Last updated: June 2026
Moonli Designs Ltd. (“Moonli Designs”, “we”, “us”) is committed to protecting your personal data. This Privacy Policy explains what data we collect, why we collect it, who we share it with, and what rights you have under EU Regulation 2016/679 (GDPR) and the ePrivacy Directive.
Controller: Moonli Designs Ltd.
Registered address: Hativat Golani 5, Gan Yavne 7080000, Israel
VAT: 515685493
Contact for privacy matters: moonlijewels@gmail.com
Note for EU customers: Moonli Designs Ltd. is incorporated in Israel, a country recognised by the European Commission as providing adequate protection for personal data. Where transfers involve other third countries, appropriate safeguards apply as described in Section 2.
1. Data We Collect and Why
1.1 When you place an order
We collect: name, billing address, shipping address, email address, phone number, and payment details (processed securely by our payment provider — we never see or store your full card number).
Legal basis: Performance of a contract (GDPR Art. 6(1)(b)) — we need this data to process and deliver your order.
Retention: We retain order and invoice records for the period required by applicable tax, accounting, and legal obligations.
1.2 When you create an account
We collect: email address, name, and order history.
Legal basis: Performance of a contract (GDPR Art. 6(1)(b)).
Retention: For as long as your account remains active. If your account remains inactive for an extended period, we may delete it or anonymise associated data. You can request deletion at any time.
1.3 When you contact us
We collect: your name, email address, and the content of your message.
Legal basis: Legitimate interest (GDPR Art. 6(1)(f)) — to respond to your enquiry. Our interest in responding to customer messages is not overridden by your privacy interests.
Retention: 2 years from last contact.
1.4 When you browse our website (cookies)
We use cookies and similar tracking technologies. See Section 4 (Cookies) below for full details.
Legal basis: Your consent (GDPR Art. 6(1)(a)) for non-essential cookies. You can withdraw consent at any time — see Section 4.
2. Who We Share Your Data With
We never sell your personal data. We share it only with the following service providers (“data processors”) who are contractually bound to protect it:
| Recipient | Purpose | Location |
|---|---|---|
| WooCommerce / Automattic | E-commerce platform | USA |
| Payment processors (Stripe / PayPal) | Secure payment processing | USA |
| Shipping / courier partners | Order delivery | Various |
| Meta (Facebook) | Marketing analytics (only with your consent) | USA |
| Marketing analytics (only with your consent) | USA | |
| Website hosting provider | Website hosting and infrastructure | USA |
Where personal data is transferred outside the EEA, we rely on appropriate safeguards such as the EU–US Data Privacy Framework (where applicable) and/or Standard Contractual Clauses approved by the European Commission.
3. Your Rights Under GDPR
If you are based in the EU/EEA, you have the following rights. You can exercise them by contacting us — we will respond within 30 days.
- Right of Access (Art. 15): Request a copy of all personal data we hold about you.
- Right to Rectification (Art. 16): Ask us to correct inaccurate data.
- Right to Erasure / “Right to be Forgotten” (Art. 17): Request deletion of your data, subject to legal retention obligations.
- Right to Data Portability (Art. 20): Receive your data in a machine-readable format (e.g. CSV).
- Right to Object (Art. 21): Object to processing for direct marketing at any time.
- Right to Restriction (Art. 18): Ask us to limit how we use your data in certain circumstances.
- Right to withdraw consent: Where processing is based on consent (e.g. cookies), you can withdraw it at any time without affecting the lawfulness of prior processing.
You also have the right to lodge a complaint with your national data protection authority:
- Czech Republic: Úřad pro ochranu osobních údajů (ÚOOÚ)
- All EU supervisory authorities: edpb.europa.eu
4. Cookies
Cookies are small text files stored on your device. We use the following categories:
Essential cookies (no consent required)
| Cookie name | Provider | Purpose | Duration |
|---|---|---|---|
| woocommerce_cart_hash | Moonli Designs | Stores cart contents | Session |
| woocommerce_items_in_cart | Moonli Designs | Tracks items in cart | Session |
| wp_woocommerce_session_* | Moonli Designs | Maintains your shopping session | 2 days |
| wordpress_logged_in_* | Moonli Designs | Keeps you logged in to your account | Session / 14 days |
| moonli_cookie_consent | Moonli Designs | Stores your cookie consent choice | 365 days |
Marketing cookies (your consent required)
| Cookie name | Provider | Purpose | Duration |
|---|---|---|---|
| _fbp | Meta (Facebook) | Facebook Pixel — tracks visits for ad targeting | 90 days |
| _fbc | Meta (Facebook) | Links ad clicks to conversions | 90 days |
| _pinterest_ct_ua | Pinterest Tag — tracks visits for ad targeting | 1 year | |
| _pin_unauth | Tracks non-logged-in Pinterest users | 1 year |
Marketing cookies are only loaded after you click “Accept All” in our cookie banner. You can change your preference at any time by clicking the “Cookie Settings” link in the website footer, or by clearing your cookies and revisiting the site.
5. Data Security
We use SSL/TLS encryption on all pages. Payment data is handled entirely by PCI-DSS compliant payment processors — we never store card details on our servers. We maintain reasonable technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse or alteration. Access to customer data within our systems is restricted to authorised personnel only.
6. Children’s Privacy
Our website is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.
7. EU General Product Safety Regulation (GPSR)
In accordance with EU Regulation 2023/988 (General Product Safety Regulation), Moonli Designs Ltd. has appointed an EU Responsible Person for all products sold into the European Union:
Manufacturer:
Moonli Designs Ltd.
Hativat Golani 5, Gan Yavne 7080000, Israel
moonlijewels@gmail.com
EU Responsible Person:
Zahavit Zlata Hausmann
IČO: 04717431
Görkeho 29, Brno, Czech Republic
moonlijewels@gmail.com
EU market surveillance authorities may contact the EU Responsible Person directly regarding any product safety matters. Product safety documentation is maintained and available upon request.
8. Changes to This Policy
We may update this Privacy Policy from time to time. The “Last updated” date at the top of this page will reflect any changes. For significant changes we will notify you by email if you have an account with us.
9. Contact
For any privacy-related questions or to exercise your rights:
Email: moonlijewels@gmail.com
Contact form: moonlidesigns.com/contact-us
Post: Moonli Designs Ltd., Hativat Golani 5, Gan Yavne 7080000, Israel