- the way in which their personal data is collected. Personal data is defined as any data that can identify a customer. This includes the first name, last name, age, postal address, email address, location of the customer or IP address.
- What the customer's rights are concerning this data.
- Who is responsible for processing the collected data and processed personal data
- To whom such data is transmitted.
1. Information collected and processed; data collection method
Ordering Products on the Website
When the customer makes a purchase on the Website, the following personal data are collected:
- First name,
- Last name,
- Mailing address,
- Phone number,
- Email address.
Subject to the customer's express consent, obtained when registering for the seller's newsletter, the following personal data are collected:
- Email address
2. Data Recepients
The seller may communicate personal data to its subcontractors and service providers. For example, when the customer makes a purchase on the website, his/her details will be communicated to the delivery service provider. The data collected and processed by the site are exclusively stored and processed in France.
3. Data Controller Obligations
The party responsible for the processing of personal data is the seller.
The Data Controller can be contacted at the following address: firstname.lastname@example.org
The seller is responsible for determining the purposes and means of the personal data processing. The seller agrees to protect the personal data collected, and to respect the purposes for which these data have been collected.
The website has an SSL certificate in order to guarantee that the information and transfer of data passing through the site are secure. The purpose of an SSL certificate ("Secure Socket Layer" Certificate) is to secure the data exchanged between the user and the website.
The Seller undertakes to notify the Customer in the event of rectification or deletion of the data, unless this would entail disproportionate formalities, costs and steps for the Seller. In the event that the integrity, confidentiality or security of the Customer's personal data is compromised, the Seller undertakes to inform the Customer by any means.
4. Customer's rights
In accordance with personal data processing regulations, the customer has the following rights:
Right of access, rectification and deletion: the customer may access, update, modify or request the deletion of any personal data. If the customer has a personal space one, he/she has the right to request its deletion.
Right to data portability: The customer has the right to request the portability of his data, held by the Website, to other parties.
Right to limit and oppose the processing of data: The customer has the right to request the limitation or to object to the processing of his data by the website, without the seller being able to refuse, unless he can demonstrate the existence of legitimate and compelling reasons, which can prevail over the interests and rights and freedoms of the customer.
For any information concerning his rights, or to exercise them, the customer must write to the Seller at the following address [...]
In order for the seller to comply with his request, the customer is required to communicate the following elements: first and last name, e-mail address, and if relevant, account number, personal space login information or subscription number. The seller is required to respond to the customer within 30 days.
Right to refer to the competent authority: In the event that seller does not respond to the customer's request, or if the customer believes that his/her rights are being infringed, he/she is entitled to refer the matter to the CNIL or any competent judge.