MATISARTY

Help

Privacy policy

This policy explains how MATISARTY processes personal data on matisarty.com for orders, accounts, communications, loyalty, POS sales and cookies.

Last updated: May 5, 2026

Who we are

MATISARTY operates matisarty.com and acts as the data controller where we determine the purposes and means of processing personal data.

This policy applies to the website, online orders, accounts, contact forms, newsletter subscriptions, loyalty features, carts, wishlists and in-store/POS sales when a customer provides a phone number or other contact detail.

Data we process

  • Identity and contact data such as name, phone number, email address and account identifier.
  • Order and delivery data such as purchased products, quantity, price, address, delivery method, order status and return information.
  • Payment-related data such as payment status and transaction references. MATISARTY does not store card details on its own servers.
  • Communication data sent through forms, email, phone or other channels.
  • Account, cart, wishlist and loyalty data such as selected products, points, tiers, discounts and account activity.
  • Technical and cookie data such as IP address, device/browser type, page views, cookie consent and analytics/marketing events when consent is given.

Purposes and legal grounds

  • Receiving, fulfilling, delivering and returning orders - performance of a contract or steps requested by the customer before entering into a contract.
  • Managing accounts, carts, wishlists and loyalty features - providing the requested service.
  • Meeting tax, accounting and legal duties - compliance with legal obligations.
  • Security, fraud prevention, troubleshooting and service improvement - MATISARTY’s legitimate interest, unless overridden by customer rights and freedoms.
  • Sending offers and direct marketing - customer consent, which can be withdrawn at any time.
  • Using analytics and marketing cookies, including Google Analytics and Meta Pixel - prior consent.

Recipients

Data may be shared only to the extent needed for a specific purpose. Recipients may include Shopify and related services, payment providers, delivery partners, authentication and technical infrastructure providers, analytics and advertising platforms after consent, and accounting, legal or IT service providers.

Data may also be disclosed to public authorities, courts or other authorized parties when required by Georgian law or needed to establish or defend legal claims.

International transfers

Some technology providers, including Shopify, Google, Meta or infrastructure providers, may process data outside Georgia. In such cases MATISARTY uses available legal and organizational safeguards required by Georgian law.

Cookies

We use necessary cookies to operate the website and remember cart, authentication, language and cookie choices. These cookies are always active.

Marketing and analytics cookies are activated only after consent. Consent can be changed through the cookie banner or browser settings.

Retention

  • Order and financial records are kept for the period needed to provide the service, handle returns and meet tax, accounting and legal obligations.
  • Account data is kept while the account exists and, after deletion request, only where required by law or legitimate interest.
  • Contact messages are kept for the period needed to resolve the issue and protect legal interests where necessary.
  • Direct marketing consent and opt-out records are kept during marketing activity and for 1 year after it ends.
  • Cookie choices are kept for up to 180 days or until the customer changes them.

Customer rights

Under Georgian law, customers may request information about processing, access their data and receive a copy, request correction, update or completion, request stopping, erasure or destruction of processing, blocking, portability, withdrawal of consent and opt-out from direct marketing.

We respond within the legal timeframe, usually no later than 10 business days. In special cases this may be extended by no more than 10 business days, with notice to the customer.

If a customer believes their rights have been violated, they may contact the Personal Data Protection Service, a court or another competent authority as provided by law.

Security

We use organizational and technical measures to protect data against unauthorized access, loss, alteration or unlawful disclosure. Access is limited to people and partners who need it to provide the relevant service.

Changes

This policy may be updated when website features, partner services or laws change. The updated version will be posted on this page and will apply from publication unless stated otherwise.

Cannot find the answer? Contact us with questions.