You have no items in your shopping cart.
Privacy
This privacy policy explains how Magic-Mushrooms-Shop.com ("we", "us", "our") collects, uses, stores and protects your personal data. We are committed to safeguarding your privacy in accordance with the General Data Protection Regulation (GDPR/AVG) and applicable Dutch data protection legislation.
Effective date: March 14, 2026
Last updated: March 14, 2026
1. Data Controller
The data controller responsible for your personal data is:
- Company: MMS
- Registered address: Postbus 1492, 1000 BL Amsterdam, the Netherlands
2. What Personal Data We Collect
We collect and process the following categories of personal data:
2.1 Data you provide to us
- Account & order data: name, email address, phone number, billing address, shipping address.
- Payment data: payment method and transaction references (full payment card details are processed exclusively by our payment service providers and are never stored on our servers).
- Communication data: any information you share when contacting our support team or leaving a product review.
- Newsletter subscription: email address and subscription preferences.
2.2 Data collected automatically
- Technical data: IP address, browser type and version, operating system, device type, referring URL.
- Usage data: pages visited, time spent on pages, click behaviour, and other interaction data collected via cookies and similar technologies (see Section 7).
3. Purposes & Legal Bases
We process your personal data for the purposes and on the legal bases set out below:
| Purpose | Legal basis (GDPR Art. 6) |
|---|---|
| Processing and fulfilling your order (including payment and shipping) | Performance of a contract (Art. 6(1)(b)) |
| Sending order, payment and shipping confirmations | Performance of a contract (Art. 6(1)(b)) |
| Customer support and handling complaints | Performance of a contract (Art. 6(1)(b)) |
| Sending review requests after your order (within 4 weeks) | Legitimate interest (Art. 6(1)(f)) |
| Sending newsletters and promotional communications | Consent (Art. 6(1)(a)) |
| Fraud prevention and security | Legitimate interest (Art. 6(1)(f)) |
| Complying with legal and tax obligations (e.g. bookkeeping) | Legal obligation (Art. 6(1)(c)) |
| Website analytics and improvement | Legitimate interest / Consent (depending on cookie type) |
4. Sharing of Personal Data
We do not sell, rent or trade your personal data. We only share your data with third parties when necessary for the purposes described above:
- Payment service providers – to process your payment securely.
- Shipping and logistics companies – to deliver your order. These companies may use your email address and/or phone number to send you shipment notifications or to coordinate delivery.
- Hosting and IT service providers – to maintain and secure our website and systems.
- Analytics providers – to help us understand how visitors use our website (see Section 7).
All third-party processors are contractually obligated to handle your data in accordance with the GDPR. We do not transfer personal data outside the European Economic Area (EEA) unless adequate safeguards are in place (e.g. EU Standard Contractual Clauses).
5. Data Retention
We retain your personal data only for as long as necessary for the purposes for which it was collected:
- Account data: retained for as long as your account is active. You may request deletion of your account at any time.
- Order and payment records: retained for a minimum of 10 years after the transaction date, as required by Dutch tax legislation (Algemene wet inzake rijksbelastingen).
- Newsletter subscription data: retained until you unsubscribe.
- Technical/analytics data: anonymised or deleted within 26 months.
- Support correspondence: retained for up to 2 years after resolution, unless a longer period is required for legal purposes.
6. Your Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right of access – request a copy of the personal data we hold about you.
- Right to rectification – request correction of inaccurate or incomplete data.
- Right to erasure ("right to be forgotten") – request deletion of your personal data, subject to legal retention obligations.
- Right to restriction of processing – request that we limit the processing of your data in certain circumstances.
- Right to data portability – request your data in a structured, commonly used, machine-readable format.
- Right to object – object to processing based on legitimate interests, including direct marketing.
- Right to withdraw consent – where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us via our Support Center. We will respond to your request within 30 days.
If you believe we have not handled your data correctly, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens): www.autoriteitpersoonsgegevens.nl.
7. Cookies
Our website uses cookies and similar technologies. Cookies are small text files placed on your device that help us provide and improve our services.
7.1 Types of cookies we use
| Category | Purpose | Consent required? |
|---|---|---|
| Strictly necessary | Essential for the website to function (e.g. shopping cart, login session, cookie consent preferences). | No |
| Functional | Remember your preferences such as language and region. | No |
| Analytical / Performance | Help us understand how visitors interact with our website so we can improve it (e.g. Google Analytics). | Yes |
| Marketing / Tracking | Used to show you relevant advertisements and measure campaign effectiveness. | Yes |
7.2 Managing cookies
When you first visit our website, you will be asked to accept or decline non-essential cookies via our cookie banner. You can change your cookie preferences at any time through your browser settings. Please note that disabling certain cookies may affect the functionality of our website.
8. Security
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include SSL/TLS encryption, secure server environments, access controls, and regular security reviews.
9. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to read the privacy policies of any third-party website you visit.
10. Changes to This Privacy Policy
We may update this privacy policy from time to time to reflect changes in our practices or applicable legislation. Any changes will be published on this page with an updated effective date. We recommend reviewing this policy periodically.
11. A Little Extra
You may find cookies in your package too. These are called 'stroopwafels' and are a traditional Dutch treat. Enjoy!
12. Contact
For questions about this privacy policy, your personal data, or to exercise your rights, please reach out to us:
- Support Center: support.magic-mushrooms-shop.com
Team Magic-Mushrooms-Shop.com
