Privacy Policy

Last Updated: 10.12.25

This Privacy Policy describes how Map of the Heart Pty Ltd (“Map of the Heart”, “we”, “us”, “our”) collects, uses, discloses and protects your personal information when you visit or make a purchase from mapoftheheart.com (the “Site”). By using the Site, you agree to the practices described in this Policy.

1. Who We Are (Data Controller)

Global Data Controller (including EU/EEA & UK)

Map of the Heart Pty Ltd
ABN 88 107 017 701
34 Kings Lane
Darlinghurst NSW 2010
Australia
Email: info@mapoftheheart.com

EU Establishment & Fulfilment Entity

Map of the Heart SAS
Av. 43–45, de la Grande Armée
75116 Paris
France

Map of the Heart SAS acts as our EU establishment and fulfilment partner, but is not the data controller.

2. Personal Information We Collect

A. Device Information

Purpose: to load the Site correctly, maintain security, prevent fraud and perform analytics.
Source: automatically via cookies, log files, tracking tags and pixels.
Examples: IP address, browser details, time zone, cookie identifiers, pages viewed, interactions.

B. Order & Account Information

Purpose: to process orders, payment, shipping and customer communication.
Source: collected directly from you.
Examples: name, addresses, email, phone, payment details (not stored by us), order history.

C. Customer Support Information

Purpose: to respond to enquiries and manage returns/support.
Source: collected directly from you.

D. Marketing & Communications Data

Purpose: to send marketing messages (where permitted), personalise content and measure engagement.
Source: sign-ups and user interactions.

3. How We Use Personal Information

We use personal information to:

  • Operate and maintain the Site
  • Process and fulfil orders
  • Provide customer support
  • Communicate with you
  • Send marketing (where permitted)
  • Personalise user experiences
  • Analyse Site performance
  • Prevent fraud and enhance security
  • Comply with legal obligations

4. Sharing Personal Information

We share personal information with trusted service providers, such as:

  • Website hosting and e-commerce platforms
  • Payment processors
  • Shipping and fulfilment partners
  • Email and SMS providers
  • Analytics and advertising tools
  • Fraud-prevention services
  • Professional advisers
  • Cloud and IT infrastructure providers

We may also share information where required by law or to protect rights and safety.
We do not sell your personal information.

5. Behavioural Advertising

We use analytics and advertising tools to understand behaviour and deliver relevant ads. You may opt out of targeted advertising at:

6. Lawful Basis (EU/EEA & UK)

We process data under the following lawful bases:

  • Consent
  • Contract performance
  • Legal obligations
  • Legitimate interests (with safeguards)
  • Vital interests / public interest (rare)

You may withdraw consent at any time.

7. International Data Transfers

Your personal information may be processed outside your home country, including Australia, the US and other regions. Where required, we use safeguards such as Standard Contractual Clauses.

8. Retention of Personal Information

We retain personal information only as long as necessary for:

  • Order fulfilment and customer support
  • Legal, tax and accounting requirements
  • Fraud prevention
  • Marketing preferences

Data no longer required is deleted or anonymised.

9. Automated Decision-Making

We do not use fully automated decision-making that significantly affects you. Limited fraud checks may occur.

10. Your Rights

EU/EEA & UK Rights (GDPR / UK GDPR)

You may request:

  • Access
  • Correction
  • Deletion
  • Restriction
  • Objection (including for direct marketing)
  • Portability

Email: info@mapoftheheart.com

U.S. State Privacy Rights (Including California CCPA/CPRA)

Residents of certain U.S. states have additional rights.

A. Categories of Personal Information Collected

  • Identifiers (name, email, address, IP address)
  • Commercial information (purchase history)
  • Internet activity (browsing behaviour)
  • Inferences drawn from data
  • Customer service information

B. Purposes for Collection

As described in Sections 2–4.

C. Disclosure of Personal Information

We disclose information to service providers for operational purposes. We do not sell personal information. We may “share” personal information for targeted advertising.

D. U.S. Consumer Privacy Rights

You may have the right to:

  • Know what personal information we collect
  • Access your personal information
  • Correct inaccurate information
  • Delete personal information
  • Opt out of targeted advertising and “sharing”

E. How to Exercise These Rights

Email us at info@mapoftheheart.com with subject line “U.S. Privacy Request”. We may verify your identity before fulfilling your request.

F. Opt-Out of Targeted Advertising

You may adjust cookie settings or use the opt-out tools listed in Section 5.

11. Cookies & Similar Technologies

We use cookies for Site operation, analytics and advertising. You may manage cookies via your browser or through consent tools (where available).

12. Do Not Track

We do not alter data collection practices when we receive a Do Not Track (DNT) signal.

13. Changes to This Policy

We may update this Privacy Policy periodically. The “Last Updated” date reflects the current version.

14. Contact Us

Map of the Heart Pty Ltd
34 Kings Lane
Darlinghurst NSW 2010
Australia
Email: info@mapoftheheart.com

EU Establishment (Fulfilment Only):
Map of the Heart SAS
Av. 43–45, de la Grande Armée
75116 Paris, France
Email: info@mapoftheheart.com