PROTECTION OF PERSONAL DATA
By using this website, you declare that you are of adult age in your state or province of residence, or that you are of adult age in your state or province of residence and that you have granted your consent to allow one of the minors for which you are responsible to use this site.
Any information stored on our Website is processed confidentially. All information is stored in a completely secure way and is only accessible to authorized staff. We use and maintain appropriate technical, security and organizational measures to protect the personal data against unauthorized or illegal processing and use, and against accidental loss, destruction, damage, theft or disclosure.
1. DATA COLLECTION
All data that relates to you is collected from you directly: when you provide us with personal information to perform a transaction, verify your credit card, make an order, make arrangements for a delivery or return a purchase, you grant your consent for us to collect your personal information and use it for this purpose only.
When you visit our Website, we also automatically receive your computer’s Internet Protocol (IP) address to provide us with information which gives us a better knowledge of your browser and operating system.
Marketing email (if applicable and when the law permits): With your permission and on condition that this is legal within your jurisdiction, we may, within the periods provided for by the law, send you emails about our Website, new products and services and other updates. By “authorization”, we mean express authorization that you have provably granted to us. Authorization to send commercial or marketing emails may be obtained in one of the following cases, which we consider to be an existing business relationship with you or a request for information from you:
- Entering your email address on our website without indicating that you do not wish to receive emails.
- Entering your email address while making or attempting to make an order for a product or service from us without indicating that you do not want to receive an email.
- Entering your email address as part of an abandoned shopping basket without indicating that you do not wish to receive emails.
- Entering your email address as part of a competition, event or poll we are holding, having been previously informed by us that we would send you marketing emails.
- Subscribing to the newsletter email by filling in a form on our Website.
- In all cases where, by filling in a form, you have ticked a check box indicating your willingness to be contacted by email, on condition that the box to be ticked is unticked by default and we have informed you of the commercial nature of the emails.
All marketing emails must contain an indication that you can refuse to receive any more marketing emails from us, without any cost to you. All marketing emails must prominently display an unsubscribe option.
2. PURPOSE OF THE DATA COLLECTED
The legal basis for collecting the personal data of Users is:
- The legitimate interest of Ma-boutique-shopping in monitoring and ensuring the correct implementation of your commitments (Orders, subscriptions, etc.)
- Improving navigation of the Website
- Carrying out satisfaction surveys on the Use of the Website
- Creating statistics on the use of the tool and drawing up internal reports for Ma-boutique-shopping management teams.
We may use your personal information, particularly your name, address, telephone, email address and other relevant data to carry on our business, improve our websites, develop new products and services, provide information and support, better understand your needs and interests, personalize communications and advertising, comply with your contractual obligations and, generally, promote a high-quality experience for you. For example, we may use your personal information, including your email address, to:
- Communicate, interact and build our relationship with you;
- Personalize the content, the products and the services that are offered to you;
- Contact you with information about us and third-party affiliates;
- Process, carry out and monitor transactions and requests for products, services, support and information;
- Verify your authorization to access and use our services;
- Perform market surveys and market analyses;
- Measure, analyze and improve our products and services, the effectiveness of our websites, our advertising and our marketing;
- Comply with legal requirements;
- Provide targeted advertising;
- Send you marketing material, for example by email, including our information bulletin, and inform you about products and services that we think may interest you;
- Discourage, detect and prevent fraud and other prohibited or illegal activities; or
- Inform you about new services, future events and changes in our contractual documents.
3. TYPES OF DATA PROCESSED
Ma-boutique-shopping may process all or part of the following information:
- Surname, first name, postal address, telephone number, and email address;
- Transaction history;
- Banking details;
4.1. Ma-boutique-shopping uses session cookies so Users do not have to identify themselves each time the Service is accessed in the course of a single day, other than during the first time it is accessed. These files stored on the computer allow the User to be identified each time he or she connects to the Website.
4.2. In addition, in order to improve the Website, Ma-boutique-shopping uses audience measurement cookies such as those indicating the number of page views, the number of visits, the activity of visitors on the Website and their return frequency using the services of Google Analytics. These cookies only allow the creation of statistical studies on the traffic of visitors to the Website whose results are completely anonymous.
4.3. Ma-boutique-shopping also uses third-party cookies.
Third parties authorized to access the data collected in third-party cookies by Ma-boutique-shopping undertake to use this data in accordance with the applicable legal provisions and to respect the privacy of internet users.
5. PASSING ON YOUR DATA
- To affiliates and partners: To companies or enterprises we belong to or control, and within our company, in order to provide and improve the services, for marketing and advertising purposes.
- To service providers and suppliers: To business partners, marketing partners and suppliers to provide, improve and personalize our services.
- For publicity and marketing: To advertising and marketing partners for advertising and marketing purposes, with your consent, in our name and the name of third parties, including social network providers, if applicable.
- For some analyses and improvements: To some companies for the purposes of analyzing and improving our services.
6. SERVICES OPERATED BY THIRD PARTIES AND LINKS TO OTHER SERVICES
Some third-party services that we may have cause to use for our work, such as payment gateways and other transaction or payment processors, are required to comply with the security standards imposed upon them, such as PCI-DSS (Payment Card Industry Data Security Standard), which is a set of security standards designed to ensure that all payment processors that accept, process, store or transmit credit card information maintain a secure environment. All the direct payment gateways we use comply with PCI-DSS, which is a joint effort of brands such as Visa, MasterCard, American Express and Discover, to protect the processing of credit card data.
Although we do not store your credit card information, these payment gateways and other transaction or payment processors, under PCI-DSS, may store your transaction purchase data for as long as necessary to complete the transaction and then as long as the law requires.
These payment gateways and other payment transaction processors and other third parties have their own privacy policies in relation to the information we are required to provide them with for your purchase transactions.
For these suppliers, we recommend that you read their privacy policies to understand how your personal data will be processed.
In particular, do not forget that some suppliers may be located or have offices located in a jurisdiction that is different from yours or ours. Thus, if you choose to perform a transaction that involves the services of a third-party service provider, your information may be subject to the laws of the jurisdiction(s) in which this service provider or its offices are based.
7. SECURITY OF YOUR DATA
To protect your personal information, we take reasonable precautions and follow the best practices of the industry to ensure it is not lost, misused, accessed, disclosed, modified or destroyed.
If you provide sensitive information, such as login details and credit card information, this information is encrypted using SSL (Secure Socket Layer Technology) and stored in an encrypted way. Although no form of internet transmission or electronic storage is 100% secure, we use generally accepted commercial standards to protect your personal information.
8. LOCATION OF YOUR DATA
When your personal data originating in the European Economic Area is processed outside the European Economic Area in a country that is not designated as offering an adequate level of privacy protection by the European Commission, we agree that the transfer shall be performed in accordance with this policy, which we shall maintain fully and effectively in force: the contractual elements concluded between us commit us beyond the provisions of the countries that do not offer the same degree of protection.
We have set up data processing agreements to ensure compliance with the relevant directives. All processing is carried out in accordance with the strictest security standards.
9. DATA RETENTION DURATION
We will erase the personal data from our files as soon as possible after receiving a notification and, once all transactions are complete, we shall comply with all reasonable instructions regarding the erasure of the remaining personal data. We shall not retain data for longer than necessary to achieve the objectives for which it has been collected or as required by applicable laws and regulations. Ma-boutique-shopping shall thus retain your personal data for a limited period. The duration of this retention shall thus vary according to the purpose of the processing and the category of data processed. A customer’s personal data is retained throughout the period of the contractual relationship and 5 years beyond that. For a prospective customer, 3 years following our last interaction.
For cookies, their retention period is 13 months following their installation on your browser for advertising cookies and the time you are on our website for technical cookies. Once these periods have elapsed, your personal data will be either deleted or anonymized and used for historical purposes, studies and statistics.
10. YOUR RIGHTS IN RELATION TO YOUR DATA
In accordance with applicable European regulations, Ma-boutique-shopping Users have the following rights:
- Right of access (article 15 GDPR) and rectification (article 16 GDPR), update, completeness of User data
- Right to lock or erase personal User data (article 17 of the GDPR), when it is inaccurate, incomplete, ambiguous, out-of-date, or whose collection, use, communication or retention is prohibited
- Right to withdraw consent at any time (article 13-2c GDPR)
- Right to restrict processing of User data (article 18 GDPR)
- Right to object to processing of User data (article 21 GDPR)
- Right to data portability that Users may have provided, when this data is subject to automated processing based on their consent or a contract (article 20 GDPR)
- Right to define what should happen to a User’s data after their death and to choose to whom Ma-boutique-shopping should communicate (or not) their data to a third party they have previously designated
If the User wants to know how Ma-boutique-shopping uses his or her Personal Data, request its rectification or object to its processing, the User may contact Ma-boutique-shopping by writing to the following address: Ma-boutique-shopping – Inter-Bureaux, 65 rue Hénon 69004 Lyon or by email to firstname.lastname@example.org.
In this case, the User must indicate the Personal Data that he or she wishes Ma-boutique-shopping to rectify, update or erase, identifying themselves precisely with an identity document (identity card or passport).
Requests for the deletion of Personal Data are subject to requirements imposed on Ma-boutique-shopping by the law, particularly in relation to the archiving or retention of documents.