Data Protection Policy
Data Protection Policy of the LeCristalAntique.com site
We have always attached the greatest importance to the protection of our customers' data.
In accordance with the legal and regulatory provisions in force on the date of writing, and in particular Law No. 78-17 of January 16, 1978 “Informatique et Libertés” and the General Regulations on the Protection of Personal Data, this charter exposes you to your rights and remedies as well as everything you need to know about the collection, processing and purpose of use of your personal data at LeCristalAntique.
1) Collection of personal data:
When creating your account and registering your orders on the site https://www.lecristalantique.com, hereinafter referred to as “the Site”, Le Cristal Antique SASU is required to record personal data regarding its customers. The person responsible for the collection and processing of this data is Le Cristal Antique SASU, registered with the RCS of Evry under number 914219027, whose head office is located at 20 rue du Bon Air, 91430 Igny and the establishment of the boutique physical is located at 23, place Victor Schoelcher, 91300 Massy, hereinafter referred to as “The Company”. The term “personal data” refers to any data that can identify a person. Below you will find all the personal data concerning you which may be kept by Le Cristal Antique as well as their purpose:
- Last name First Name
- Date of birth
- Address
- Phone number
- Product reviews and ratings
- Connection data
- Navigation data
- IP adress
- Banking transactions
- Order history
- Newsletter subscription
- Subscription to product alerts in stock
2) Purposes of data collection:
Our desire is that all data collected is only collected because it is useful and necessary for the processing for which it is collected. Optional data may be requested from you, but is in no way obligatory and only serves to personalize or improve the relationship with our customers. Here are the different reasons for collecting your data:
Managing your orders
- Manage your orders, both pre-sales and after-sales, and contact you by email or telephone in order to best ensure our service and to notify you.
- Respect our legal and regulatory obligations such as recording purchase orders and issuing invoices which must be kept for 10 years.
Sales and marketing management
- Develop commercial statistics, carry out market and behavioral studies in order, for example, to anticipate our purchases.
- Create and manage prospect files.
- Fight against payment fraud under the conditions defined below,
- Propose an adapted loyalty policy, promotional actions targeted to individuals and/or professionals
- Organize competitions
Newsletter
And for customers and prospects or subscribers to one of our newsletters:
- Propose new products put on sale by the company,
- Inform us about our news as well as our promotional offers, DIY tutorials, and videos...
You can unsubscribe from these newsletters at any time by clicking on the link provided for this purpose located at the bottom of each email or on the Newsletter page
Customer request management
- Respond to your requests, your opinions, your requests, resolve your problems, provide you with a suitable and personalized solution
NB: under no circumstances do we communicate the email addresses of our subscribers to commercial partners who could use them.
3) Fight against fraud
In order to combat payment fraud, or to manage possible complaints, the Company may also retain information relating to bank card or Paypal transactions. But at no time do we have knowledge of your bank card number or its expiry date, or the cryptogram, so in essence we do not keep this information. In addition, we have implemented a multi-criteria system implementing alerts based on typical order profiles. This may lead us to request certain supporting documents from you in order to validate the order (ID card, passport, proof of address, etc.). The data thus collected will not be retained after verification. We may temporarily block an order in manual validation while we carry out transaction security checks (3D secure guarantee) or consult the supporting documents and sometimes contact the customer. The order is then confirmed as soon as possible.
4) Recipients of the collected data
Only our company and the external companies to which we are contractually linked for the management of your order or the sending of our newsletters have access to the personal data that you communicate to us. The categories of people who will have access to your personal data within the Company are, within the limits of their respective needs, the sales department, the marketing department, the IT department, the logistics department and the services responsible for management control such as as Auditor, accounting firm for the proper keeping of our accounts, etc.
Public bodies may also be recipients of your personal data, exclusively to meet legal obligations, court officers, ministerial officers, tax services in the event of a tax audit, for example, customs. External companies which will have access to your personal data as part of the processing of your orders are:
- Our payment providers
- Our transport providers (La Poste, Chronopost, UPS)
- Our subcontractors and hosting, storage, maintenance and site security services (OVH, Shopify)
- Our online customer review system (Google Customer Reviews)
- Our feed analysis services (Google Analytics, Google Search Console)
- Our advertising and retargeting services (Google Adwords, META, Shopify)
As the law requires of us, we ensure compliance with European regulations on the protection of personal data by all of our external service providers. The Company undertakes not to commercially transfer the data it has collected on its site concerning you and to only keep it at European level or at least, with foreign service providers guaranteeing compliance with current legislation. . Furthermore, it is recalled that any processing based on consent given before its withdrawal is lawful. The Company undertakes to request guarantees from its service providers and any other subcontractors and reserves the right to control the latter.
5) Duration of retention of personal data
The date taken into account to define the retention period of the personal data that we collect is that of the last transaction that you made on our site or the date of the last connection to your customer account. In this context, we undertake to delete these when:
- you will have asked us for their deletion from our databases,
- you have not connected to your customer account for more than 3 years,
- you will have requested to unsubscribe from one or other of our newsletters.
Please note that if you subscribe to several of our newsletters, you will need to unsubscribe from all of them to no longer receive emails (other than those for processing your order). We also reserve the right to contact you by email before deleting your customer or prospect account in order to offer to keep it. In this case, it will be kept for 3 additional years from your new date of consent, unless you request its deletion before the end of this period.
6) Security
We inform you to take all necessary precautions to preserve the security of your personal data and in particular, to prevent them from being distorted, damaged or from unauthorized third parties having access to them:
- Our databases are kept in France and are duplicated to guarantee their preservation.
- Our internal databases and information systems are accessible only to authorized personnel and service providers.
- All of our IT equipment is equipped with firewalls, antivirus and other protection systems. Computer maintenance is regularly carried out.
- Our premises are equipped with anti-intrusion alarms and remote monitoring.
- Our website as well as all intermediary payment providers, including the online credit card payment system, are secured using the standardized “SSL protocol” encryption system.
We strongly invite you to choose a password for your customer or prospect account containing at least 8 characters including at least one uppercase letter, one lowercase letter, one number and one special character. For customers and prospects already registered, we invite you, if this is not already the case, to modify your password to replace it with a password containing at least 8 characters including at least one uppercase letter, one lowercase letter, a number and a special character. We also advise you, after having identified yourself on our site and having used it according to your needs, particularly if you use a computer, tablet or telephone to which several people may have access, to remember to log out of your account before leaving. the Site.
7) Cookie use policy
When you browse our site https://www.lecristalantique.com and perform certain actions, we store small text files in alphanumeric format in your browser, more commonly called “cookies”. These small files allow us to memorize certain actions that you have carried out and keep them in memory for your comfort (eg: sorting of product by date of addition, by price range, etc.). Technically, a cookie is linked to a browser on the machine (computer, tablet, smartphone) where it was placed. It is neither spyware nor a virus, it simply allows you to remember a choice or to pass certain information from one page to another on the same website (e.g. knowing if you are connected to your account, transmit your account number to your basket to retrieve a current basket, etc.). The use of own or third-party cookies that are not necessary for the operation of the site requires us to ask for your consent. While those necessary for its use will be automatically installed. You should know that you can at any time express your consent or oppose the use of cookies by configuring your browser appropriately; for this you can refer to the user guides for your browser. In accordance with current regulations, the cookies we use have a maximum lifespan of 12 months.
With regard to cookies issued by third parties when browsing our website, it is possible that certain services also record cookies, this is the case for example with the main networks (Facebook, Pinterest, etc.) . The use of these cookies being subject to privacy protection policies, it is therefore the responsibility of these third parties which is engaged. We would also like to inform you that we use Google Analytics, a free website audience analysis service used by more than 10 million sites worldwide, which will also save a cookie on your browser.
8) Consent
When you create your customer account and choose to communicate your personal data on the site, you expressly give your consent for the collection and use of these in accordance with what is set out in this Charter and the legislation in force. . Likewise, you express your consent when registering on the Site as a prospect on our newsletter subscription page and when you contact us directly or via the “contact” form on the site in order to enable us to respond to you.
9) Right of access, rectification and portability
In accordance with EU Regulation 2016/679, you benefit from a right of access, rectification, query, portability and, where applicable, opposition to data concerning you, which can be exercised by contacting us in writing by any means at your convenience including the following electronic message: lecristalantique@gmail.com or by mail by writing to us at Le Cristal Antique, 23 place Victor Schoelcher, 91300 Massy. Your request must in all cases be accompanied by proof of your identity (copy of your identity card, your passport, etc.). This will not be kept.
You can also manage your subscriptions to our newsletters directly on the site or request to remove yourself from our mailing lists from your customer account.
You can also modify your personal data directly on the LeCristalAntique website by logging into the “Account” section. Please do not hesitate to contact us if you encounter any difficulties.
The customer or any user of our Website may, if necessary, lodge a complaint with a supervisory authority in the event of alleged non-compliance with their rights.
However, we advise you to contact us beforehand because very often the resolution of this type of request does not require a complaint. Our team is here to listen to you.
10) Update of the charter
This charter can be modified at any time to take into account developments in our activity and our processes and to remain in compliance with regulatory developments. Its different versions will be kept as they evolve by the Company.
Date of this Charter: 01/10/2022