Privacy Policy

Welcome to Mitsukiand our website at www.mitsukishop.com and thank you for your interest in this Privacy Policy!

As part of our legal obligations and corporate responsibility for the careful handling and protection of your Personal Identifiable Information, we would like to use this policy to provide you with the necessary transparency regarding data processing and data security in the context of the use of our website and services.

What is PII?

PII is any information relating to personal or material circumstances that relates to an identified or identifiable individual. This includes, for example, your name, date of birth, e-mail address, postal address, or telephone number as well as online identifiers such as your IP address. In contrast, information of a general nature that cannot be used to determine your identity is not PII. This includes, for example, the number of users of a website.

Which law applies?

As a company based in Florida, we are obliged to follow the Florida Information Protection Act (“FIPA”) and process your PII only in accordance with the FIPA and this Privacy Policy.

General information

Your data and information that you provide to us are used for the processing of orders, the delivery of goods and the provision of services, the processing of payment transactions, customer service, promotions or for advertising purposes. The provision of your PII is basically voluntary.

However, for the conclusion and implementation of the customer relationship, it is mandatory to process certain data about you. This includes in particular the following data: Customer contact data, name, address,phone number, email address, and necessary data for billing purposes. We only process PII from other sources if this is legally permissible, for example because it is necessary for the provision of our services.

Of course, we also use this information to provide you with targeted support for your needs when shopping at Mitsuki. If requested by you, we also use your information to communicate with you about orders, products, services, and marketing offers, as well as to provide you with information about your Mitsuki account.

Legal basis for the processing of PII

Your data is only processed if the following legal permissions exist:

in order to provide our contractual services and website;
processing is required by law;
with your consent; and
on the basis of our legitimate interests (i.e., interest in the analysis, optimization and economic operation and security of our website, in particular in measuring reach, creating profiles for advertising and marketing purposes, and collecting access data and using third-party services).

The above legal bases are set out as follows:

Data Subject Rights

In accordance with the FIPA, you can in relation to us processing your PII rely on the following rights:

Right to Know and Access. You may submit a verifiable request for information regarding the: (1) categories of Personal Information we collect, use, or share; (2) purposes for which categories of Personal Information are collected or used by us; (3) categories of sources from which we collect Personal Information; and (4) specific pieces of Personal Information we have collected about you.
Right to Equal Service. We will not discriminate against you if you exercise your privacy rights.
Right to Delete. You may submit a verifiable request to close your account and we will delete Personal Information about you that we have collected.
Request that a business that sells a consumer's personal information, not sell the consumer's personal information.

We encourage you to get in touch if you have any concerns with how we collect or use your PII or want to enforce your rights.

Data deletion and storage period

Your PII will be deleted or blocked as soon as the purpose of storage ceases to apply. In addition, storage may take place if this has been provided for by, Florida laws or other provisions to which we are subject (archiving obligation).

After expiry of this period, we retain the information of the contractual relationship required by commercial and tax law for the periods determined by law. For this period (regularly ten years from the conclusion of the contract), the data will be processed again solely in the event of an audit by the tax authorities, for economic and tax audit purposes and for the investigation of possible criminal offences.

Automatic data processing when visiting our website

When you access our website, some data is collected and processed by us or on our behalf by our selected third-party providers.

a) Log files

We log your website visit. In doing so, we process:

Name(s) of our website(s) accessed,
date and time of access,
the amount of data transferred,
the browser type and version,
the operating system used by you
the referrer URL (the previously visited website),
your IP address,
the requesting provider.

The legal basis for data processing is our overriding legitimate interest in the ongoing provision and security of our website. The log file is deleted after seven days, unless it is needed to prove or clarify specific legal violations that have become known within the retention period.

b) Hosting

To provide our website, we use the services of SiteGround Hosting Ltd who process the below-mentioned data and all data to be processed in connection with the operation of our website on our behalf.

c) Use of cookies

We use so-called cookies on our website. Cookies are small text files that are stored on your respective device (PC, smartphone, tablet, etc.) and saved by your browser. For further information please refer to our Cookie Policy.

d) Jetpack

On the basis of our legitimate interests we use the Jetpack plugin, which integrates a tool for the statistical evaluation of visitor access and is provided by Automattic. Jetpack uses so-called “cookies”, text files which are stored on your device, and which enable an analysis of your use of the website. The information generated by the cookie about your use of this Website is stored on a server in the USA. User profiles can be created from the processed data, whereby these are only used for analysis and not for advertising purposes.

e) WooCommerce

To provide our web shop, we use the WooCommerce service developed and operated Automattic, Inc.. WooCommerce provides us with their online e-commerce platform through which we can offer our goods for sale to you. Both your inventory data and your usage data are stored on WooCommerce’s servers.

Data processing when using our services

a) Customer account

In order to provide you with the greatest possible convenience when shopping, we offer you the permanent storage of your PII in a password-protected customer account. The creation of the customer account is voluntary and is based on your consent. After setting up a customer account, no new data entry is required. In addition, you can view and change the data stored about you in your customer account at any time. In addition to the data requested when placing an order, you must enter a password of your choice to set up a customer account. This password is used together with your e-mail address to access your customer account. Please treat your personal access data confidentially and in particular do not make them accessible to unauthorized third parties. We cannot accept any liability for misused passwords, unless we are responsible for the misuse. You have the option to delete your customer account at any time. Please note, however, that this does not simultaneously delete the data that can be viewed in the customer account.

b) Order processing

For the conclusion, execution or termination of your orders, we require PII from you. This includes for example: First name, last name, address, E-mail address, Invoice and payment data, telephone number, if applicable.

Order processing includes, among other things, the processing of your payment, the dispatch of electronic order confirmations and invoices as well as reversal of the purchase or supporting customer service.

We store your contact data and payment data for contract processing until the expiry of the statutory or possible contractual warranty and guarantee rights. After expiration of this period, we retain the information of the contractual relationship required by commercial and tax law for the periods determined by law. For this period (regularly ten years from the conclusion of the contract), the data will be processed again solely in the event of an audit by the tax authorities, for economic and tax audit purposes and for the investigation of possible criminal offences.

c) Financial Information

To make a purchase, you may need to provide a valid payment method (e.g., credit card). Your payment information will be collected and processed by our authorized payment vendorsPayPal and Stripe. We do not directly collect or store credit or debit card numbers ourselves in the ordinary course of processing transactions.

d) Contacting us

When contacting us, your details are processed for the purpose of handling the request and its processing and may include your Full Name, E-mail address and other contact details, if provided. Your details may be stored in a customer relationship management system or comparable enquiry system. We delete the enquiries if they are no longer necessary. We review the necessity every two years; furthermore, the legal archiving obligations apply. The legal bases for processing are our legitimate interest and the provision of pre-contractual or contractual measures.

e) Product Reviews

In the context of the review function on this website, in addition to your comment, information on the time of the creation of the comment and the comment name you have chosen will be stored and published on the website. Furthermore, your IP address will be logged and stored. This storage of the IP address is for security reasons and in case the person concerned infringes the rights of third parties by posting a comment or posts illegal content. We need your e-mail address to contact you if a third-party objects to your published content as being illegal. We reserve the right to delete comments if they are objected to by third parties as unlawful.

Transmission of data

We commission other companies and individuals to perform tasks for us. Within the scope of this so-called commissioned processing, our business partners are carefully selected by us and are contractually obligated to us in accordance with the above-mentioned legal provisions to handle your data in a trustworthy manner and to comply with our own data protection standards.

In particular, our partners are not permitted to pass on our customers’ data to third parties for advertising purposes or to use it commercially themselves. Within the scope of so-called processing agreements, we pass on your data to the following recipients in particular, IT service providers, Cooperation partners, Credit institutions, Logistics service providers, postal & courier service providers, Management consultants / auditors / tax consultants. The transfer is primarily for the purpose of providing you with the requested services.

In the case of transfer abroad, the companies commissioned by us have been obligated to comply with data protection by means of corresponding clear contracts. You can obtain information about which categories of customer data have been processed at any time. A data protection agreement based on standard contractual clauses has been concluded with both companies and the companies have been committed to data protection. We regularly check compliance with the agreement on site.

Sending information

We use your data for sending information ordered by you about our offer and other promotions from us to the e-mail address provided by you. If you purchase goods on our website or forget something in your shopping cart or sign up for our newsletter, we may send you information on our own similar goods to your specified e-mail address even without your consent. The legal basis for this data processing is our legitimate interest because advertising related products by way of direct advertising represents a legitimate interest for us as a business and the provider of this website. You may object to the processing of your PII for the purpose of direct advertising at any time without giving reasons by unsubscribing via the unsubscribe link at the end of each e-mail or by contacting us.

Data security - confidentiality

We are aware that data security is an important issue for you when shopping on the Internet. For this reason, we use the so-called SSL technology (Secure Socket Layer) to transfer your PII (address, customer number, order data …) from all areas. Mitsuki thus treats your data according to the highest standards of data protection. Your data is thus protected against unauthorized access.

Data Breaches/Notification

Databases or data sets that include PII may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose PII may have been compromised, and the notice will be accompanied by a description of action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.

Economic Analyses and Market Research

In order to run our business economically, to identify market trends, customer and user wishes, we analyze the data available to us on business transactions, contracts, enquiries, etc. In doing so, we process inventory data, communication data, contract data, payment data, usage data, metadata whereby the persons concerned include customers, interested parties, business partners, visitors, and users of the online offer. The analyses are carried out for the purposes of business management evaluations, marketing, and market research.

In doing so, we may take into account the profiles of registered users with details, for example, of their purchasing transactions. The analyses serve us to increase user-friendliness, to optimize our offer and business efficiency and are not disclosed externally, unless they are anonymous analyses with summarized values.

If these analyses or profiles are personal, they will be deleted or made anonymous upon termination by the user, otherwise after 2 years from conclusion of the contract. In all other respects, the macroeconomic analyses and general trend determinations are prepared anonymously wherever possible.

Advertising and Marketing

Insofar as you have also given us your separate consent to process your data for consulting, marketing and advertising purposes, we are entitled to contact you for these purposes via the communication channels you have given your consent to.

You may give us your consent in a number of ways including by selecting a box on a form where we seek your permission to send you marketing information, or sometimes your consent is implied from your interactions or contractual relationship with us. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving a marketing communication based on your interactions or contractual relationship with us.

Direct Marketing generally takes the form of e-mail but may also include other less traditional or emerging channels. These forms of contact will be managed by us, or by our contracted service providers. Every directly addressed marketing sent or made by us or on our behalf will include a means by which you may unsubscribe or opt out.

Social Media

Based on our legitimate interest, we are present in various “social media” platformsin order to communicate with our customers, interested parties and users registered there and to be able to inform them about our offers there. We would like to point out that you use these platforms and their functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g., commenting, sharing, rating).

Updating your information

If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so within your account or by contacting us. For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can answer the above requests.

Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another user. Also, we may not be able to accommodate certain requests to object to the processing of PII, notably where such requests would not allow us to provide our service to you anymore.

Links to other providers

Our website also contains – clearly recognizable – links to the websites of other companies. Insofar as there are links to websites of other providers, we have no influence on their contents. Therefore, no guarantee or liability can be assumed for these contents. The respective provider or operator of the pages is always responsible for the content of these pages.

The linked pages were checked for possible legal violations and recognizable infringements at the time of linking. Illegal contents were not recognizable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete indications of a legal violation. Such links will be removed immediately if infringements of the law become known.

PII and children

Our services are aimed at people aged 18 and over. We will not knowingly collect, use or disclose PII from minors under the age of 18 without first obtaining consent from a legal guardian through direct offline contact.

Data Breaches/Notification

Controls For Do-Not-Track Features

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (‘DNT’) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy notice.

Do Not Sell

We do not sell data to third parties.However, we might, making available, transfer, communicate electronically, consumer’s personally identifiable information by the business to a business affiliated inclusive with a third party but not for monetary but for other valuable consideration.

Changes

We reserve the right to adapt the privacy policy with effect for the future, in particular in the event of further development of the website, the use of new technologies or changes to the legal basis or the relevant case law.

Who is the data controller?

If you have any questions or comments about our Privacy Policy or wish to exercise your rights under applicable laws, please contact us using the following contact details:

Mitsuki LLC
Sarasota, Florida, USA

Web: www.mitsukishop.com

E-Mail: support@mitsukishop.com

This Privacy Policy was last updated onFriday, August 15, 2025