In force on 06/30/2021
Article 1 – Preamble
– The way in which their personal data are collected and processed. All data capable of identifying a user must be considered as personal data. These include the first and last name, age, postal address, email address, location of the user or their IP address;
– What are the rights of users regarding this data;
– Who is responsible for the processing of personal data collected and processed;
– to whom this data is transmitted;
– Possibly, the site’s policy regarding “cookies” files.
Article 2 – General principles regarding data collection and processing
In accordance with the provisions of Article 5 of European Regulation 2016/679, the collection and processing of site user data respects the following principles:
Lawfulness, loyalty and transparency: data can only be collected and processed with the consent of the user who owns the data. Whenever personal data is collected, the user will be informed that their data is collected, and for what reasons their data is collected;
Limited purposes: the collection and processing of data are carried out to meet one or more objectives determined in these general conditions of use;
Minimization of data collection and processing: only the data necessary for the proper execution of the objectives pursued by the site are collected;
Reduced data retention over time: data is kept for a limited period of time, of which the user is informed;
Integrity and confidentiality of data collected and processed: the data controller undertakes to guarantee the integrity and confidentiality of the data collected.
In order to be lawful, and in accordance with the requirements of Article 6 of European Regulation 2016/679, the collection and processing of personal data may only take place if they comply with at least one of the conditions below. after listed:
– The user has expressly consented to the processing;
– Processing is necessary for the proper performance of a contract;
– The processing meets a legal obligation;
– The processing is explained by a necessity linked to the protection of the vital interests of the data subject or of another natural person;
– The processing may be explained by a need related to the performance of a task of public interest or which falls within the exercise of public authority;
– The processing and collection of personal data are necessary for the purposes of the legitimate and private interests pursued by the controller or by a third party.
Article 3 – Personal data collected and processed in the context of browsing the site
The data controller will keep all the data collected in his site’s computer systems and under reasonable security conditions for a maximum period of 3 years, for simple visits, up to 5 years if the user validates an order.
3.1 – PERSONAL DATA COLLECTED AND PROCESSED
The personal data collected on the maximemace.com site are as follows:
– Civil status, surname, first name, postal address, telephone number and email address.
– Information relating to the use of the site: number of orders, time spent, articles viewed ;
3.2 – METHOD OF COLLECTION OF PERSONAL DATA
This data is collected when the user performs one of the following operations on the website:
– Registration on the website;
– Request the backup of his data;
– Purchase of a property on the website;
– Subscription to a newsletter;
– Request for assistance online or by phone;
– Request for a quote
Article 4 – Purpose of the processing of personal data
The collection and processing of data meet the following purposes in particular:
– Creation and control of access to customer accounts;
– Creation of documents;
– Completion of formalities;
– Monitoring of payments and invoicing;
– Customer management;
And more generally all activities related to the sale of services or products in connection with the information presented on the website.
Article 5 – Transmission of data to third parties
When browsing the site, user’s personal data may be transmitted to external service providers.
These third parties provide a service on our behalf in order to allow the proper functioning of payments by credit card or and postal delivery for example.
Personal data may be transferred to countries outside the European Union (such as the United States) for the purpose of processing your requests and securing personal data.
In accordance with the GDPR, all transfers of personal data to a country located outside the European Union and / or not offering a level of protection considered sufficient by the European Commission have been the subject of cross-border flow agreements. in accordance with the standard contractual clauses issued by the European Commission and declared to the CNIL.
Other transfers of personal data to the United States, for customer relationship management in particular (CRM), are governed by the EU – US PRIVACY SHIELD (European Union-United States Data Protection Shield): Click here for more information.
We will never share, without having obtained your prior consent, your personal data with third-party companies for marketing and / or commercial purposes.
We may be required to disclose your personal data to administrative or judicial authorities when their disclosure is necessary for the identification, arrest or prosecution of any individual likely to prejudice our rights, any other user or a third. Finally, we may be legally obliged to disclose your personal data and cannot object to it in this case.
Article 6 – Data hosting
61 Lordou Vironos Street, 6023 Larnaca, Cyprus Cédex.
The data collected and processed by the site are hosted and processed exclusively in the countries of the European Union.
Article 7 – Data controller and data protection officer
7.1 – THE DATA CONTROLLER
The person responsible for processing personal data is: Maxime Mace. He can be contacted by phone at 0750 427 613 or by email at firstname.lastname@example.org
The data controller is responsible for determining the purposes and means used for the processing of personal data.
7.2 – OBLIGATIONS OF THE DATA CONTROLLER
The controller undertakes to protect the personal data collected, not to transmit it to third parties without the user having been informed thereof and to respect the purposes for which this data was collected.
The site has an SSL certificate to ensure that the information and the transfer of data passing through the site are secure. An SSL certificate (“Secure Socket Layer” Certificate) is intended to secure the data exchanged between the user and the site.
In addition, the data controller undertakes to notify the user in the event of rectification or deletion of data, unless this entails disproportionate formalities, costs and procedures for him. In the event that the integrity, confidentiality or security of the user’s personal data is compromised, the controller undertakes to inform the user by any means.
Article 8 – User rights
(In accordance with the regulations concerning the processing of personal data, the user has the rights listed below.
In order for the data controller to grant his request, the user is required to provide him with: his first and last name as well as his e-mail address, and if relevant, his account or personal space number or subscriber. The data controller is required to respond to the user within a maximum of 30 (thirty) days.
1. Right of access, rectification and right to erasure
The user can read, update, modify or request the deletion of data concerning him, by respecting the procedure set out below: the user must send an email to the person in charge of processing personal data, specifying the subject of his request and by using the contact e-mail address provided above If he has one, the user has the right to request the deletion of his personal space by using the following procedure: the user must send an email to the person in charge of processing personal data, specifying his personal space number. The request for deletion of data will be processed within 30 (thirty) working days.
2. Right to data portability
The user has the right to request the portability of his personal data, held by the site, to another site, by complying with the following procedure: the user must make a request for the portability of his personal data to the responsible for data processing by sending an email to email@example.com
3. Right to limit and oppose data processing
The user has the right to request the limitation or to oppose the processing of his data by the site, without the site being able to refuse, except to demonstrate the existence of legitimate and compelling reasons, which may prevail over the interests and the rights and freedoms of the user. In order to request the limitation of the processing of his data or to formulate an opposition to the processing of his data, the user must applicate the following procedure: the user must make a request for limitation of the processing of his personal data to the controller. data, by sending an email to the address provided above.
4. Right not to be the subject of a decision based exclusively on an automated process
In accordance with the provisions of Regulation 2016/679, the user has the right not to be the subject of a decision based exclusively on an automated process if the decision produces legal effects concerning him, or significantly affects him. similar way.
5. Right to determine the fate of data after death
The user is reminded that he can organize what should be the fate of his data collected and processed if he dies, in accordance with Law No. 2016-1321 of October 7, 2016.
6. Right to seize the competent supervisory authority
In the event that the data controller decides not to respond to the user’s request, and the user wishes to challenge this decision, or, if he believes that one of the rights listed above have been infringed, he is entitled to appeal to the CNIL (Commission Nationale de l’Informatique et des Libertés, https://www.cnil.fr) or any competent judge.
Article 9 – Personal data of minors
In accordance with the provisions of Article 8 of European Regulation 2016/679 and the Data Protection Act, only minors aged 15 or over can consent to the processing of their personal data.
If the user is a minor under the age of 15, the consent of a legal representative will be required so that personal data can be collected and processed.
The site editor reserves the right to verify by any means that the user is over 15 years of age, or that he has obtained the consent of a legal representative before browsing the site.
The site editor reserves the right to modify it in order to ensure that it complies with the law in force.