Intermediate Archiving denotes the movement of Personal Data presented also for the Data Controller an administrative interest, (as for example in the event of litigation and / or in the event of legal obligation) in a distinct database, logically separated or physically and to which, in any case, access is restricted. This archive is an intermediate step before the deletion of the Personal Data concerned or their anonymization;
CG sign the Conditions General & nbsp ;;
Account designates the Customer's personal account, accessible on the Website through personal identifiers, confidential to the Client that he cannot communicate; a third party, and from which he can place an order;
standard for Data Protection) & nbsp ;;
Data controller : designates the company; referred to in the legal notices accessible here: Legal notices & nbsp ;;
Terminal (aux): sign the hardware equipment (computer, tablet, smartphone, phone, etc.) used by the Customer to consult or view the Website.
3. The legal bases of treatment
3.2. The Client has consented to the processing of their Personal Data for one or more specific purposes.
3.2.1. The Website has required the express consent of the Client in order to carry out specific, explicit processing. when obtaining consent.
3.3. Processing is required the execution of a contract to which the Client is a party or & rsquo; the execution of pre-contractual measures taken the request of it.
3.3.1. In order to use the Website and to benefit from its services, the Customer has accepted; & agrave; minima the CGs. These documents formalize a contractual relationship between the Client and the Data Controller, serving in particular as a legal basis & agrave; the collection and processing of the Customer's Personal Data by the Data Controller.
3.3.2. These Data are necessary for you. the completion of a number of related treatments; the execution of the contractual relationship between the Client and the Data Controller, the purposes of which are detailed in paragraph 4 & ndash; The purposes of the processing.
3.4. Processing is necessary for compliance with a legal obligation. which it is submitted.
3.4.1. The processing of Personal Data may also be necessary for compliance with a legal obligation. to which the Data Controller would be subject, for example, the conservation of logs of access to the Website, in accordance with the Decree n & rsquo; 2011-219 of February 25, 2011 relating to & agrave; conservation and & agrave; the communication of data making it possible to identify any person who has contributed; & agrave; the creation of uploaded content.
3.5. The processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party, & agrave; unless the interests or fundamental rights and freedoms of the Client prevail which require data protection; personal character, especially when the Client is a child.
3.5.1. The Data Controller may have a legitimate interest justifying the processing of the Personal Data of the Client, such as for example the processing of Data that is strictly necessary for this purpose. for fraud prevention purposes.
3.5.2. In this case, the Data Controller ensures that the processing in question is indeed necessary. the realization of its legitimate interest and assessede the consequences of this processing on the Client, in particular taking into account the nature of the Data processed, and the way in which they are processed.
4. The purposes of the processing
The Personal Data of the Customer is necessary to allow him access to the Website, its use and improvement, and to allow to the Data Controller of / d:
- Perform related operations. its commercial relationship with the Client, i.e. concerning invoices, accounting, monitoring of & laquo; customer relationship & raquo; with a Client, such as carrying out satisfaction surveys, handling complaints, using the Website and more generally services, etc. ;
- Personalize your communication for Customers, in particular by electronic mail of information, according to its preferences observed, use of the services and / or the Website;
- Allow tracking of product delivery and placing an order;
- The completion of commercial solicitation operations;
- The development of business statistics, analyzes and marketing tools (including classification, score, etc. .) & nbsp ;;
- Allow access to the Account by the Customer and provide him with all the information appearing therein such as his orders, his address book, the products he has registered;
- Optimizing the Customer's navigation on the Website by memorizing their preferences and the simplification of any subsequent purchases on the Website;
- The management of requests to exercise Specific Rights under the conditions of paragraph 10 & ndash; Exercise of Specific Client Rights;
- After-sales service management;
- The management of unpaid bills and litigation;
- The prevention of a dispute with the Client
- The fight against fraud and money laundering; and
- The respect of its legal obligations, in particular of accounting and fiscal order.
5. Storage of Personal Data
5.1. The Website is hosted. with the company whose contact details are available by clicking here: Contacts
5.2. All precautions have been taken. taken to store Customers' Personal Data in a secure environment and prevent it from being deformed, damaged or accessed by unauthorized third parties. The information transmitted by the care of the Customer will never be transmittedes & agrave; third parties for commercial purposes neither sold nor exchanged.
6. The collection of Personal Data on the Website
6.1. The Data Controller collects, when creating an Account and then when it is completed. as and & agrave; measure, the following Personal Data that the Customer provides or that he communicates spontaneously during his navigation and which are kept for a period of three (3) years , in active base, & agrave; from the Customer's last connection to the Website:
- First name,
- E-mail address,
- Delivery postal address,
- Billing address,
- Phone number
- Name of the company, where applicable,
- The contents saved in the Client's Account,
- Where applicable the reason (s) for the exclusion (all & eacute; elements allowing to show the actions which date less than one month and which justify the exclusion),
- The connection data (date, time, IP address, pages viewed) of the Customer during his navigation on the Website
The Personal Data above is also kept in Interim Archiving for an additional period of two ( 2) years in accordance with the common limitation period.
- Invoices & nbsp ;;
- Related information & agrave; a command;
- Amount of completed transactions and the date and time of these transactions < / li>
The Personal Data above is also kept in Interim Archiving for an additional period of seven ( 7) years, in accordance with the tax and accounting obligations of the Data Controller.
6.2. All Personal Data indicated as such in the Account creation form is essential to benefit from the services of the Data Controller.
6.3. Where applicable, the Data Controller collects, when exercising his Specific Rights by the Client, the copy of the identity document; of the Client indicated & agrave; article 10.2 and keep it for one (1) year in an active base & agrave; from the date of receipt.
7. Recipients or categories of recipients if they exist
Categories of data recipient
Purpose; of the planned transfer
Accommodation service provider
Host the Website
Website development and management service provider
Administration of the & ldquo; back-office & rdquo; of the Website and management of the database containing the Personal Data of Clients
Integrator and IT maintenance
Ensure the remote maintenance of the information system of the Data Controller, including the Website
Publisher of the client management software
Allow to manage relations with Customers
Provider of electronic mail routing
Allow sending of newsletters
Phone flow manager
Allow monitoring of different calls and telephone streams
Consulting service regarding the Website and user experience
Receive advice in digital communication
Electronic document management service provider
Electronic invoice management
Editor of computer tools for economic analysis
Allow sales forecasts
Payment service provider
Allow payments on the Website
Publisher of warehouse logistics management software
Allow connection of computer system with warehouses
Parcel delivery service provider
Allow the shipment of products ordered by Customers
7.1. In the hypothesis where & ugrave; a transfer of Personal Data to a recipient located; in a country that is not located on the territory of the EEA and which has not been the subject of a decision of adequacy of the European Commission, the Data Controller hired. take all the appropriate guarantees to ensure their perfect lawfulness, ensuring that Customers have opposable rights and legal remedies; against the recipient and obtain the prior and specific consent of the Client to said transfer of Personal Data.
7.2. The Data Controller will not obtain the Customer's prior and specific consent to the transfer of his Personal Data if & nbsp;:
- the Data Controller ensures:
- to conclude with the recipient of the Personal Data the standard contractual clauses proposeddrawn up by the European Commission; or
- that the recipient of Personal Data is subject to the principles of privacy shield (for transfers to the United States); or
- to take any clean measurements & agrave; make lawful the transfer of Personal Data outside the territory of the European Union, in accordance with the terms of reference. the Personal Data Regulations.
- or if said transfer is necessary:
- to the respect of obligations allowing to ensure the recognition, the exercise or the defense of a right in court;
- & agrave; the execution of a contract between the Data Controller and the intended recipient; at the Customer's request;
- & agrave; the conclusion or & agrave; the performance of a contract concluded or & rsquo; conclude, in the interest of the data subject, between the Data Controller and the recipient
8. Safety Internet transactions
8.1. In accordance with the T & Cs, the Website uses company technology. STRIPE PAYMENTS EUROPE LTD, to secure Customers' banking transactions.
8.2. Thus, when paying on the Website, the Customer's bank details are transmitted encrypted. the company STRIPE PAYMENTS EUROPE LTD.
8.3. To exercise its rights such as those identified in paragraph 9 & ndash; The Specific Rights, relating to & agrave; his bank card details, the Customer is invited; & agrave; contact directly & agrave; the company STRIPE PAYMENTS EUROPE LTD.
9. Specific Rights
9.1. In accordance with & agrave; the Personal Data Regulations, the Customer may, & agrave; at any time, enjoy the following Specific Rights of / d & rsquo; / & nbsp;:
9.2. Access rights
9.2.1. The Customer has the possibility; to obtain from the Data Controller the confirmation that the Personal Data concerning him are or are not processed and, when they are, the access to said Personal Data as well as the following information:
- a) the purposes of the processing;
- b) the categories of Personal Data;
- c) the recipients or categories of recipients to whom the Personal Data has been; or will be communicated;
- d) where possible, the retention period of the Personal Data envisaged or, when this is not possible, criteria it; res used to determine this duration;
- e) the existence of the right to ask the Data Controllerent the rectification or erasure of Personal Data, or a limitation of the processing of his Personal Data, or the right to object to it; this treatment;
- f) the right to lodge a complaint with the authority; of control in matters of personal data (in France, the CNIL) & nbsp ;;
- g) when Personal Data is not collected from the Client, any information available as to which is available. their source;
- h) the existence of an automated decision-making, including profiling, and, at least in such cases, useful information about the underlying logic, as well as the expected importance and consequences of this processing for the Client;
9.2.2. When Personal Data is transferred to a third country or country. an international organization, the Client has the right to be informed; appropriate guarantees, with regard to this transfer.
9.2.3. The Data Controller provides a copy of the Personal Data being processed.
9.2.4. The Data Controller may require the payment of a reasonable fee based on administrative costs for any additional copy requested by the Client or in the event of a request for the transmission of Personal Data on paper and / or physical.
9.2.5. When the Customer submits his request electronically, the information is provided in an electronic form of common use, & rsquo; unless he asks otherwise.
9.2.6. The Customer's right to obtain a copy of his Personal Data must not infringe the rights and freedoms of others.
9.3. Right of rectification
9.3.1. The Customer has the possibility; to obtain from the Data Controller, as soon as possible, the rectification of Personal Data concerning him which is inaccurate. It also has the possibility; ensure that incomplete Personal Data is completed, including by providing a further statement.
9.4. Rights & agrave; erasure
9.4.1. The Customer has the possibility; to obtain from the Data Controller the erasure, as soon as possible, of Personal Data concerning him when one of the following reasons applies:
- a) Personal Data are no longer necessary for the purposes for which they were used; collected or processed in another way by the Data Controller;
- b) The Customer has withdrawn & oacute; their consent for the processing of their Personal Data and there is no other legal basis for the processing;
- c) The Customer exercises his right of opposition under the conditions recalled below and there is no legitimate and imperative reason; rieux for processing;
- d) Personal Data has been unlawfully processed;
- e) Personal Data must be erased to comply with a legal obligation;
- f) The Personal Data has been; collected from a child.
9.5. Rights & agrave; the limitation
9.5.1. The Customer has the possibility; to obtain from the Data Controller the limitation of the processing of their Personal Data when one of the following reasons applies:
- a) The Data Controller verifies the accuracy of the Personal Data afterwards; the dispute by the Customer of the accuracy of the Personal Data,
- b) The processing is unlawful and the Customer opposes & agrave; the erasure of Personal Data and requires instead the limitation of their use;
- c) The Data Controller no longer needs the Personal Data for the purposes of the processing but these are still necessary for the Client to ascertain , the exercise or defense of legal rights;
- d) The Customer objected; to the processing under the conditions recalled below and the Data Controller verifies whether the legitimate reasons pursued prevail over the alleged reasons.
9.6. Right & agrave; portability; Data
9.6.1. The Customer has the possibility; to receive from the Data Controller the Personal Data concerning him, in a structured format, commonly used; and machine readable when:
- a) The processing of Personal Data is justified; on consent, or on a contract; and
- b) Processing is carried out; & agrave; using automated processes.
9.6.2. When the Customer exercises his right & agrave; portability; he has the right to obtain that the Personal Data is transmitted directly by the Data Controller & agrave; another data controller that he will appoint when technically possible.
9.6.3. The right & agrave; portability; of the Customer's Personal Data must not infringe the rights and freedoms of others.
9.7. Right of opposition
9.7.1. The Customer can object to this. any time, for reasons holding & agrave; its particular situation, & agrave; a processing of Personal Data relating to it; on the legitimate interest of the Data Controller. The latter will then no longer process the Personal Data, & agrave; unless it demonstrates that there are compelling and legitimate grounds for the processing that take precedence over the interests and rights and freedoms of the Customer, or may keep them for the establishment, exercise or defense of legal claims.
9.8. Guidelines post-mortem
9.8.1. The Customer has the possibility; to communicate to the Data Controller directives relating to & agrave; conservation, & agrave; erasure and & agrave; the communication of his Personal Data after his death, which directives can also be registered with from a certified digital trusted third party & raquo ;. These guidelines, or sort of & ldquo; digital will & raquo;, can appoint a person responsible for their execution & nbsp ;; & agrave; default, the heirs of the Client will be designated.
9.8.2. In the absence of any directive, the heirs of the Client may contact the Data Controller in order to / d & rsquo; & nbsp;:
9.8.3. In any case, the Customer has the possibility; to indicate to the Data Controller, & agrave; at any time, that he does not wish, in the event of death, that his Personal Data be communicated to you a third.
10. Exercise of Specific Client Rights
10.1. These Specific Rights may be exercised, at any time, with the Data Controller:
- By email & agrave; the following address:
- By post & agrave; the following address:
79 rue de Miromesnil
10.2. For the purposes of asserting his Specific Rights under the conditions referred to above, the Data Controller may request & agrave; the latter to justify his identity; mentioning their name, first name, e-mail address and accompanying their request with a copy of an identity document. being valid, as well as any information or document of a nature & agrave; allow you to be sure of your identity.
10.3. A response will be sent to the Customer within a period of one (1) maximum month following the date of receipt of the request.
10.4. If necessary, this period can be extended. two (2) months by the Data Controller who will alert the Client, taking into account the complexity; and / or the number of requests.
10.5. In the event of the Customer's request to delete their Personal Data and / or in the event of the exercise of their right to do so. request the erasure of their Personal Data, the Data Controller may however keep them in the form of Intermediate Archiving, and for the necessary duration. satisfy & agrave; its legal obligations, or & agrave; evidentiary purposes during the applicable limitation period.
10.6. The Client may also bring a complaint before the authority; of competent control (In France, the CNIL ).
11. Security the password
11.1. The Data Controller takes all necessary precautions to ensure safe storage of the Client's password to access & agrave; his Account.
11.2. However, the security this password also depends on its design.
11.3. Also, it is recalled to the Client that his password, in order to be valid, must be entered, a < span style = "font-weight: 400;"> minimum 8 characters, at least 3 of the following 4 types: upper case, lower case, numbers, special characters
11.4. Mine technical resources allowcreate complex passwords, such as:
- Keep only the first letters of words in a sentence; for example, the phrase & laquo; A Password is remembered! & raquo ; matches the password 1mdp @ sr!
- By capitalizing if the word is a name (ex: word)
- Keeping punctuation marks (ex: & nbsp ;!)
- When expressing numbers & agrave; using the digits of 0 & agrave; 9 (ex: A - & gt; 1)
12. The cookies placed on the Customer's Terminal following & agrave; browsing the Website
12.1. Cookies are used on the Website.
12.2. A cookie is information placed on the Terminal which is used by the Customer. access the Website.
12.3. Cookies are related to the Customer & rsquo; s navigation on the Website and allow to determine the pages which he consulted, their date and time of consultation.
12.4. At no time do these cookies allow the Data Controller to personally identify the Client.
12.5. The retention period of these cookies in the Customer's Terminal does not exceed thirteen (13) months.
12.6. More specifically, the Personal Data collected from cookies set by the Data Controller or third parties allow:
12.7. Thanks to cookies, the Data Controller collects and processes for the purposes defined above, all or part of the following Data:
- Information related to the Client Terminal:
- Information on its navigation and behavior on the Website:
- Information concerning the Client (name and surname, age or age group, sex , socio-professional category declared and / or presumed, e-mail address etc.) linked to its activity on the Internet and communicated by third parties (advertisers, advertising agencies, etc.).
Cookies necessary for the operation of the store & nbsp ;:
|_ab||Use related to & agrave; access Shopify admin interface.|
|_secure_session_id||Use related to & agrave; browsing in a virtual storefront.|
|Cart||Use related to shopping cart.|
|cart_currency||Use related to passage & agrave; checkout.|
|cart_sig||Use related to passage & agrave; checkout.|
|cart_ts||Use related to passage & agrave; checkout.|
|cart_ver||Use related to shopping cart.|
|checkout||Use related to payment.|
|checkout_token||Use related to passage & agrave; checkout.|
|cookietest||Use related to & agrave; browsing in a virtual storefront.|
|master_device_id||Used in connection with merchant identifiers.|
|previous_checkout_token||Use related to payment.|
|checkout_locale||Use related to passage & agrave; checkout.|
|previous_step||Use related to payment.|
|remember_me||Use related to payment.|
|Secure_customer_sig||Use related to customer identifiers.|
|storefront_digest||Use related to customer identifiers.|
|_shopify_country||Use related to payment.|
|_shopify_m||Used to manage privacy settings customers.|
|_shopify_tm||Used to manage privacy settings customers.|
|_shopify_tw||Used to manage privacy settings customers.|
|_storefront_u||Used to facilitate the setting & agrave; updated accounts receivable information.|
|tracked_start_checkout||Use related to payment.|
|Secret||Use related to customer identifiers.|
Data reports and analyzes
|_landing_page||Tracking landing pages.|
|_orig_referrer||Tracking landing pages.|
|_s||Shopify data analytics.|
|_shopify_d||Shopify data analytics.|
|_shopify_fs||Shopify data analytics.|
|_shopify_s||Shopify data analytics.|
|_shopify_sa_p||Shopify data analytics related to marketing and referrals.|
|_shopify_sa_t||Shopify data analytics related to marketing and referrals.|
|_shopify_y||Shopify data analytics.|
|_y||Shopify data analytics.|
14. Opposition to cookies
14.1. The Customer is informede ;, on his first visit, that he has the faculty; to oppose & agrave; the recording of cookies which are incidental to the functioning of the Website and in particular by configuring your Internet browser to do so or by exercising your choices on this page (see below).
14.2. The Customer browses the Website and information may be recorded, or read, in his Terminal, subject to his choices.
14.3. The Customer will find more help on the dedicated pages of his browser (hereafter the most common browsers):
- Internet Explorer: http://windows.microsoft.com/fr-FR/windows-vista/Block- or-allow-cookies
- Google Chrome: http://support.google.com/chrome/bin/answer. py? hl = en & amp; hlrm = en & amp; answer = 95647
- Safari: https://support.apple.com/kb/PH19214?locale=fr_FR&viewlocale=fr_FR
- Firefox: http://support.mozilla.org/fr/kb/Activer%20et%20dé ; activate% 20les% 20cookies
- Op & eacute; ra: http://help.opera.com/Windows/10.20/en/cookies.html
- Internet Explorer & trade; : http://windows.microsoft.com/fr-fr/internet-explorer/use-tracking-protection#ie=ie-11
- Safari & trade;: http://support.apple.com/kb/PH11952
- Chrome & trade;: https://support.google.com/chrome/answer/114836
- Firefox & trade;: https://support.mozilla.org/fr/kb/comment-activer-option- do-not-track
- Op & eacute; ra & trade; : http: // help.opera.com/Windows/12.10/fr/notrack.html
Data (s) or Personal Data (s) : designate the data to be identified; Customer's personal character, within the meaning of the Personal Data Regulations, collected and processed by the Data Controller in the context of the use of the Website < / p>
Regulations on Personal Data : sign Law n & deg; 78-17 of January 6, 1978 relative & agrave; IT, files and freedoms, in application of the Community Regulation of April 27, 2016 published; in the Official Journal of the European Union on May 4, 2016 on & agrave; the protection of natural persons & agrave; with regard to data processing personal and agrave; the free movement of this data (known as & laquo; RGPD & raquo; for General Regulation;