Skip to content
Maison Reluxe

Privacy policy

Privacy Policy
Last Updated: 25/12/2025

This Privacy Policy sets out how MAISON RELUXE LTD, a private limited liability company incorporated and registered in the Republic of Cyprus under registration number HE 477492 (the “Company”, “we”, “us” or “Maison Reluxe”), collects, uses, discloses, stores, and protects personal data when you access or use the website https://maisonreluxe.com/ (the “Website”) or otherwise interact with the Company.

1. Definitions
For the purposes of this Privacy Policy, the following definitions apply:

“Company” refers to MAISON RELUXE LTD, a private company incorporated in Cyprus under registration number HE 477492.

“Website” refers to https://maisonreluxe.com/, including all related subdomains and content.

“User”, “you” or “your” refers to any individual or legal entity accessing or using the Website.

“Products” means any goods offered for sale through the Website, including new and pre- owned luxury items like bags, accessories and watches.

“Order” refers to a request submitted by a User to purchase any of the Products through the Website.

“Content” refers to all text, photos, designs, graphics, product descriptions, and other material displayed on the Website.

“Personal Data”  means any information relating to an identified or identifiable natural person including any information that directly or indirectly identifies such person, as defined under Regulation (EU) 2016/679 (the General Data Protection Regulation – GDPR). Personal Data includes, without limitation, identification data, contact details, online identifiers, transactional information, technical and usage data, and any other information collected or processed by the Company in connection with a User’s access to or use of the Website, placement of Orders, or interaction with the Company.

“Services” means the operation and provision of the Website and any related functionalities, features, tools, and support offered by the Company, including, without limitation, the display and marketing of Products, the processing and fulfilment of Orders, handling of returns and refunds, customer support, communications with Users, and any other ancillary services provided by the Company in connection with its online retail activities.

1. WHO WE ARE

1.1 MAISON RELUXE LTD is a private limited liability company incorporated and registered in the Republic of Cyprus under registration number HE 477492. The Company operates the website https://maisonreluxe.com/, through which it offers for sale selected new and pre-owned luxury goods, including but not limited to fashion items, accessories, and watches.

1.2 Maison Reluxe operates exclusively as an independent retailer and is not affiliated with, associated with, endorsed by, authorised by, or sponsored by any luxury brand, fashion house, watch manufacturer, or their respective parent companies or subsidiaries. The Company does not act as an authorised reseller or distributor of any luxury brand unless expressly stated otherwise.

1.3 In the course of its business activities, Maison Reluxe collects and processes personal data in accordance with applicable data protection laws, including Regulation (EU) 2016/679 (the General Data Protection Regulation – GDPR), and is committed to protecting the privacy and personal data of its users, customers, and business partners.


2. PERSONAL DATA WE COLLECT
2.1 For the purposes of operating the Website, providing access to Products, processing Orders, arranging payments, deliveries, returns and refunds, responding to enquiries, and ensuring compliance with applicable legal and regulatory obligations, the Company may collect, process, store, and otherwise use certain categories of Personal Data relating to Users. The scope and nature of the Personal Data collected may vary depending on the User’s interaction with the Website, the Products purchased, and the legal obligations applicable to the Company.

2.2 The categories of Personal Data that may be collected include, without limitation, the following:

  1. Identity Data: Name, username, or other identifiers.
  2. Contact Data: Email address, phone number, and postal address.
  3. Financial Data: Payment confirmation information.
  4. Transaction Data: including details of Orders placed, Products purchased, payment status, delivery information, returns, refunds, and related invoices or confirmations.
  5. Technical Data: IP address, browser type, operating system, device type, and website usage data.
  6. Profile Data: Preferences, feedback, and user account information.
  7. Marketing and Communications Data: Consent and preferences for receiving marketing messages.
  8. Other Data: Any information you provide when interacting with the Website.

3. DATA COLLECTION METHODS

3.1 The Company may collect Personal Data through various lawful channels and methods, both directly and indirectly, depending on the User’s interaction with the Website, the placement of Orders, and any communications with the Company. Personal Data may be collected through the following means:

(a) Direct Interactions with Users
Personal Data may be voluntarily provided by Users when they place Orders for Products through the Website, create or use an account where applicable, complete forms or provide information requested by the Company from time to time, communicate with the Company by email, telephone, contact forms, or other available communication channels, subscribe to newsletters or marketing communications, participate in promotional activities where offered, or exercise their data protection rights by submitting requests under the GDPR or other applicable legislation.

Such data may include Identity Data, Contact Data, Payment and Financial Data, Transaction Data, Communication Data, and any other information voluntarily disclosed by the User in correspondence with the Company.

(b) Automated Collection via the Website
When Users access or interact with the Website, certain technical data and usage data may be collected automatically through the use of technologies such as cookies and similar tracking tools. This may include information relating to IP address, browser type and version, operating system, device identifiers, access times, pages viewed, navigation paths, referral sources, error logs, and general Website usage patterns. The Company may also use analytics and performance monitoring tools provided by third-party service providers to collect aggregated and anonymised statistical data regarding Website traffic and user behaviour.

(c) Third-Party Sources
The Company may receive Personal Data from third-party sources, including payment service providers, delivery and logistics partners, IT and hosting providers, analytics providers, and marketing platforms, to the extent necessary for the performance of contracts, processing of Orders, delivery of Products, fraud prevention, and operation of the Website. Such data is processed in accordance with applicable data protection laws and contractual safeguards.

(d) Legal and Regulatory Authorities
Personal Data may also be collected or received where required to comply with legal or regulatory obligations, or in response to lawful requests from public authorities, courts, or law enforcement agencies.

3.2 The Company ensures that all methods of collecting and processing Personal Data are carried out lawfully, fairly, and transparently in accordance with Article 5 of the GDPR. Where required by law, the Company will obtain the User’s explicit consent prior to collecting or processing Personal Data for specific purposes, including the use of non-essential cookies or the sending of marketing communications.

3.3 Users are informed, at the time Personal Data is collected, of the categories of data being collected, the purposes of processing, and the applicable legal basis, except where such information is not required under applicable data protection laws, including where the User already possesses the relevant information or where disclosure would be disproportionate or would seriously impair the achievement of the processing purposes.

4. LEGAL BASES FOR PROCESSING
We process Personal Data on the following legal bases:

  1. Performance of a contract (e.g., processing Orders);
  2. Compliance with legal obligations;
  3. Legitimate interests, such as improving Services, website security, fraud prevention, and dispute resolution;
  4. Consent, for marketing communications or other optional processing.

5. PURPOSES OF DATA PROCESSING
5.1 The Company processes Personal Data only for specified, explicit, and legitimate purposes. Personal Data will not be further processed in a manner incompatible with those purposes, except where permitted or required by law. The primary purposes for which Personal Data may be used include, without limitation:

a) to operate, maintain, and provide access to the Website and to ensure its proper functionality and security;

b) to process and fulfil Orders, including the processing of payments, arrangement of delivery, handling of returns and refunds, and the issuance of invoices or confirmations;

c) to communicate with Users in relation to Orders, order status, delivery updates, customer service requests, enquiries, and other operational or transactional matters;

d) to manage financial transactions, accounting records, and related administrative processes;

e) to comply with applicable legal, regulatory, tax, and consumer protection obligations;

f) to monitor, detect, prevent, and investigate fraud, unauthorised access, unlawful activity, or security incidents affecting the Website or the Company;

g) to improve the Website, Products, and overall user experience through analysis and optimisation, subject to applicable data protection requirements;

h) to send marketing or promotional communications, newsletters, or offers, where the User has provided valid consent or where otherwise permitted by law.

6. MARKETING AND OPT-OUT OPTIONS
6.1 The Company may process certain categories of Personal Data, including Identity Data, Contact Data, Usage Data, and Marketing and Communication Data, for the purpose of sending Users marketing communications, promotional offers, newsletters, service updates, or other information that may be of interest. Such communications may be delivered by email, SMS, telephone, or other electronic means permitted by law.

6.2 Marketing communications will only be sent:

(a) where the User has provided explicit consent to receive such communications; or

(b) where the Company has an existing relationship with the User in respect of the Products or offers similar to those previously provided, in accordance with applicable law and with the offer of a opt out option always available.

6.3 Users have the right to opt out of receiving marketing communications at any time. Opt-out mechanisms include, but are not limited to:

(a) following the “unsubscribe” or “opt-out” link provided in any electronic marketing message;

(b) contacting the Company directly at info@maisonreluxe.com with a clear request to withdraw consent or opt out.

7. CHANGE OF PURPOSE

7.1 The Company collects and processes Personal Data solely for the specific, explicit, and legitimate purposes for which it was originally obtained, as described in this Privacy Policy. Such purposes include, without limitation, the operation of the Website, the processing and fulfilment of Orders, the management of payments, deliveries, returns, and refunds, communication with Users, the performance of contractual obligations, compliance with applicable legal or regulatory requirements, and the improvement, security, and proper functioning of the Website and the Company’s services.

7.2 Where the Company intends to process Personal Data for a purpose other than that for which it was originally collected, it shall ensure that such further processing is compatible with the original purpose in accordance with Article 6(4) of the GDPR, or that an alternative lawful basis applies. Where required by law, the Company will inform the User of the new purpose and obtain any necessary consent prior to such processing.


8. Disclosure of Personal Data

8.1 The Company may disclose, transfer, or otherwise make available Personal Data to third parties strictly on a need-to-know basis and only to the extent necessary to achieve the purposes set out in this Privacy Policy and the Terms of Use. Any such disclosure is carried out in accordance with applicable data protection laws and subject to appropriate contractual, technical, and organisational safeguards.

8.2 Personal Data may be disclosed, on a strict need to know basis, to the following categories of recipients:

(a) Service Providers and Business Partners, including but not limited to payment service providers, financial institutions, delivery and logistics partners, IT hosting and infrastructure providers, website maintenance and analytics providers, and other third parties engaged by the Company to support the operation of the Website, the processing and fulfilment of Orders, the handling of payments, deliveries, returns, refunds, and the provision of related services.

(b) Employees, Officers, and Contractors of the Company who are duly authorised, trained, and bound by confidentiality obligations, and who require access to Personal Data solely for the purpose of performing their duties in connection with the operation of the Website, the administration of Orders, customer support, compliance, or other legitimate business functions. Access to Personal Data is limited to the minimum amount necessary for the performance of such duties.

8.3 In all cases, the Company ensures that Personal Data is disclosed only for lawful and legitimate purposes and that appropriate safeguards are implemented, including the execution of data processing agreements or confidentiality undertakings where required under the GDPR. The Company takes reasonable steps to ensure that all recipients of Personal Data maintain its confidentiality, integrity, and security in accordance with applicable data protection standards.

9. INTERNATIONAL DATA TRANSFERS
Where Personal Data is transferred outside the European Economic Area, the Company ensures that such transfers comply with the requirements of Chapter V of the General Data Protection Regulation (GDPR), including, where applicable, the implementation of appropriate safeguards such as Standard Contractual Clauses approved by the European Commission, supplementary technical and organisational measures, and, where required, transfer impact assessments, to ensure an adequate level of protection for Personal Data.

10. DATA SECURITY
10.1 The Company implements and maintains appropriate technical and organizational measures to ensure a level of security appropriate to the risks associated with the collection, storage, and processing of Personal Data. These measures are designed to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored, or otherwise processed.

10.2 Security measures may include, but are not limited to: encryption, pseudonymization, secure servers, firewalls, intrusion detection systems, regular vulnerability testing, access controls, multi-factor authentication, secure data backups, and monitoring of data processing systems.

10.3 Access to Personal Data is strictly limited to the Company’s employees, officers, contractors, and authorized third parties who have a legitimate business need to access such data in order to perform their duties in connection with the provision of the Services. All such persons are bound by confidentiality obligations, whether contractual or statutory, and are required to process Personal Data in accordance with the Company’s instructions and applicable data protection laws.

10.4 While the Company takes reasonable steps to safeguard Personal Data, Users acknowledge that no method of transmission over the internet or method of electronic storage is entirely secure. Accordingly, the Company cannot guarantee absolute security and shall not be held liable for any unauthorized access or use that is beyond its reasonable control.

11. Data Retention

11.1 The Company retains Personal Data only for as long as is strictly necessary to fulfil the specific purposes for which it was collected and processed, including, without limitation, the operation of the Website, the processing and fulfilment of Orders, the handling of payments, deliveries, returns and refunds, the provision of customer support, the performance of contractual obligations, and compliance with applicable legal and regulatory requirements.

11.2 In determining the appropriate retention period for Personal Data, the Company takes into account the nature, sensitivity, and volume of the Personal Data, the potential risks arising from unauthorised use or disclosure, the purposes for which the Personal Data was collected and processed, the necessity of retaining such data for legitimate business operations, and applicable legal, regulatory, tax, accounting, and consumer protection obligations.

11.3 Personal Data may be retained for extended periods where necessary in connection with actual or reasonably anticipated disputes, complaints, audits, investigations, or legal proceedings, or where the Company has a legitimate interest in retaining such data for the establishment, exercise, or defence of legal claims.

11.4 Upon expiry of the applicable retention period, the Company shall ensure that Personal Data is securely deleted, anonymised, or otherwise rendered irreversibly inaccessible, in accordance with applicable law and recognised industry standards for data protection and information security.

12. USER RIGHTS
12.1 In accordance with applicable data protection laws, including but not limited to the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and any relevant national legislation, Users are granted specific rights in relation to their Personal Data. The Company is committed to ensuring that Users can effectively exercise these rights, subject to any limitations or conditions imposed by law.

12.2 The rights of Users include, without limitation, the following:

(a) Right of Access – Users have the right to obtain confirmation as to whether or not Personal Data concerning them is being processed, and, where that is the case, to access such Personal Data and receive a copy together with information relating to its processing.

(b) Right to Rectification – Users have the right to request the correction or updating of any inaccurate, incomplete, or outdated Personal Data held by the Company.

(c) Right to Erasure (“Right to be Forgotten”) – Users have the right to request the deletion of their Personal Data where there is no longer a lawful basis for its retention or processing. This right is subject to limitations, such as where data must be retained to comply with legal obligations, establish, exercise, or defend legal claims, or for legitimate business purposes.

(d) Right to Restriction of Processing – Users may request that the Company restrict the processing of their Personal Data in certain circumstances, for example, if the accuracy of the data is contested, or the processing is unlawful but the User opposes deletion.

(e) Right to Data Portability – Users may request to receive their Personal Data in a structured, commonly used, and machine-readable format and have the right to transmit such data to another data controller, provided the processing is based on consent or contract and carried out by automated means.

(f) Right to Object – Users have the right to object at any time to the processing of their Personal Data where such processing is based on the Company’s legitimate interests, including direct marketing. In such cases, the Company will cease processing unless it demonstrates compelling legitimate grounds that override the interests, rights, and freedoms of the User, or where the processing is necessary for legal claims.

(g) Right to Withdraw Consent – Where processing is based on the User’s consent, the User may withdraw consent at any time, without affecting the lawfulness of processing carried out prior to such withdrawal.

(h) Right to Lodge a Complaint – Users have the right to lodge a complaint with the relevant data protection supervisory authority if they believe their rights under data protection laws have been violated.

12.3 The Company will respond to any valid request to exercise User rights without undue delay and in any event within the timeframes prescribed by applicable law. The Company reserves the right to request verification of the User’s identity before acting on any request, in order to prevent unauthorized access to Personal Data.

12.4 Requests relating to the exercise of User rights may be submitted to the Company at the contact details, at: info@maisonreluxe.com.

13. COOKIES AND TRACKING TECHNOLOGIES
13.1 The Website may use cookies and similar tracking technologies (collectively, “Cookies”) to enhance the User experience, improve the functionality and performance of the Website and Services, and collect statistical information about usage patterns. Cookies are small data files stored on the User’s device when accessing the Website, which allow the Website to recognize the User’s browser, remember preferences, and provide a more personalized experience.

13.2 The categories of Cookies used may include, without limitation:
(a) Strictly Necessary Cookies – Cookies essential for the operation of the Website and the provision of Services. These enable core functions such as security, authentication, and access to secure areas of the Website. Disabling these Cookies may render certain parts of the Website inoperable.
(b) Functional Cookies – Cookies that enable the Website to remember choices made by the User (such as language preferences, location, or login details) in order to provide enhanced and more personalized features.
(c) Performance and Analytics Cookies – Cookies that collect information about how Users interact with the Website, including the most frequently visited pages, time spent on the Website, and error messages received. These Cookies are used to improve the performance and functionality of the Website and Services.
(d) Advertising and Targeting Cookies – Cookies that may be used to deliver relevant advertisements to Users, track the effectiveness of advertising campaigns, and limit the number of times an advertisement is displayed. These Cookies may also be placed by third-party advertising networks with the Company’s authorization.
(e) Social Media Cookies – Cookies that allow Users to share Website content through third-party social networking platforms and enable those platforms to track interactions with such content.

13.4 Users may choose to manage or disable Cookies by adjusting their browser settings. However, please note that disabling or refusing Cookies may limit access to certain features or functionality of the Website, and some Services may not function properly without essential Cookies.

13.5 Where third-party Cookies are used, such as those provided by analytics or advertising service providers, the Company does not control these third parties and shall not be responsible for their privacy practices. Users are encouraged to review the privacy policies of third-party service providers for further information about how their data is collected and processed.

13.6 The Company may also use other tracking technologies, including but not limited to web beacons, pixel tags, and device fingerprinting, for similar purposes as Cookies, such as measuring Website traffic, monitoring engagement with content, and ensuring the proper functioning of the Services.

14. CHANGES TO THIS PRIVACY POLICY

14.1 The Company reserves the right to modify, amend, or update this Privacy Policy at any time to reflect changes in legal obligations, operational practices, or the functionality of the Website and Services. Any updates or revisions will be effective immediately upon posting on the Website, with the “Last Updated” date amended accordingly.

14.2 The Company encourages Users to review this Privacy Policy periodically to remain informed about how their Personal Data is collected, used, stored, and shared. Continued use of the Website following the posting of any changes constitutes the User’s acknowledgment, acceptance, and agreement to be bound by the revised Privacy Policy.

14.3 In cases where changes materially affect the processing of Personal Data or the rights of Users under applicable data protection laws, the Company may, where legally required, provide additional notice to Users via email, notifications on the Website, or other appropriate communication channels.

15. Contact Information

15.1 For any inquiries, questions, complaints, or requests to exercise your data protection rights, including access, correction, erasure, restriction, objection, data portability, or withdrawal of consent, Users may contact the Company using the email provided below:

Email: info@maisonreluxe.com