no items in your shopping cart.
Privacy Policy
Date of last update: 20 December 2023
The protection of your personal data is part of Sandro brand and SMCP Group's values. By using our website (the “Website”) or visiting one of our stores you acknowledge that you have read this privacy policy (“Privacy Policy"), which regulates the protection of your personal data collected while using our Website and visit our stores meaning any information identifying you either directly or indirectly ("Data" or "Personal Data"), such as your surname, first name, postal address, email, customer number, etc.
- 1. Who is responsible for the processing of your Personal Data?
- 2. Which Personal Data do we collect?
- 3. Why do we use your Personal Data?
- 4. What are your rights with regard to your Personal Data?
- 5. Who are the recipients of your Personal Data?
- 6. Transfer of your Personal Data overseas
- 7. Security and privacy of your Personal Data
- 8. For how long do we store your Personal Data?
- 9. Miscellaneous
1. Who is responsible for the processing of your Personal Data?
The SMCP entity responsible for the processing of your Personal Data will depend on where you are located in the world. The relevant SMCP entity are referred to as “SMCP”, “our”, “we” or “us” in this Privacy Policy.
The SMCP entity responsible under our Privacy Policy for Hong Kong:
SMCP Asia Limited, Units 3203A-5A, 32/F, The Centrium, 60 Wyndham Street, Central, Hong Kong.
2. Which Personal Data do we collect?
Your Personal Data is collected, for example, when you create your customer account with us (whether online or in store), when you place an order on the Website, when you correspond with Customer Services, visit our store and, more generally, when you browse our Website. The following Personal Data is involved:
§ The information collected when you create your account in our stores or on the Website such as your surname, first name, postal address, email, date of birth, password, telephone number and your contact preferences in relation to subscription to our newsletter and offers. Your image when you visit our stores (as CCTVs may be in place), or your voice when you call our Customer Services as your call may be recorded;
§ The information required for managing and processing your orders such as your bank card details used in the transaction, your order history (for example, purchase amount, references of products ordered, etc.) and your written or telephone correspondence with our Customer Services; and
§ The information collected when you browse the Website such as your browsing history (for example, the date, time of connection and/or browsing, the pages visited, etc.), the type of terminal and browser, your location, the browser language, the Internet provider and IP address when you use the Website.
3. Why do we use your Personal Data?
We use your Personal Data for several reasons.
Our primary objective is, of course, to satisfy you as customer. For this reason, we collect most of your Data within the context of your purchases, particularly to deliver your orders and to give you the support you may request. If necessary Data is not obtained, services provided may be limited.
On the other hand, we may collect your Data when you give us your consent for purposes that will enhance your experience with our brand.
Finally, other Data is collected because it arises from a need based on a legitimate interest (for example, to facilitate the access to our Website and its use).
You will find further examples below of the purposes for which Data is collected:
Legal basis |
Processing purposes |
Your purchasing |
Ensure the delivery of the products you have ordered Manage the customer relationship and any complaints you might have Manage any requests related to the exercise of your rights in relation to personal data |
Your consent |
Receive our newsletters and customised offers through any electronic communication service Benefit from a browsing experience customised according to your purchasing history and your browsing on the Website Benefit from our customised advertising promotions on third-party media |
Our legitimate interest |
Access to the Website and its usage Analyse and improve the quality and the performance of services Monitor use of the Website and improve your experience Preserve our rights Manage transactions and combat fraud Send you surveys and Generate statistics and segment information, investigations and analyses in order to improve our knowledge of our customers Share data within the SMCP Group in order to improve our knowledge of our customers, where permitted under applicable laws |
4. What are your rights with regard to your Data?
In accordance with the relevant regulations relating to personal data, you hold and may exercise the following rights with us:
§ Right of access: you have the right to access the Personal Data processed by us;
§ Right to rectification: you have the right to request that we rectify your Data if it is inaccurate or incomplete;
§ Right to erasure: you have the right to request that we erase your Data (subject to the conditions set out in Article 8 below);
§ Right to object: you have the right to request not to receive any further communications from us by using our on-line forms, the links at the bottom of our emails;
§ Right to portability: you have the right to request the transfer of your Data, if the conditions for exercising this right are met; and
§ Right to be informed: you have the right to obtain information regarding the way in which we process your Data.
In order to exercise your right, you may send us an email at dp_apac@smcp.com. We may ask you to provide us with proof of identity.
5. Who are the recipients of your Personal Data?
Your Data is intended principally to be used by our services. It may sometimes be shared with our group companies either in Hong Kong or overseas or sent to external recipients or our partners for the reasons described below. In any event, we select the recipients of your Data on the basis of their competence in data security and privacy. We conclude contracts with these recipients allowing us to ensure the high level of security of their systems. It is our service providers’ responsibility for improving the functioning of our Websites, implementing your transactions and payment security, those of our service providers responsible for logistics (storage, preparation and delivery of your products), our Customer Services, our service provider tasked with performing marketing or commercial surveys or advertising agencies. Please note that we also use overseas facilities to process or back up the Data. Therefore, we may transfer your Data to our overseas facilities for storage. However, this will not change our commitment to protecting your privacy.
Your Data may also be transferred to third parties, (1) subject to your prior consent, for processing in accordance with the purpose(s) for which your Data has been collected or (2) in the event that we are obliged to do so by the law, as part of legal proceedings, or if an imperative request has been made by a public body or (3) if we are involved in a merger or acquisition operation, or asset sale.
6. Transfer of your Personal Data Overseas
In the event that the Personal Data is transferred to a country located outside the jurisdiction in which your Data was originally collected ("Original Jurisdiction”), we commit ourselves to taking the technical and organisational measures required in order to guarantee an adequate level of security for your Data as if it had remained within the Original Jurisdiction.
Indeed, we demand to these Data recipients that they implement the measures required in order to ensure the same level of protection as demanded by the regulations relating to personal data of the Original Jurisdiction.
7. Security and privacy of your Personal Data
We may hold your Personal Data in either electronic or hard copy form. We store your Personal Data in our client database protected by technical and organisational measures in order to ensure the security, integrity, authenticity and privacy of the Personal Data. We ensure that our partners maintain a level of protection comparable to ours in relation to your Personal Data. We also ensure that your transactions are secure by implementing adequate measures, as well as measures to combat fraud.
8. For how long do we store your Personal Data?
We store your Personal Data only for the period that is strictly required for achieving the purposes for which they were collected. Hence, we store your Personal Data, with the exception of your bank details, which are collected and processed by the intermediary among our service providers responsible for processing payments, for 3 years from the date of the last interaction between us (i.e. from your last purchase, from the last contact (call, email, chat or social network interaction) with our Customer Services, from the opening of our newsletter, or otherwise from the date on which the customer’s profile was created).
Your bank details are stored by our payment partner, Adyen. When you make purchases on-line, you are required to enter your bank details into the fields provided for that purpose. If you provide your consent, and in order to facilitate your payments, you may choose for our payment service provider to store your bank details in a secure manner so that they can be used for your next purchases. If this is the case, you can tick the "Save your payment details" option when you pay for your order. You may, at any moment, ask us to delete the registered bank card by consulting your account, under the heading "My payment options", or by writing to us via our contact form.
Once your Data has been deleted from our database, some of your Data may be stored in an archived form with limited access, strictly limited to the objectives of satisfying our legal, accounting and fiscal obligations, but also for the purposes of managing any complaints or guarantee claims you might have within the applicable limits of any limitation periods.
Once your Personal Data is no longer required for these purposes or for archiving purposes in order to comply with our legal obligations or for the purposes of the applicable limitation, your data will be irreversibly anonymised.
You may, at any time, request that we erase all or part of your Data, object to its processing or request that it is restricted, in compliance with Article 4 above. In the event that you request for your Data to be erased, it will be erased from our database and may be temporarily stored in an archived form as described above.
9. Miscellaneous
In the event of any changes to these terms for the processing of your Data, we will update our Privacy Policy and you by posting an updated version of our Privacy Policy on the Website, unless your consent is required by applicable law.
Finally, we inform you that if you have any complaints relating to the protection of your Personal Data, please contact us by sending an email to mailto: dp_apac@smcp.com.
Privacy Policy
Date of last update: 20 December 2023
The protection of your personal data is part of Sandro brand and SMCP Group's values. By using our website (the “Website”) or visiting one of our stores you acknowledge that you have read this privacy policy (“Privacy Policy"), which regulates the protection of your personal data collected while using our Website and visit our stores meaning any information identifying you either directly or indirectly ("Data" or "Personal Data"), such as your surname, first name, postal address, email, customer number, etc.
- 1. Who is responsible for the processing of your Personal Data?
- 2. Which Personal Data do we collect?
- 3. Why do we use your Personal Data?
- 4. What are your rights with regard to your Personal Data?
- 5. Who are the recipients of your Personal Data?
- 6. Transfer of your Personal Data overseas
- 7. Security and privacy of your Personal Data
- 8. For how long do we store your Personal Data?
- 9. Miscellaneous
1. Who is responsible for the processing of your Personal Data?
The SMCP entity responsible for the processing of your Personal Data will depend on where you are located in the world. The relevant SMCP entity are referred to as “SMCP”, “our”, “we” or “us” in this Privacy Policy.
The SMCP entity responsible under our Privacy Policy for Macau:
SMCP Macau Limited, Avenida da Praia Grande, n. 409, China Law Building, 16/F – B75, Macau.
2. Which Personal Data do we collect?
Your Personal Data is collected, for example, when you create your customer account with us (whether online or in store), when you place an order on the Website, when you correspond with Customer Services, visit our store and, more generally, when you browse our Website. The following Personal Data is involved:
§ The information collected when you create your account in our stores or on the Website such as your surname, first name, postal address, email, date of birth, password, telephone number and your contact preferences in relation to subscription to our newsletter and offers. Your image when you visit our stores (as CCTVs may be in place), or your voice when you call our Customer Services as your call may be recorded;
§ The information required for managing and processing your orders such as your bank card details used in the transaction, your order history (for example, purchase amount, references of products ordered, etc.) and your written or telephone correspondence with our Customer Services; and
§ The information collected when you browse the Website such as your browsing history (for example, the date, time of connection and/or browsing, the pages visited, etc.), the type of terminal and browser, your location, the browser language, the Internet provider and IP address when you use the Website.
3. Why do we use your Personal Data?
We use your Personal Data for several reasons.
Our primary objective is, of course, to satisfy you as customer. For this reason, we collect most of your Data within the context of your purchases, particularly to deliver your orders and to give you the support you may request. If necessary Data is not obtained, services provided may be limited.
On the other hand, we may collect your Data when you give us your consent for purposes that will enhance your experience with our brand.
Finally, other Data is collected because it arises from a need based on a legitimate interest (for example, to facilitate the access to our Website and its use).
You will find further examples below of the purposes for which Data is collected:
Legal basis |
Processing purposes |
Your purchasing |
Ensure the delivery of the products you have ordered Manage the customer relationship and any complaints you might have Manage any requests related to the exercise of your rights in relation to personal data |
Your consent |
Receive our newsletters and customised offers through any electronic communication service Benefit from a browsing experience customised according to your purchasing history and your browsing on the Website Benefit from our customised advertising promotions on third-party media |
Our legitimate interest |
Access to the Website and its usage Analyse and improve the quality and the performance of services Monitor use of the Website and improve your experience Preserve our rights Manage transactions and combat fraud Send you surveys and Generate statistics and segment information, investigations and analyses in order to improve our knowledge of our customers Share data within the SMCP Group in order to improve our knowledge of our customers, where permitted under applicable laws |
4. What are your rights with regard to your Data?
In accordance with the relevant regulations relating to personal data, you hold and may exercise the following rights with us:
§ Right of access: you have the right to access the Personal Data processed by us;
§ Right to rectification: you have the right to request that we rectify your Data if it is inaccurate or incomplete;
§ Right to erasure: you have the right to request that we erase your Data (subject to the conditions set out in Article 8 below);
§ Right to object: you have the right to request not to receive any further communications from us by using our on-line forms, the links at the bottom of our emails;
§ Right to portability: you have the right to request the transfer of your Data, if the conditions for exercising this right are met; and
§ Right to be informed: you have the right to obtain information regarding the way in which we process your Data.
In order to exercise your right, you may send us an email at dp_apac@smcp.com. We may ask you to provide us with proof of identity.
5. Who are the recipients of your Personal Data?
Your Data is intended principally to be used by our services. It may sometimes be shared with our group companies overseas or sent to external recipients or our partners for the reasons described below. In any event, we select the recipients of your Data on the basis of their competence in data security and privacy. We conclude contracts with these recipients allowing us to ensure the high level of security of their systems. It is our service providers’ responsibility for improving the functioning of our Websites, implementing your transactions and payment security, those of our service providers responsible for logistics (storage, preparation and delivery of your products), our Customer Services, our service provider tasked with performing marketing or commercial surveys or advertising agencies. Please note that we also use overseas facilities to process or back up the Data. Therefore, we may transfer your Data to our overseas facilities for storage. However, this will not change our commitment to protecting your privacy.
Your Data may also be transferred to third parties, (1) subject to your prior consent, for processing in accordance with the purpose(s) for which your Data has been collected or (2) in the event that we are obliged to do so by the law, as part of legal proceedings, or if an imperative request has been made by a public body or (3) if we are involved in a merger or acquisition operation, or asset sale.
6. Transfer of your Personal Data Overseas
In the event that the Personal Data is transferred to a country located outside the jurisdiction in which your Data was originally collected ("Original Jurisdiction”), we commit ourselves to taking the technical and organisational measures required in order to guarantee an adequate level of security for your Data as if it had remained within the Original Jurisdiction.
Indeed, we demand to these Data recipients that they implement the measures required in order to ensure the same level of protection as demanded by the regulations relating to personal data of the Original Jurisdiction.
7. Security and privacy of your Personal Data
We may hold your Personal Data in either electronic or hard copy form. We store your Personal Data in our client database protected by technical and organisational measures in order to ensure the security, integrity, authenticity and privacy of the Personal Data. We ensure that our partners maintain a level of protection comparable to ours in relation to your Personal Data. We also ensure that your transactions are secure by implementing adequate measures, as well as measures to combat fraud.
8. For how long do we store your Personal Data?
We store your Personal Data only for the period that is strictly required for achieving the purposes for which they were collected. Hence, we store your Personal Data, with the exception of your bank details, which are collected and processed by the intermediary among our service providers responsible for processing payments, for 3 years from the date of the last interaction between us (i.e. from your last purchase, from the last contact (call, email, chat or social network interaction) with our Customer Services, from the opening of our newsletter, or otherwise from the date on which the customer’s profile was created).
Your bank details are stored by our payment partner, Adyen. When you make purchases on-line, you are required to enter your bank details into the fields provided for that purpose. If you provide your consent, and in order to facilitate your payments, you may choose for our payment service provider to store your bank details in a secure manner so that they can be used for your next purchases. If this is the case, you can tick the "Save your payment details" option when you pay for your order. You may, at any moment, ask us to delete the registered bank card by consulting your account, under the heading "My payment options", or by writing to us via our contact form.
Once your Data has been deleted from our database, some of your Data may be stored in an archived form with limited access, strictly limited to the objectives of satisfying our legal, accounting and fiscal obligations, but also for the purposes of managing any complaints or guarantee claims you might have within the applicable limits of any limitation periods.
Once your Personal Data is no longer required for these purposes or for archiving purposes in order to comply with our legal obligations or for the purposes of the applicable limitation, your data will be irreversibly anonymised.
You may, at any time, request that we erase all or part of your Data, object to its processing or request that it is restricted, in compliance with Article 4 above. In the event that you request for your Data to be erased, it will be erased from our database and may be temporarily stored in an archived form as described above.
9. Miscellaneous
In the event of any changes to these terms for the processing of your Data, we will update our Privacy Policy and you by posting an updated version of our Privacy Policy on the Website, unless your consent is required by applicable law.
Finally, we inform you that if you have any complaints relating to the protection of your Personal Data, please contact us by sending an email to mailto: dp_apac@smcp.com.