Valid from: December 2025 – replaces previous versions
The controller for the processing of your personal data is:
Maison De Cocon Möbelhandels UG (haftungsbeschränkt)
Sickingenstraße 52
10553 Berlin
Germany
Email: info@maisondecocon.com
maisondecocon.com is an offering of Maison De Cocon Möbelhandels UG (haftungsbeschränkt).
If you have any questions about data protection, you can contact our data protection officer:
Currently, no data protection officer has been appointed. Please contact the address in Section 1 for data protection questions.
This notice applies to the following offerings:
We take appropriate technical and organizational measures to protect your data from manipulation, loss, destruction, or unauthorized access (Art. 32 GDPR). This includes, among others, access restrictions, authorization concepts, encryption (TLS/SSL with 256 Bit), and regular evaluations.
Our employees are obliged to maintain confidentiality and comply with data protection requirements.
If certain data is marked as mandatory fields during collection, this data is required for the respective purpose. Without this information, contracts may not be concluded or services may not be provided.
Processing based on consent is voluntary; consent can be revoked at any time with effect for the future.
Unless otherwise stated, we transmit data to service providers (e.g., data centers, logistics, payment services, analysis service providers) who process personal data on our behalf (Art. 28 GDPR).
If data is transferred to recipients in countries outside the EU/EEA, this will only occur if there is an adequacy decision by the EU Commission (e.g., United Kingdom, Japan, South Korea, Switzerland or EU-US Data Privacy Framework (DPF) for appropriately certified US recipients), or if there are appropriate safeguards according to Art. 46 GDPR, in particular EU Standard Contractual Clauses (SCCs) including a Transfer Impact Assessment (TIA) and supplementary measures.
We use hosting service providers for infrastructure and platform services. Processing takes place in the EU/EEA or – in the case of third-country relations – in accordance with Section 5.1.
Data will only be transferred to government agencies if there is a legal obligation (Art. 6 para. 1 lit. c GDPR) or for the assertion, exercise, or defense of legal claims (Art. 6 para. 1 lit. f GDPR).
We process personal data only for as long as necessary for the respective purpose. Afterwards, we regularly delete the data, unless legal retention periods (e.g., §§ 238, 257 HGB; § 147 AO) prevent this or you have given us further consent.
Legal basis: Art. 6 para. 1 lit. b GDPR (pre-contractual/contractual communication) or lit. f GDPR (legitimate interest in answering inquiries). Storage typically up to 6 months or according to legal retention obligations.
We process your registration data for setting up and using your account (Art. 6 para. 1 lit. b GDPR). Storage takes place until the account is deleted, unless legal obligations prevent this.
Processing for the handling/fulfillment of orders including shipping, payment processing, invoicing (Art. 6 para. 1 lit. b GDPR). Retention of commercial and tax-relevant documents according to legal periods (typically 6 or 10 years).
Postal advertising based on our legitimate interest (Art. 6 para. 1 lit. f GDPR); objection possible at any time.
Email advertising: with consent (Art. 6 para. 1 lit. a GDPR; double opt-in). Without consent, possibly according to § 7 para. 3 UWG (existing customers, similar products, notice of objection during collection and in every email).
Review requests by email after purchase are advertising; legal basis is therefore consent or § 7 para. 3 UWG.
We use Yotpo Ltd., New York, USA, as a processor (Art. 28 GDPR) to collect and display product reviews. Publication is done with the first name and the initial of the last name; your email address will not be published.
Legal basis: Consent (Art. 6 para. 1 lit. a GDPR) for review requests by email or Art. 6 para. 1 lit. f GDPR for the display of your voluntarily submitted review.
Third country transfers are made according to Section 5.1 (DPF/SCCs). Revocation at any time in the settings or by email to info@maisondecocon.com.
We use cookies and similar technologies (e.g., pixels, local storage). We use technically necessary technologies on the basis of § 25 para. 2 TTDSG and Art. 6 para. 1 lit. f GDPR. All other categories (statistics/convenience/marketing) are only used after your consent (§ 25 para. 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR). You can revoke your consent at any time via the cookie settings.
Google Ireland Limited. Storage/access to end device only with consent (§ 25 TTDSG); processing based on Art. 6 para. 1 lit. a GDPR. Third country transfers to Google LLC (USA) according to Section 5.1.
Meta Platforms Ireland Limited. Use only after consent (§ 25 TTDSG/Art. 6 para. 1 lit. a GDPR). Possible transfers to Meta Platforms, Inc. (USA) according to Section 5.1. Objection/revocation via cookie settings.
Google Ireland Limited. We use GA4 with IP anonymization. The legal basis is your consent (Art. 6 para. 1 lit. a GDPR). Storage period for event data in GA4: e.g., 14 months (configurable). Revocation at any time via the cookie settings. Any transfers to Google LLC (USA) according to Section 5.1.
We currently do not use Salesforce Marketing/Commerce Cloud.
We currently do not use Custobar.
We currently do not use Dynamic Yield.
You can delete or block cookies in your browser. Additionally, you can change your preferences and revoke granted consents at any time in the cookie settings.
In our business premises (outlet store, logistics center), we use visibly marked video surveillance.
Purposes: Protection of persons and property, investigation of criminal offenses, exercise of house rights.
Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest).
Storage period: Generally 48-72 hours, at most until a specific incident is clarified.
Recipients: In individual cases, security services/law enforcement agencies. No audio recording.
You have – if the legal requirements are met – the right to information (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), as well as objection (Art. 21 GDPR).
You can revoke consents at any time with effect for the future.
To exercise your rights, please contact the address in Section 1.
There is also a right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).
You can object to the processing of your data for advertising purposes at any time or revoke granted consents – by email to info@maisondecocon.com or by post to Maison De Cocon Möbelhandels UG (haftungsbeschränkt), Sickingenstraße 52, 10553 Berlin. Emails contain an unsubscribe link.
After an objection/revocation, we will keep your contact details in an internal blocking list (Art. 21 para. 3, Art. 17 para. 3 lit. b, Art. 6 para. 1 lit. c, lit. f GDPR) to ensure that no further advertising is sent.
IT/hosting/data center service providers (commissioned processing)
Logistics/shipping service providers
Payment service providers
Analysis service providers/marketing platforms (only with consent/Section 7)
Authorities/public bodies if legally obliged
We may adapt this notice to comply with changes in legal requirements or technical developments. The current version is available on this page.
Status: December 2025
