Privacy Policy

This Privacy Policy explains how Send A Memory d.o.o. (“Send A Memory”, “we”, “us”, or “our”) collects, uses, stores, shares, and protects your personal data when you visit or make a purchase from sendamemory.store.

We respect your privacy and process your personal data in accordance with the General Data Protection Regulation, Regulation (EU) 2016/679 (“GDPR”), the Croatian Act on the Implementation of the General Data Protection Regulation, and other applicable data protection laws.

1. Data Controller

The data controller responsible for your personal data is:

Send A Memory j.d.o.o.
Duvanjska 5
21000 Split
Croatia
OIB: 40601240383
Email: Hello@sendamemory.store
Phone: +385 99 870 2775

For any questions about this Privacy Policy or the processing of your personal data, you can contact us at support@sendamemory.store.

2. Personal Data We Collect

We collect personal data that you provide directly to us, data generated through your use of our website, and data received from service providers involved in order processing, payment, delivery, analytics, and website operation.

2.1 Data you provide when placing an order

When you create or purchase a postcard or related product, we may collect:

  • First and last name
  • Email address
  • Phone number, if provided
  • Billing address
  • Shipping address
  • Recipient name and address
  • Personalized message written for the postcard
  • Uploaded image, photo, artwork, or other visual content
  • Order details and product preferences
  • Any additional information you provide through forms, customer support, or communication with us

2.2 Payment data

Payments are processed through third-party payment providers. We do not store your full card number or full payment credentials on our servers.

Depending on your selected payment method, payment-related data may be processed by providers such as Shopify Payments, PayPal, Stripe, Klarna, Apple Pay, Google Pay, Shop Pay, or other available payment processors.

We may receive limited payment information such as:

  • Payment status
  • Transaction ID
  • Payment method type
  • Last four digits of a card, where made available by the payment provider
  • Fraud prevention or verification status

2.3 Website and technical data

When you visit our website, we may automatically collect:

  • IP address
  • Browser type and version
  • Device type
  • Operating system
  • Referring website
  • Pages viewed
  • Date and time of visit
  • Approximate location based on IP address
  • Cookie identifiers and similar tracking technologies
  • Interaction with our website, products, checkout, and forms

2.4 Customer support data

If you contact us, we may process:

  • Your name
  • Email address
  • Phone number, if provided
  • Order number
  • Message content
  • Attachments or screenshots you send us
  • Communication history with our support team

3. Why We Process Your Personal Data

We process your personal data for the following purposes:

3.1 To process and fulfil your order

We use your data to:

  • Create your personalized postcard or product
  • Print and prepare the product
  • Send digital products, where applicable
  • Ship physical products
  • Provide order confirmations and shipping updates
  • Handle order-related communication
  • Provide customer support

Legal basis: performance of a contract.

3.2 To process payments and prevent fraud

We use payment and technical data to:

  • Process payments
  • Confirm transactions
  • Detect and prevent fraudulent or unauthorized activity
  • Protect our business, customers, and payment providers

Legal basis: performance of a contract, legitimate interest, and legal obligation where applicable.

3.3 To communicate with you

We may use your contact details to:

  • Respond to your inquiries
  • Provide customer support
  • Send order confirmations
  • Send delivery updates
  • Notify you about important changes to your order, account, or our policies

Legal basis: performance of a contract and legitimate interest.

3.4 To comply with legal and tax obligations

We process certain order, invoice, and transaction data to comply with:

  • Accounting obligations
  • Tax regulations
  • Consumer protection laws
  • Legal claims or official requests

Legal basis: legal obligation.

3.5 To improve our website and services

We may use technical and usage data to:

  • Understand how visitors use our website
  • Improve website functionality
  • Fix errors and bugs
  • Improve user experience
  • Measure campaign performance
  • Protect website security

Legal basis: legitimate interest and, where required, consent.

3.6 Marketing communications

We may send you marketing emails only if you have given consent or where otherwise permitted by applicable law.

You can unsubscribe from marketing emails at any time by using the unsubscribe link in our emails or by contacting us at support@sendamemory.store.

Legal basis: consent or legitimate interest, depending on the communication and applicable law.

4. Uploaded Photos, Images, and Personalized Messages

Because our service involves creating personalized postcards, you may upload photos, images, or write personalized messages.

We process this content only for the purpose of creating, printing, fulfilling, and supporting your order.

You are responsible for ensuring that you have the right to upload and use any image, photo, text, name, or personal data that you submit through our website. If the content contains personal data of another person, you must have a valid basis or permission to provide that data to us.

We do not sell uploaded photos, messages, or postcard content. We do not use your uploaded photos or personal messages for advertising, public display, AI training, resale, or unrelated purposes without your explicit permission.

5. Cookies and Similar Technologies

Our website uses cookies and similar technologies to operate properly, remember preferences, process orders, analyze traffic, improve performance, and support marketing where applicable.

Cookies may include:

  • Essential cookies required for website and checkout functionality
  • Preference cookies
  • Analytics cookies
  • Marketing and advertising cookies
  • Security and fraud prevention cookies

Where legally required, we ask for your consent before using non-essential cookies. You can manage cookie preferences through your browser settings or, where available, through the cookie consent tool on our website.

Please note that disabling certain cookies may affect website functionality, including checkout.

6. Who We Share Personal Data With

We share personal data only when necessary for the purposes described in this Privacy Policy.

We may share your data with:

  • Website hosting and e-commerce platform providers
  • Payment processors
  • Shipping and postal service providers
  • Printing and fulfilment partners
  • Email and communication providers
  • Analytics providers
  • Fraud prevention and security providers
  • Accounting, legal, tax, and professional advisors
  • Public authorities, courts, regulators, or law enforcement where legally required

All service providers are expected to process personal data only according to our instructions or their own legal obligations and to protect it appropriately.

7. International Data Transfers

Some of our service providers may process personal data outside the European Economic Area.

Where personal data is transferred outside the EEA, we rely on appropriate safeguards required under GDPR, such as:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses
  • Contractual and technical safeguards
  • Other lawful transfer mechanisms under GDPR

8. How Long We Keep Your Personal Data

We keep personal data only for as long as necessary for the purposes for which it was collected, unless a longer retention period is required by law.

Typical retention periods are:

  • Order and invoice data: kept as required by accounting and tax laws
  • Customer support communication: kept for as long as necessary to resolve the request and protect our legal interests
  • Uploaded photos and postcard content: kept only as long as necessary to produce, deliver, and support the order, unless longer retention is required for legal claims, dispute handling, or customer support
  • Marketing consent data: kept until consent is withdrawn or the data is no longer needed
  • Technical logs and analytics data: kept for a limited period depending on the tool used

When personal data is no longer needed, we delete it, anonymize it, or securely restrict access to it.

9. Your Rights Under GDPR

If you are located in the European Union or otherwise protected by GDPR, you have the following rights:

  • Right of access to your personal data
  • Right to rectification of inaccurate or incomplete data
  • Right to erasure, also known as the “right to be forgotten”
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing based on legitimate interests
  • Right to withdraw consent at any time, where processing is based on consent
  • Right not to be subject to a decision based solely on automated processing, including profiling, where such processing has legal or similarly significant effects

To exercise your rights, contact us at:

support@sendamemory.store

We may need to verify your identity before fulfilling your request.

We will respond to your request within the timeframe required by applicable law.

You also have the right to lodge a complaint with the competent supervisory authority.

In Croatia, the supervisory authority is:

Agencija za zaštitu osobnih podataka — AZOP
Selska cesta 136
10000 Zagreb
Croatia
Website: azop.hr

10. Security of Your Data

We use reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, disclosure, or destruction.

These measures may include:

  • Secure website connection using HTTPS
  • Access restrictions
  • Password and account protection
  • Payment processing through secure third-party providers
  • Limited access to customer and order data
  • Regular review of systems and service providers

However, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, but we take reasonable steps to protect your data.

11. Children’s Privacy

Our website and services are not intended for children under the age of 16.

We do not knowingly collect personal data from children. If you believe that a child has provided us with personal data without appropriate consent, please contact us at support@sendamemory.store, and we will take appropriate steps to delete such data.

12. Third-Party Links

Our website may contain links to third-party websites, platforms, or services.

We are not responsible for the privacy practices, content, or security of third-party websites. We encourage you to read their privacy policies before providing any personal data.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data processing practices.

The updated version will be posted on this page with a new “Last updated” date.

If the changes are significant, we may notify you by email or through a notice on our website, where appropriate.

14. Contact

For questions, requests, or concerns about this Privacy Policy or how we process your personal data, contact us at:

Send A Memory d.o.o.
Duvanjska 5
21000 Split
Croatia
OIB: 52134228576
Email: support@sendamemory.store
Phone: +385 99 870 2775