Privacy Policy

Last updated: October 2025

The protection of your personal data is an integral part of the values of the SMCP Group (brand Maje). By using our website (the “Site”), you acknowledge that you have read this Privacy Policy (“Privacy Policy”), which governs the use and protection of your personal data collected when using our Site, that is, any information directly or indirectly identifying you (“Data” or “Personal Data”), such as your name, surname, postal address, and email address.

1. Who are the Data Controller and the Data Protection Officer (DPO)?
2. What Personal Data do we collect?
3. Why do we use your Personal Data?
4. What rights do you have regarding your Personal Data?
5. Who are the recipients of your Personal Data?
6. Transfer of your Personal Data outside the European Union
7. Security and confidentiality of your Personal Data
8. How long is your Personal Data retained?
9. Miscellaneous

1. Who are the Data Controller and the Data Protection Officer (DPO)?

In the context of protecting your Data, the regulation defines two key roles:

- The Data Controller, who determines the purposes of collecting your Data. This is the company Maje, whose registered office is located at 2 rue de Marengo, 75001 Paris, registered with the Paris Trade and Companies Register under number 382 544 310 (“Maje”, “we”), which can be contacted by email via the contact form (reason: “Personal Data”) on the Site’s contact page.

- The Data Protection Officer (“DPO”), who is responsible for ensuring that the data processing activities carried out by the Controller comply with data protection regulations. Maje’s DPO can be contacted for any questions regarding your Personal Data at: dpo@smcp.com, or by post at: DPO, Maje, 49 rue Etienne Marcel, 75001 Paris.

2. What Personal Data do we collect?

Your Personal Data is collected, for example, when you fill in dedicated forms on the Site, when you create a customer account, when you purchase or resell a second-hand product on the Site, when you contact our customer service, and more generally when you browse our Site.

The Personal Data collected includes:

- Information collected when creating your account on the Site, such as your name, surname, email address, password, contact preferences regarding newsletter subscriptions, and your telephone number.

- Information necessary to manage and monitor your purchases and/or resales, such as your payment card data for the transaction, your purchase/resale history (e.g. purchase amount, references of products resold and/or purchased), and your written or telephone exchanges with our customer service.

- Information collected during your browsing on the Site, such as your browsing history (e.g. date, time of connection and/or browsing, pages visited), device and browser type, location, browser language, internet service provider, and IP address.

3. Why do we use your Personal Data?

We use your Personal Data for several reasons. Our main objective is, of course, to ensure your satisfaction as a customer. We therefore collect most of your Data in connection with your purchases or resales, in particular to deliver your second-hand products and to manage our customer relationship.

We may also collect your Data when you give us your consent for purposes aimed at optimising your experience with our brand. Finally, some Data are collected on the basis of our legitimate interest (for example, to provide access to and use of our Site).

Examples of processing purposes and their legal basis include:

- Purchase-related processing:
  • Ensuring the delivery of purchased products
  • Managing customer relations and potential complaints
  • Managing requests related to your data protection rights

- Resale-related processing:
  • Issuing transport documentation for your parcel
  • Managing customer relations and potential complaints
  • Managing requests related to your data protection rights

- Based on your consent:
  • Receiving our newsletter and personalised offers

- Based on our legitimate interests:
  • Providing access to and use of the Site
  • Analysing and improving service quality and performance
  • Monitoring Site use to enhance user experience
  • Protecting our rights and preventing fraud
  • Producing statistics, segmentations, and studies to better understand our customers
  • Sharing data within the SMCP Group for customer knowledge purposes

4. What rights do you have regarding your Personal Data?

In accordance with applicable data protection regulations, you have the following rights:

• Right of access: to obtain confirmation of whether we process your Data and access to it.
• Right of rectification: to request correction of inaccurate or incomplete Data.
• Right of erasure: to request deletion of your Data (subject to the conditions described in section 8 below).
• Right to object: to object to receiving communications from us via online forms, email unsubscribe links, or replying STOP by SMS.
• Right to data portability: to receive your Data in a structured, commonly used format, where applicable.
• Right to information: to obtain information on how we process your Data.

To exercise your rights, you may use the contact form (“Personal Data” category) on the Site’s contact page or email us at dpo@smcp.com. We may request proof of identity if we have reasonable doubts about your identity. We are committed to responding as promptly as possible to your requests.

If you no longer wish to receive our newsletters, you can click the unsubscribe link at the bottom of our emails. You may also register with the French Bloctel telephone opt-out list, in which case we will not contact you using those numbers.


5. Who are the recipients of your Personal Data?

Your Data is primarily used by our internal teams but may also be shared with selected external recipients, chosen for their expertise in data security and confidentiality. We enter into agreements with these partners to ensure a high level of protection. They may include our resale service provider, website performance and analytics providers, payment and logistics partners (storage, preparation, delivery), customer service providers, and marketing or commercial research agencies.

Your Data may also be shared with third parties (1) with your prior consent, for purposes consistent with those for which the Data was collected, (2) when required by law, court order, or upon legitimate request from a public authority, or (3) in the event of a merger, acquisition, or sale of assets.

6. Transfer of your Personal Data outside the European Union

If your Personal Data is transferred to a country outside the European Union, we will take all necessary technical and organisational measures to ensure an adequate level of protection, as if the Data remained within the EU. We require that recipients implement measures ensuring the same level of protection as required by EU data protection law, for example through the European Commission’s Standard Contractual Clauses or Binding Corporate Rules (BCRs).

7. Security and confidentiality of your Personal Data

We implement technical and organisational measures to ensure the security, integrity, authenticity, and confidentiality of your Personal Data. We ensure that our partners maintain an equivalent level of protection and that your transactions are secured through appropriate fraud prevention measures.

8. How long is your Personal Data retained?

We retain your Personal Data only for as long as necessary to fulfil the purposes for which it was collected. Specifically:

• Your Personal Data (excluding bank details managed by our payment providers) is retained for 3 years from the date of your last interaction with us (e.g. last purchase, last contact with customer service, or last newsletter opening).
• Connection logs collected via cookies or other trackers, if you consent, are retained for up to 13 months. For more details, refer to our “Cookies Policy”.

Your bank details are held by our payment partners. During your order, you will enter your payment details in secure fields managed by them.

Once deleted from our systems, some Data may be archived with restricted access to meet legal, accounting, or tax obligations, or to manage potential claims, within applicable limitation periods. Afterwards, Data will be irreversibly anonymised.

9. Miscellaneous

Should the way we process your Data change, we will update this Privacy Policy and inform you accordingly. If you have any complaints regarding the protection of your Personal Data, you may also contact the French supervisory authority, the Commission Nationale de l’Informatique et des Libertés (CNIL), via https://www.cnil.fr/.