Privacy Policy

Last Update: 23/09/2025

The MUUM Studio (“we”, “our”, “us”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you visit our website themuum.com or purchase our products, regardless of where you are located.

1. Data Controller

The data controller responsible for your personal information is:

The MUUM Studio
Á Bakka 32, Leirvík 520, Faroe Islands
Email: themuum@themuum.com

We operate globally and process personal data of customers worldwide. For customers located in the European Union (EU), European Economic Area (EEA), and United Kingdom, we comply with the General Data Protection Regulation (GDPR / UK GDPR). For customers outside the EU/EEA/UK, we apply equivalent safeguards to ensure a high standard of data protection.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity Data: name, surname, username, account details.
  • Contact Data: email address, billing/shipping address, phone number.
  • Transaction Data: payment details (processed securely by third-party providers), order history.
  • Technical Data: IP address, browser type, device information, cookies.
  • Marketing & Communication Data: preferences for newsletters, promotions, and surveys.

We do not store full credit/debit card details – these are processed by secure payment providers (e.g., PayPal, WooCommerce Payments).

3. How We Use Your Data

We use your personal data for the following purposes:

  • To process and deliver your orders.
  • To provide customer support.
  • To improve our website, services, and user experience.
  • For fraud prevention, security, and legal compliance.
  • To send marketing communications (only with your consent).

4. Legal Basis for Processing (GDPR/UK GDPR)

We process your personal data under the following legal bases:

  • Contract performance – to fulfill your orders and provide services.
  • Legal obligations – such as accounting and tax requirements.
  • Legitimate interests – e.g., website security, analytics, service improvement.
  • Consent – e.g., marketing emails, cookies.

5. Data Sharing & Third Parties

We may share your personal data with trusted third parties, such as:

  • Service providers (hosting, website management, infrastructure): WooCommerce, Hostinger, LiteSpeed Cache, etc.
  • Order fulfillment & shipping: Printful.
  • Payments: PayPal, WooCommerce Payments.
  • Invoicing & shipping documentation: WebToffee WooCommerce PDF Invoices & Shipping Labels
  • Analytics & SEO: Google Analytics (via Site Kit), All in One SEO.
  • Marketing & communications: Omnisend, WooCommerce Cart Abandonment Recovery, Google for WooCommerce.
  • Translations: GTranslate.
  • Compliance tools: Cookie Notice & Compliance for GDPR/CCPA.

Some of these providers may process data outside the EU/EEA/UK (e.g., USA). In such cases, we use Standard Contractual Clauses (SCCs) or equivalent safeguards to protect your data.

We may also disclose information if required by law or authorities.

We never sell your data.

6. Data Retention

We keep your data only as long as necessary:

  • Orders & customer service: until the order is completed + warranty/after-sales period.
  • Accounting/legal obligations: typically 5–10 years, depending on jurisdiction.
  • Marketing communications: until you withdraw consent.

7. Your Rights (GDPR/UK GDPR)

You have the right to:

  • Access your personal data.
  • Rectify or erase your data.
  • Restrict or object to processing.
  • Withdraw consent at any time (e.g., unsubscribe from newsletters).
  • Request data portability.
  • File a complaint with your local Data Protection Authority.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to improve functionality, analyze traffic, and personalize marketing.

For more details, please see our separate Cookie Policy.

9. Automated Decision-Making & Profiling

We may use automated tools for:

  • Sending abandoned cart reminders.
  • Segmenting newsletter subscribers for targeted promotions.
  • Displaying personalized product ads (e.g., Google Ads).

These processes do not produce legal effects for you, but you can object at any time.

10. Security

We apply industry-standard technical and organizational measures to protect your data from unauthorized access, loss, misuse, or disclosure.

11. Additional Rights for California Residents (CCPA/CPRA)

If you are a resident of California, you may have the following additional rights under the California Consumer Privacy Act (CCPA/CPRA):

  • Right to know what personal data we collect, use, and share.
  • Right to request deletion of your personal data.
  • Right to opt-out of the sale or sharing of your personal data (we do not sell personal data).
  • Right to non-discrimination for exercising your privacy rights.

You can exercise these rights by contacting us at themuum@themuum.com.

12. Updates to this Policy

We may update this Privacy Policy from time to time. Any changes will be published on this page with an updated “Last Updated” date.

13. Contact

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

The MUUM Studio
Á Bakka 32, Leirvík 520, Faroe Islands
Email: themuum@themuum.com

Shopping Basket
Scroll to Top