Privacy policy
Last updated: May 2, 2026
1. Data Controller
This Privacy Policy applies to the website moroboro.com and all services provided by:
Ya Group CommV (trading as MORO BORO) Statiestraat 81/2 2600 Antwerpen, Belgium Company number: BE 1024.848.946 Email: info@moroboro.com
We are responsible for the processing of your personal data as described in this Privacy Policy.
2. What Data We Collect
We collect the following categories of personal data.
a. Information you provide to us:
- First and last name
- Email address
- Phone number
- Shipping and billing address
- Payment information (processed by our payment provider, not stored by us)
- Order history
- Communications with customer service
b. Information collected automatically:
- IP address
- Browser type and language
- Device information
- Pages visited and click behavior
- Referring website
- Cookies and similar technologies
3. Purposes of Processing
We process your personal data for the following purposes:
| Purpose | Legal basis |
|---|---|
| Processing and fulfilling orders | Performance of contract |
| Customer service and communication | Performance of contract |
| Shipping orders | Performance of contract |
| Invoicing and accounting | Legal obligation |
| Fraud prevention and security | Legitimate interest |
| Improving our website and services | Legitimate interest |
| Marketing and newsletters | Consent (opt-in) |
| Analytics and statistics | Consent (cookies) |
| Personalization of offers | Consent |
4. Who We Share Your Data With
We never sell your personal data. We only share it with:
Processors (acting on our behalf):
- Shopify Inc. (Canada/USA): e-commerce platform
- Shopify Payments: payment processing
- Shipping carriers (BPost, DPD, PostNL, etc.): order delivery
- Email providers (Shopify Email, Klaviyo): transactional and marketing emails
- Review platforms (Judge.me): product reviews
- Analytics providers (Google Analytics, Meta): only with your consent
Other recipients (when legally required):
- Government authorities (tax, customs, law enforcement) when legally required
- Accountant for invoicing and bookkeeping
5. International Data Transfers
Some of our processors are located outside the European Economic Area (EEA), such as Shopify (Canada/USA) and Meta (USA). When we transfer your data outside the EEA, we ensure appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions where applicable
- EU-U.S. Data Privacy Framework for U.S.-based processors
6. How Long We Keep Your Data
We retain your personal data only as long as necessary:
| Data type | Retention period |
|---|---|
| Order data | 7 years (legal obligation for accounting) |
| Customer account data | As long as your account is active + 2 years |
| Marketing data | Until you unsubscribe |
| Website analytics | Maximum 26 months |
| Customer service communications | 3 years |
After these periods, your data will be deleted or anonymized.
7. Your Rights Under GDPR
You have the following rights regarding your personal data:
- Right of access: request a copy of your data
- Right to rectification: correct inaccurate data
- Right to erasure: request deletion ("right to be forgotten")
- Right to restriction: limit how we use your data
- Right to data portability: receive your data in a portable format
- Right to object: object to processing based on legitimate interest
- Right to withdraw consent: at any time, without affecting prior processing
- Right not to be subject to automated decision-making
To exercise these rights, contact us at info@moroboro.com. We will respond within 30 days.
8. Cookies and Tracking
Our website uses cookies and similar technologies. You can manage your preferences through our cookie banner.
We use the following types of cookies:
- Essential cookies: required for the website to function
- Analytics cookies: to understand how visitors use our site (with consent)
- Marketing cookies: for personalized advertising (with consent)
9. Data Security
We take appropriate technical and organizational measures to protect your personal data, including:
- SSL/TLS encryption for all data transmission
- Secure servers with access controls
- Regular security audits
- Staff trained in data protection
- Limited access on a need-to-know basis
10. Children's Privacy
Our website is not directed at children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.
11. Changes to This Policy
We may update this Privacy Policy from time to time. The latest version will always be available on our website with the "Last updated" date. Significant changes will be communicated via email or website notice.
12. Complaints
If you have concerns about how we handle your data, please contact us first at info@moroboro.com. You also have the right to lodge a complaint with the Belgian Data Protection Authority:
Gegevensbeschermingsautoriteit (GBA) Drukpersstraat 35 1000 Brussels, Belgium Phone: +32 (0)2 274 48 00 Email: contact@apd-gba.be Website: www.dataprotectionauthority.be
13. Contact
For any questions about this Privacy Policy or your personal data:
Ya Group CommV (MORO BORO) Statiestraat 81/2 2600 Antwerpen, Belgium Email: info@moroboro.com