EN

Privacy charter

1. Foreword

1.1. This Privacy Policy is an integral part of the General conditions , so that the definitions used in these; res are re-used in this Privacy Policy.

1.2. The purpose of this Privacy Policy is to inform Customers about the way in which their Personal Data is collected from the Website, how it is processed by the Data Controller and lastly, the rights enjoyed by the Customers regarding these treatments as they are defined below.

2. Finishes

2.1. The following terms, whether used in the singular or in the plural in this Privacy Policy, will have the following definition:

Intermediate Archiving denotes the movement of Personal Data presented also for the Data Controller an administrative interest, (as for example in the event of litigation and / or in the event of legal obligation) in a distinct database, logically separated or physically and to which, in any case, access is restricted. This archive is an intermediate step before the deletion of the Personal Data concerned or their anonymization;

CG sign the Conditions General & nbsp ;;

Privacy Policy: signifies this privacy policy and protection of the Personal Data of Customers implemented by the Data Controller;

Client designates the natural person, at least 15 years old, sailing on the Website and for which the processing of its Personal Data by the Data Controller is governed by the Privacy Policy. As such, the Customer guarantees, in the hypothesis where & ugrave; it would be & acirc; g & eacute; under the age of 15, have obtained the consent of the holder of the authority; parental & agrave; pay attention to the processing of their Personal Data defined in the Privacy Policy;

Account designates the Customer's personal account, accessible on the Website through personal identifiers, confidential to the Client that he cannot communicate; a third party, and from which he can place an order;

standard for Data Protection) & nbsp ;;

 

Data controller : designates the company; referred to in the legal notices accessible here: Legal notices & nbsp ;;

Website Designates the website on which is hosted; the present Privacy Policy

Terminal (aux): sign the hardware equipment (computer, tablet, smartphone, phone, etc.) used by the Customer to consult or view the Website.

3. The legal bases of treatment

3.1. In accordance with & agrave; the Regulations on Personal Data, the processing operations described in this Privacy Policy are supported by a specific legal basis.

3.2. The Client has consented to the processing of their Personal Data for one or more specific purposes.

3.2.1. The Website has required the express consent of the Client in order to carry out specific, explicit processing. when obtaining consent.

3.3. Processing is required the execution of a contract to which the Client is a party or & rsquo; the execution of pre-contractual measures taken the request of it.

3.3.1. In order to use the Website and to benefit from its services, the Customer has accepted; & agrave; minima the CGs. These documents formalize a contractual relationship between the Client and the Data Controller, serving in particular as a legal basis & agrave; the collection and processing of the Customer's Personal Data by the Data Controller.

3.3.2. These Data are necessary for you. the completion of a number of related treatments; the execution of the contractual relationship between the Client and the Data Controller, the purposes of which are detailed in paragraph 4 & ndash; The purposes of the processing.

3.4. Processing is necessary for compliance with a legal obligation. which it is submitted.

3.4.1. The processing of Personal Data may also be necessary for compliance with a legal obligation. to which the Data Controller would be subject, for example, the conservation of logs of access to the Website, in accordance with the Decree n & rsquo; 2011-219 of February 25, 2011 relating to & agrave; conservation and & agrave; the communication of data making it possible to identify any person who has contributed; & agrave; the creation of uploaded content.

3.5. The processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party, & agrave; unless the interests or fundamental rights and freedoms of the Client prevail which require data protection; personal character, especially when the Client is a child.

3.5.1. The Data Controller may have a legitimate interest justifying the processing of the Personal Data of the Client, such as for example the processing of Data that is strictly necessary for this purpose. for fraud prevention purposes.

3.5.2. In this case, the Data Controller ensures that the processing in question is indeed necessary. the realization of its legitimate interest and assessede the consequences of this processing on the Client, in particular taking into account the nature of the Data processed, and the way in which they are processed.

3.5.3. The Data Controller ensures that he does not misunderstand the interests or the fundamental rights and freedoms by allowing the Client, & rsquo; at any time, to oppose, & agrave; all or part of the processing described in this Privacy Policy, such as implementing its Specific Rights, under the conditions of paragraph 10 & ndash; Exercise of Specific Client Rights.

4. The purposes of the processing

The Personal Data of the Customer is necessary to allow him access to the Website, its use and improvement, and to allow to the Data Controller of / d:

  • Perform related operations. its commercial relationship with the Client, i.e. concerning invoices, accounting, monitoring of & laquo; customer relationship & raquo; with a Client, such as carrying out satisfaction surveys, handling complaints, using the Website and more generally services, etc. ;
  • Personalize your communication for Customers, in particular by electronic mail of information, according to its preferences observed, use of the services and / or the Website;
  • Allow tracking of product delivery and placing an order;
  • The completion of commercial solicitation operations;
  • The development of business statistics, analyzes and marketing tools (including classification, score, etc. .) & nbsp ;;
  • Allow access to the Account by the Customer and provide him with all the information appearing therein such as his orders, his address book, the products he has registered;
  • Optimizing the Customer's navigation on the Website by memorizing their preferences and the simplification of any subsequent purchases on the Website;
  • The management of requests to exercise Specific Rights under the conditions of paragraph 10 & ndash; Exercise of Specific Client Rights;
  • After-sales service management;
  • The management of unpaid bills and litigation;
  • The prevention of a dispute with the Client
  • The fight against fraud and money laundering; and
  • The respect of its legal obligations, in particular of accounting and fiscal order.

5. Storage of Personal Data

5.1. The Website is hosted. with the company whose contact details are available by clicking here: Contacts

5.2. All precautions have been taken. taken to store Customers' Personal Data in a secure environment and prevent it from being deformed, damaged or accessed by unauthorized third parties. The information transmitted by the care of the Customer will never be transmittedes & agrave; third parties for commercial purposes neither sold nor exchanged.


6. The collection of Personal Data on the Website

6.1. The Data Controller collects, when creating an Account and then when it is completed. as and & agrave; measure, the following Personal Data that the Customer provides or that he communicates spontaneously during his navigation and which are kept for a period of three (3) years , in active base, & agrave; from the Customer's last connection to the Website:

  • Name,
  • First name,
  • E-mail address,
  • Delivery postal address,
  • Billing address,
  • Phone number
  • Name of the company, where applicable,
  • The contents saved in the Client's Account,
  • Where applicable the reason (s) for the exclusion (all & eacute; elements allowing to show the actions which date less than one month and which justify the exclusion),
  • The connection data (date, time, IP address, pages viewed) of the Customer during his navigation on the Website

The Personal Data above is also kept in Interim Archiving for an additional period of two ( 2) years in accordance with the common limitation period.

  • Invoices & nbsp ;;
  • Related information & agrave; a command;
  • Amount of completed transactions and the date and time of these transactions < / li>

The Personal Data above is also kept in Interim Archiving for an additional period of seven ( 7) years, in accordance with the tax and accounting obligations of the Data Controller.

6.2. All Personal Data indicated as such in the Account creation form is essential to benefit from the services of the Data Controller.

6.3. Where applicable, the Data Controller collects, when exercising his Specific Rights by the Client, the copy of the identity document; of the Client indicated & agrave; article 10.2 and keep it for one (1) year in an active base & agrave; from the date of receipt.


7. Recipients or categories of recipients if they exist

Categories of data recipient

Purpose; of the planned transfer

Accommodation service provider

Host the Website

& nbsp;

Website development and management service provider

& nbsp;

Administration of the & ldquo; back-office & rdquo; of the Website and management of the database containing the Personal Data of Clients

& nbsp;

Integrator and IT maintenance

Ensure the remote maintenance of the information system of the Data Controller, including the Website

& nbsp;

Publisher of the client management software

Allow to manage relations with Customers

& nbsp;

Provider of electronic mail routing

& nbsp;

Allow sending of newsletters

Phone flow manager

Allow monitoring of different calls and telephone streams

& nbsp;

Consulting service regarding the Website and user experience

& nbsp;

Receive advice in digital communication

Electronic document management service provider

& nbsp;

Electronic invoice management

Editor of computer tools for economic analysis

& nbsp;

Allow sales forecasts

Payment service provider

& nbsp;

Allow payments on the Website

Publisher of warehouse logistics management software

& nbsp;

Allow connection of computer system with warehouses

Parcel delivery service provider

Allow the shipment of products ordered by Customers

& nbsp;

 

7.1. In the hypothesis where & ugrave; a transfer of Personal Data to a recipient located; in a country that is not located on the territory of the EEA and which has not been the subject of a decision of adequacy of the European Commission, the Data Controller hired. take all the appropriate guarantees to ensure their perfect lawfulness, ensuring that Customers have opposable rights and legal remedies; against the recipient and obtain the prior and specific consent of the Client to said transfer of Personal Data.

7.2. The Data Controller will not obtain the Customer's prior and specific consent to the transfer of his Personal Data if & nbsp;:

- the Data Controller ensures:

  • to conclude with the recipient of the Personal Data the standard contractual clauses proposeddrawn up by the European Commission; or
  • that the recipient of Personal Data is subject to the principles of privacy shield (for transfers to the United States); or
  • to take any clean measurements & agrave; make lawful the transfer of Personal Data outside the territory of the European Union, in accordance with the terms of reference. the Personal Data Regulations.

- or if said transfer is necessary: ​​

  • to the respect of obligations allowing to ensure the recognition, the exercise or the defense of a right in court;
  • & agrave; the execution of a contract between the Data Controller and the intended recipient; at the Customer's request;
  • & agrave; the conclusion or & agrave; the performance of a contract concluded or & rsquo; conclude, in the interest of the data subject, between the Data Controller and the recipient


8. Safety Internet transactions

8.1. In accordance with the T & Cs, the Website uses company technology. STRIPE PAYMENTS EUROPE LTD, to secure Customers' banking transactions.

8.2. Thus, when paying on the Website, the Customer's bank details are transmitted encrypted. the company STRIPE PAYMENTS EUROPE LTD.

8.3. To exercise its rights such as those identified in paragraph 9 & ndash; The Specific Rights, relating to & agrave; his bank card details, the Customer is invited; & agrave; contact directly & agrave; the company STRIPE PAYMENTS EUROPE LTD.


9. Specific Rights

9.1. In accordance with & agrave; the Personal Data Regulations, the Customer may, & agrave; at any time, enjoy the following Specific Rights of / d & rsquo; / & nbsp;:

- acc & egrave; s,
- correction,
- erasure,
- limitation of a treatment,
- portability,
- opposition,
- postmortem directives,

9.2. Access rights

9.2.1. The Customer has the possibility; to obtain from the Data Controller the confirmation that the Personal Data concerning him are or are not processed and, when they are, the access to said Personal Data as well as the following information:

  1. a) the purposes of the processing;
  2. b) the categories of Personal Data;
  3. c) the recipients or categories of recipients to whom the Personal Data has been; or will be communicated;
  4. d) where possible, the retention period of the Personal Data envisaged or, when this is not possible, criteria it; res used to determine this duration;
  5. e) the existence of the right to ask the Data Controllerent the rectification or erasure of Personal Data, or a limitation of the processing of his Personal Data, or the right to object to it; this treatment;
  6. f) the right to lodge a complaint with the authority; of control in matters of personal data (in France, the CNIL) & nbsp ;;
  7. g) when Personal Data is not collected from the Client, any information available as to which is available. their source;
  8. h) the existence of an automated decision-making, including profiling, and, at least in such cases, useful information about the underlying logic, as well as the expected importance and consequences of this processing for the Client;

9.2.2. When Personal Data is transferred to a third country or country. an international organization, the Client has the right to be informed; appropriate guarantees, with regard to this transfer.

9.2.3. The Data Controller provides a copy of the Personal Data being processed.

9.2.4. The Data Controller may require the payment of a reasonable fee based on administrative costs for any additional copy requested by the Client or in the event of a request for the transmission of Personal Data on paper and / or physical.

9.2.5. When the Customer submits his request electronically, the information is provided in an electronic form of common use, & rsquo; unless he asks otherwise.

9.2.6. The Customer's right to obtain a copy of his Personal Data must not infringe the rights and freedoms of others.

9.3. Right of rectification

9.3.1. The Customer has the possibility; to obtain from the Data Controller, as soon as possible, the rectification of Personal Data concerning him which is inaccurate. It also has the possibility; ensure that incomplete Personal Data is completed, including by providing a further statement.

9.4. Rights & agrave; erasure

9.4.1. The Customer has the possibility; to obtain from the Data Controller the erasure, as soon as possible, of Personal Data concerning him when one of the following reasons applies:

  1. a) Personal Data are no longer necessary for the purposes for which they were used; collected or processed in another way by the Data Controller;
  2. b) The Customer has withdrawn & oacute; their consent for the processing of their Personal Data and there is no other legal basis for the processing;
  3. c) The Customer exercises his right of opposition under the conditions recalled below and there is no legitimate and imperative reason; rieux for processing;
  4. d) Personal Data has been unlawfully processed;
  5. e) Personal Data must be erased to comply with a legal obligation;
  6. f) The Personal Data has been; collected from a child.

9.5. Rights & agrave; the limitation

9.5.1. The Customer has the possibility; to obtain from the Data Controller the limitation of the processing of their Personal Data when one of the following reasons applies:

  1. a) The Data Controller verifies the accuracy of the Personal Data afterwards; the dispute by the Customer of the accuracy of the Personal Data,
  2. b) The processing is unlawful and the Customer opposes & agrave; the erasure of Personal Data and requires instead the limitation of their use;
  3. c) The Data Controller no longer needs the Personal Data for the purposes of the processing but these are still necessary for the Client to ascertain , the exercise or defense of legal rights;
  4. d) The Customer objected; to the processing under the conditions recalled below and the Data Controller verifies whether the legitimate reasons pursued prevail over the alleged reasons.

9.6. Right & agrave; portability; Data

9.6.1. The Customer has the possibility; to receive from the Data Controller the Personal Data concerning him, in a structured format, commonly used; and machine readable when:

  1. a) The processing of Personal Data is justified; on consent, or on a contract; and
  2. b) Processing is carried out; & agrave; using automated processes.

9.6.2. When the Customer exercises his right & agrave; portability; he has the right to obtain that the Personal Data is transmitted directly by the Data Controller & agrave; another data controller that he will appoint when technically possible.

9.6.3. The right & agrave; portability; of the Customer's Personal Data must not infringe the rights and freedoms of others.

9.7. Right of opposition

9.7.1. The Customer can object to this. any time, for reasons holding & agrave; its particular situation, & agrave; a processing of Personal Data relating to it; on the legitimate interest of the Data Controller. The latter will then no longer process the Personal Data, & agrave; unless it demonstrates that there are compelling and legitimate grounds for the processing that take precedence over the interests and rights and freedoms of the Customer, or may keep them for the establishment, exercise or defense of legal claims.

9.8. Guidelines post-mortem

9.8.1. The Customer has the possibility; to communicate to the Data Controller directives relating to & agrave; conservation, & agrave; erasure and & agrave; the communication of his Personal Data after his death, which directives can also be registered with from a certified digital trusted third party & raquo ;. These guidelines, or sort of & ldquo; digital will & raquo;, can appoint a person responsible for their execution & nbsp ;; & agrave; default, the heirs of the Client will be designated.

9.8.2. In the absence of any directive, the heirs of the Client may contact the Data Controller in order to / d & rsquo; & nbsp;:

- access to Personal Data processing allowing & ldquo; < span style = "font-weight: 400;"> the organization and settlement of the succession of the deceased & raquo; & nbsp ;;
- receive communication from & laquo; & nbsp; digital goods & raquo; or & ldquo; related data family memories, transmitted to heirs ;
- do proceed; the closure of the Client's Account on the Website and oppose & agrave; the continued processing of his Personal Data.

9.8.3. In any case, the Customer has the possibility; to indicate to the Data Controller, & agrave; at any time, that he does not wish, in the event of death, that his Personal Data be communicated to you a third.


10. Exercise of Specific Client Rights

10.1. These Specific Rights may be exercised, at any time, with the Data Controller:

- By email & agrave; the following address:

hello@lecouventparfums.com

- By post & agrave; the following address:

THE CONVENT
Consumer Service
79 rue de Miromesnil
75008 Paris

10.2. For the purposes of asserting his Specific Rights under the conditions referred to above, the Data Controller may request & agrave; the latter to justify his identity; mentioning their name, first name, e-mail address and accompanying their request with a copy of an identity document. being valid, as well as any information or document of a nature & agrave; allow you to be sure of your identity.

10.3. A response will be sent to the Customer within a period of one (1) maximum month following the date of receipt of the request.

10.4. If necessary, this period can be extended. two (2) months by the Data Controller who will alert the Client, taking into account the complexity; and / or the number of requests.

10.5. In the event of the Customer's request to delete their Personal Data and / or in the event of the exercise of their right to do so. request the erasure of their Personal Data, the Data Controller may however keep them in the form of Intermediate Archiving, and for the necessary duration. satisfy & agrave; its legal obligations, or & agrave; evidentiary purposes during the applicable limitation period.

10.6. The Client may also bring a complaint before the authority; of competent control (In France, the CNIL ).


11. Security the password

11.1. The Data Controller takes all necessary precautions to ensure safe storage of the Client's password to access & agrave; his Account.

11.2. However, the security this password also depends on its design.

11.3. Also, it is recalled to the Client that his password, in order to be valid, must be entered, a < span style = "font-weight: 400;"> minimum 8 characters, at least 3 of the following 4 types: upper case, lower case, numbers, special characters

11.4. Mine technical resources allowcreate complex passwords, such as:

  • Keep only the first letters of words in a sentence; for example, the phrase & laquo; A Password is remembered! & raquo ; matches the password 1mdp @ sr!
  • By capitalizing if the word is a name (ex: word)
  • Keeping punctuation marks (ex: & nbsp ;!)
  • When expressing numbers & agrave; using the digits of 0 & agrave; 9 (ex: A - & gt; 1)


12. The cookies placed on the Customer's Terminal following & agrave; browsing the Website

12.1. Cookies are used on the Website.

12.2. A cookie is information placed on the Terminal which is used by the Customer. access the Website.

12.3. Cookies are related to the Customer & rsquo; s navigation on the Website and allow to determine the pages which he consulted, their date and time of consultation.

12.4. At no time do these cookies allow the Data Controller to personally identify the Client.

12.5. The retention period of these cookies in the Customer's Terminal does not exceed thirteen (13) months.

12.6. More specifically, the Personal Data collected from cookies set by the Data Controller or third parties allow:

- to establish statistics and volumes of frequentation and use of the Website allowing to improve the interest and ergonomics of the services;
- adapt the presentation of the Website to the display preferences of the Terminal Customer (language used, display resolution, operating system used, etc.) & nbsp ;;
- to store information about & agrave; a completed form by The Customer on the Website (registration or access to your Account);
- to implement security measures, for example when requested ; the Customer to connect & agrave; new to the Website after a certain period of time;
- to ensure the follow-up of the commercial relationship with the Client.

12.7. Thanks to cookies, the Data Controller collects and processes for the purposes defined above, all or part of the following Data:

  • Information related to the Client Terminal:
- Its ISP Internet (Orange, SFR, Bouygues, Free, etc.) & nbsp ;;
- Its advertising id; related to the operating system of its Terminal;
- The IP address of its Terminal;
- The geolocation data of its Terminal;
  • Information on its navigation and behavior on the Website:
- Statistics on the consultation of the various pages of the Website, the duration of the session;
- The complete URL path to, via and from the Website;
  • Information concerning the Client (name and surname, age or age group, sex , socio-professional category declared and / or presumed, e-mail address etc.) linked to its activity on the Internet and communicated by third parties (advertisers, advertising agencies, etc.).


13.Cookies

Cookies necessary for the operation of the store & nbsp ;:

Name Function
_ab Use related to & agrave; access Shopify admin interface.
_secure_session_id Use related to & agrave; browsing in a virtual storefront.
Cart Use related to shopping cart.
cart_currency Use related to passage & agrave; checkout.
cart_sig Use related to passage & agrave; checkout.
cart_ts Use related to passage & agrave; checkout.
cart_ver Use related to shopping cart.
checkout Use related to payment.
checkout_token Use related to passage & agrave; checkout.
cookietest Use related to & agrave; browsing in a virtual storefront.
master_device_id Used in connection with merchant identifiers.
previous_checkout_token Use related to payment.
checkout_locale Use related to passage & agrave; checkout.
previous_step Use related to payment.
remember_me Use related to payment.
Secure_customer_sig Use related to customer identifiers.
storefront_digest Use related to customer identifiers.
_shopify_country Use related to payment.
_shopify_m Used to manage privacy settings customers.
_shopify_tm Used to manage privacy settings customers.
_shopify_tw Used to manage privacy settings customers.
_storefront_u Used to facilitate the setting & agrave; updated accounts receivable information.
_tracking_consent Tracking preferences.
tracked_start_checkout Use related to payment.
Secret Use related to customer identifiers.

Data reports and analyzes

Name Function
_landing_page Tracking landing pages.
_orig_referrer Tracking landing pages.
_s Shopify data analytics.
_shopify_d Shopify data analytics.
_shopify_fs Shopify data analytics.
_shopify_s Shopify data analytics.
_shopify_sa_p Shopify data analytics related to marketing and referrals.
_shopify_sa_t Shopify data analytics related to marketing and referrals.
_shopify_y Shopify data analytics.
_y Shopify data analytics.

& nbsp;

& nbsp;

& nbsp;

14. Opposition to cookies

14.1. The Customer is informede ;, on his first visit, that he has the faculty; to oppose & agrave; the recording of cookies which are incidental to the functioning of the Website and in particular by configuring your Internet browser to do so or by exercising your choices on this page (see below).

14.2. The Customer browses the Website and information may be recorded, or read, in his Terminal, subject to his choices.

14.3. The Customer will find more help on the dedicated pages of his browser (hereafter the most common browsers):

14.4. The Customer can also configure his browser so that it sends a code indicating to websites that he does not wish to be tracked (& ldquo; Do No Track & rdquo; option):

& nbsp;

Data (s) or Personal Data (s) : designate the data to be identified; Customer's personal character, within the meaning of the Personal Data Regulations, collected and processed by the Data Controller in the context of the use of the Website < / p>

Specific Rights refers to the rights granted by the Personal Data Regulations to Customers regarding the processing of their Personal and Developed Data Article 9 of the Privacy Policy;

Regulations on Personal Data : sign Law n & deg; 78-17 of January 6, 1978 relative & agrave; IT, files and freedoms, in application of the Community Regulation of April 27, 2016 published; in the Official Journal of the European Union on May 4, 2016 on & agrave; the protection of natural persons & agrave; with regard to data processing personal and agrave; the free movement of this data (known as & laquo; RGPD & raquo; for General Regulation;

OUR NEWS
Subscribe to our newsletter to receive exclusive information on all our news.
E-SHOP ADVANTAGES

Free delivery

from 50€

Customer service

Need help?
Contact us .