law to retain records of transactions).

 

12. ADDITIONAL RIGHTS:

12.1. The right to request access to the personal data we hold about you in a usable/readable format;

12.2. The right to request that we move your data to another IT environment without affecting its usability;

12.3. The right to object to or restrict the processing of certain data about you;

12.4. The right to know which third parties we have shared your data with; and

12.5. The right to report us to any data authority in your location if you believe we are processing your data unlawfully. If you are in South Africa, you may relay any complaint you may have to the Information Regulator (South Africa) if you feel we are using your personally identifiable information unlawfully. The Information Regulator can be contacted at inforeg@justice.gov.za.

 

13. THIRD PARTIES:

Any third parties to whom we may disclose personal information, including any of our payment partners and/or buyers as may be applicable, may have their own privacy policies which describe how they use and disclose personal information. Those policies will govern use, handling, and disclosure of your personal data once we have shared it with those third parties as described in this Policy. If you want to learn more about their privacy practices, we encourage you to visit the websites of those third parties.

 

14. NO RIGHTS OF THIRD PARTIES:

This Privacy Policy does not create rights enforceable by third parties or require disclosure of any personal information relating to users of the website or Services.

 

15. CHANGES TO THIS PRIVACY POLICY:

We will occasionally update this Privacy Policy to reflect changes in our practices and services. When we post changes to this Privacy Policy, we will revise the “last updated” date at the bottom of this document. If we make any material changes in the way we collect, use, and/or share your personal information, we will notify you by sending an email to the email address you most recently provided us in your account registration (unless we do not have such an email address), and/or by prominently posting notice of the changes on our website prior to the change becoming effective. We recommend that you check our website from time to time to inform yourself of any changes in this Privacy Policy or any of our other policies.

 

16. YOU MAY CONTACT US:

If you have any concerns, questions, issues, feedback, suggestions or ideas about this Privacy Policy, other agreements or our services, please reach out on the email addresses below:

loveit@milanandmaple.co.za