Privacy Policy
In accordance with the provisions of law no. 78-17 of January 6, 1978, relating to the protection of personal data.
(amended in accordance with Regulation (EU) 2016/679 of the European Parliament)
Add your title here
The company that publishes the platform aims to create high-quality, high-performance digital tools for users, offering optimized operating experiences, while complying with all applicable legislation, particularly in terms of personal data protection and privacy.
We are committed to ensuring the highest level of protection for your data in compliance with the French Data Protection Act of January 6, 1978 and Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of Personal Data of a personal nature, General Data Protection Regulation (GDPR).
By browsing our site, you declare that you accept our Personal Data Protection Policy, defined in the Privacy Policy. The Privacy Policy supplements the site’s General Conditions of Use and General Conditions of Sale to formalize the contractual relationship between the platform and its users.
The publishing company is committed to respecting the rights of individuals and all laws and regulations in force. It wishes to establish a relationship of trust with all users of the platform based on :
– Access and management rights: you can access, modify or delete your personal data at any time;
– Security: we do everything in our power to protect and secure your data;
– Transparency: we provide you with all relevant information about the processing of your personal data;
– Legitimacy: your personal data is collected for specific, explicit and legitimate purposes, and on an appropriate legal basis;
– Minimization: we collect and process only the data necessary for the proper functioning of the platform;
– Choosing compliant partners: we choose partners who are committed to guaranteeing compliance with our privacy policy.
As “User” access to the platform is reserved for people over 18, we do not collect any data on people under 18.
If you do not agree with our terms, you may choose to stop browsing our site, not to create a user account, to modify your consent choices by clicking on “manage cookies” at the bottom of the page, or to exercise your deletion rights.
We invite users of the platform, to regularly refer to our Privacy Policy, which may change to adapt to legislative and regulatory changes to the RGPD as well as the French Data Protection Act. For further information on the protection of personal data, please visit the Commission Informatique et Libertés website at www.cnil.fr.
What is personal data?
What personal data is collected?
The data collected on the platform fall into 3 main categories:
– The personal data you send us when you create or modify your account, when you interact with the platform, or when you exchange information on the platform. Regarding the data provided by the user, the mandatory or optional nature of the data is indicated at the time of collection: title, surname, first name, delivery address, billing address, email address, password, date of birth and majority, telephone number…
– The data we automatically collect as a result of your actions on the site and as part of the proper functioning of the services offered: browsing data, order history, preferences and centers of interest, products viewed, products added to the basket, delivery incidents, complaints, conversations with an advisor. We also carry out anonymous audience measurement: for example, we measure the number of pages viewed, the number of visits to the site, as well as visitors’ activity on the site and the frequency with which they return. Finally, the platform may collect data via cookies. For more information on cookies, please consult our cookie policy.
– The data required to process an order on our platform, and which are necessary to ensure compliance with the laws and provisions in force concerning Ecommerce activities. For example, for payment purposes, bank details are collected and stored by our PCI-DSS-certified payment service provider Stripe. This is an international security standard designed to ensure the confidentiality and integrity of cardholder data, and thus secure the protection of card and transaction data. Stripe encrypts the data and keeps it only for technical purposes (e.g. for refunding a purchase or in the event of fraudulent behavior). For further information, please consult Stripe’s privacy policy.
Who collects the data?
As part of providing the platform to the public, the publisher collects and processes Personal Data concerning users, to enable it to manage the proper operation of the site and all contractual relations. In this context, the publisher undertakes to implement data processing, in compliance with the RGPD, the purposes of which are the management of customers (including the management of contractual relations, orders, delivery, invoices, accounting, monitoring of the contractual relationship), and more generally the management of operations enabling it to communicate with users, or the provision of features necessary for navigation on the site. The platform integrates third-party partners who may also process personal data via cookies. To find out more, please consult our cookies policy.
Consent
On your first visit to our site, you will be asked to accept or refuse the use of certain cookies. If you do not wish cookies to be installed or read on your terminal equipment, a refusal cookie will be deposited on your equipment to record the information that you have objected to the use of cookies. If you delete this refusal cookie, it will no longer be possible to identify you as having refused the use of cookies. you’ll need to configure your preference. Similarly, when you accept the deposit of cookies, a consent cookie is installed. Refusal or consent cookies must remain on your terminal equipment. You can modify your choices at any time by clicking on “Manage cookies” at the bottom of the page.
Access to some of the platform’s services, in particular Ecommerce services, requires the creation of a user account. The act of creating a “User” account, where you certify that you are of legal age and have read and approved the present privacy policy as well as the platform’s GTC and TOU, implies your consent. You can change your choices at any time.
Rules for collecting personal data
The data collected on the site is exclusively intended to ensure the proper functioning of the platform. Under no circumstances will the publisher pass on your personal data to third parties without your prior consent. Personal data may be transmitted to companies – subcontractors and partners – used by the publisher in the context of the execution of services and orders, and in particular the management, execution and processing of payment.
Personal data protection
The site editor makes every effort to protect your personal data by implementing technical and organizational measures to ensure the security and confidentiality of personal data processing.
In this respect, the publisher takes all necessary precautions, in view of the nature of the data and the risks presented by the processing, to protect the security of the data and, in particular, to prevent it from being distorted, damaged or accessed by unauthorized third parties: physical protection of premises, authentication procedures with secure personal access via confidential identifiers and passwords, encryption of certain data, etc.
However, we would like to remind you that you are responsible for the personal data you transmit, and that as such, you contribute to the protection of your personal data by complying with good practice in the use of your IT tools.
You are informed that, without adequate security measures (e.g. secure configuration of your web browser, updated anti-virus programs, firewall software, non-use of software from dubious sources, etc.), you run the risk that the data and passwords you use to protect your data may be disclosed to unauthorized third parties.
Storage and retention of personal data
The data collected on the site is stored and secured on the servers of professional third-party hosting partners. All data is stored in Europe and is not reprocessed or transferred in whole or in part.
Considering the nature of the data and the risks presented by certain processing operations, all necessary precautions are taken to protect the security of the data and, in particular, to prevent it from being distorted, damaged or accessed by unauthorized third parties. We invite “Users” of the platform to respect the basic principles of user account security, i.e. to set up a strong password to protect access to their account and not to transmit their connection information.
Your Personal Data concerning your account, as well as those concerning your navigation and/or your behavior on the site are kept for a maximum period of 3 years from your last activity on the site or on an electronic communication medium linked to the site. At the end of this period, your account is considered “inactive” and will be automatically deactivated. You will therefore need to create a new one to access the platform’s services.
On the other hand, anonymous audience measurement statistics and your site traffic data are kept for no longer than 13 months.
However, at the end of these periods, some of your personal data may be subject to intermediate archiving in order to meet our legal, accounting and tax obligations (such as the obligation to retain invoices for a period of 10 years as set out in article L.123-22 of the French Commercial Code) and/or during the applicable limitation period (such as the common law limitation period of 5 years set out in article 2224 of the French Civil Code).
Audience measurement
In accordance with the European Data Protection Act (Loi Informatique et Libertés of January 6, 1978, amended by the Act of January 6, 2006), we hereby inform you that we have no obligation to disclose any personal data to third parties.
August 2004), you have the following specific rights with regard to your personal data:
– The data subject’s right of access (Article 15 of the RGPD),
– Right of rectification (article 16 of the RGPD),
– Right to erasure (Article 17 of the RGPD),
– Right to limit Processing (Article 18 of the RGPD),
– Right to mandatory notification of changes (Article 19 of the RGPD),
– Right to portability (Article 20 of the RGPD),
– Right to object to processing and profiling (Articles 21 and 22 of the RGPD),
– Post-mortem directives (Act no. 78-17 of January 6, 1978 on data processing, data files and individual liberties)
For further information, please consult the website of the Commission Nationale de l’Informatique et des Libertés.
Contact and complaints
You may exercise your rights at any time. For all inquiries, you can choose to address your request to :
– By e-mail to our Data Protection Officer at hello@oldfashionedclub.com,
– By post to our Data Protection Officer at the following address: OLD FASHIONED CLUB, 4 rue des Saussaies 75008.
In accordance with current regulations, your request must be signed and accompanied by a photocopy of an identity document bearing your signature, and must specify the address to which you would like a reply. A reply will be sent to you within 1 month of receipt of the request. If necessary, this deadline can be extended by two months, depending on the complexity and number of requests. The data controller notifies the data subject of this extension and the reasons for the postponement within one month of receipt of the request.
If you do not receive a reply, or if you are not satisfied with the reply you receive, you may lodge a complaint with the competent protection and control authority in the European Union Member State in which you usually reside.
– For France CNIL: http://www.cnil.fr
– For other countries: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm