Commandez avant midi pour une expédition le jour même. Livraison Chronopost en 24-48h et franco de port à partir de 200 € HT en France métropolitaine.

Last update :

 

In accordance with regulations on the protection of personal data and privacy, including the General Data Protection Regulation (EU) 2016/679 (RGPD), which came into force on May 25, 2018, www.siteweb.com invites you to consult this Personal Data and Cookies Charter in order to become fully aware of the scope of personal data processing carried out and how to exercise your rights.

 

In particular, the collection of the personal data of its prospects and customers is limited to what is strictly necessary, in accordance with the principle of data minimization, and indicates the purposes for which the data is collected, whether providing this data is optional or mandatory (indicated by an asterisk (*) on the forms) in order to manage requests, and who will be able to access it.

 

In the event of modification of the present, shop.kreos.fr undertakes not to lower the level of confidentiality substantially without the prior information of the persons concerned.

 

If you have any questions or complaints, please do not hesitate to contact us by e-mail info@kreos.fr

 

Article 1. Definitions

 

Personal data - Personal data: any information relating to an identified or identifiable natural person (hereinafter referred to as the "data subject"); an "identifiable natural person" is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.

 

Processing: any operation or set of operations which may or may not be performed upon personal data or sets of data by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

 

File: Any structured set of personal data accessible according to specific criteria, whether centralized, decentralized or distributed functionally or geographically.

 

Data controller : The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing operation; where the purposes and means of such processing are determined by Union law or by the law of a Member State, the controller may be designated or the specific criteria applicable to his designation may be laid down by Union law or by the law of a Member State.

 

At www.shop.kreos.fr, the Data Protection Officer is Elise Deulvot.

Address: 32 rue Berjon, 69009 LYON

Telephone: 04 72 53 97 31

E-mail address: ass.dir@kreos.fr

 

Processor : The natural or legal person, public authority, department or other body that processes personal data on behalf of the controller.

 

Recipient: The natural or legal person, public authority, department or any other body that receives personal data, whether or not it is a third party. However, public authorities which may receive personal data in the context of a particular investigation in accordance with Union law or the law of a Member State are not considered as recipients; the processing of such data by the public authorities in question complies with the applicable data protection rules according to the purposes of the processing.

 

Third party: A natural or legal person, a public authority, a service or a body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or processor, are authorized to process personal data.

 

Consent of the data subject: Any free, specific, informed and unambiguous expression of will by which the data subject accepts, by a declaration or by a clear positive act, that personal data concerning him or her may be processed.

 

Personal data breach: a breach of security resulting in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to personal data transmitted, stored or otherwise processed.

 

Supervisory authority: An independent public authority that is set up by a Member State under Article 51 of the RGPD. In this case, it is the Commission nationale de l'informatique et des libertés (CNIL: https://www.cnil.fr/).

 

Article 2. Legal information concerning the processing of User data

 

The processing is administered in accordance with the provisions of Law no. 78-17 of January 6, 1978 and EU Regulation 2016/679 of April 27, 2016 (RGPD) and other applicable legal provisions (hereinafter the "Applicable Regulations").

 

Data collected :

 

We collect and process, in a computerized manner, data from Users on www.siteweb.com. This includes :

 

Information provided by the User by filling in forms relating to the creation of his/her account and/or relating to his/her orders and/or relating to his/her identification, or by communicating with www.siteweb.com (by any means of communication or online communication, or by responding to questionnaires or satisfaction surveys);

Information relating to the contractual and commercial relationship between the User and www.siteweb.com (including details of products ordered by the User);

The User's banking information (bank details, card numbers) and transactional information

Data collected through cookies and similar technologies used on www.siteweb.com (in particular IP addresses) and in electronic messages to recognize the User, remember his/her preferences and, where appropriate, present content likely to be of interest to him/her.

At the time of registration, you accept our General Terms of Use (GTU), which provide for the collection of data that directly or indirectly identifies a natural person, and which is personal data.

 

Purpose of processing :

 

Identification of people using www.siteweb.com to benefit from services;

Manage the account of the person concerned or of the legal entity that the person concerned represents

Customer relationship management

Handling users' questions and complaints ;

Compliance with online account access procedures (and management of any authentication procedures);

Payments are processed by our partner .... ;

Prospecting and/or sending information.

Legal basis for processing

 

The processing is necessary for the performance of the contractual relationship you wish to enter into with us by using www.siteweb.com, since the personal data we collect and process are necessary for the performance of the services for which you register;

Processing is also necessary to protect our legitimate interests by enabling us to keep proof of transactions carried out via www.siteweb.com.

Processing is based on your consent when you wish to order and/or use services via www.siteweb.com;

 

Article 3. Cookies

 

Cookies :

We use a common feature that consists of installing a cookie on your browser. It enables us to recognize you on subsequent visits, facilitates the completion of our forms, and allows us to better understand the quality of navigation on our site by Internet users.

 

Third-party cookies :

We use software such as Google Analytics (from Google Inc.), Mailjet and Double Click to gather information on how visitors interact with our site and track our conversions. These software programs, on our behalf, will set cookies, collect information which they will then store on their servers at their convenience.

 

These cookies generally expire within 15 to 30 days.

 

In combination with other services offered by these companies, particularly where we have collected personal information such as your name, emaill , we are able to link all this information together and thus provide you with better information. These companies expressly undertake not to disclose your information to any third party without your express consent, unless legally obliged to do so.

 

These software programs also undertake not to consolidate this information with their services, which you may use directly yourself or via other companies using their services.

 

You acknowledge that you have been informed that we use cookies, and authorize us to do so. If you do not wish cookies to be used on your terminal, most browsers allow you to disable cookies via the settings options. However, please note that some services may no longer function correctly.

 

Article 4. Rights of data subjects and how to exercise them

 

Under the conditions defined by the applicable regulations (RGPD, amended Data Protection Act) individuals have the right to access data concerning them, to rectify or delete it, to query it, to limit the processing of its data, to portability, to deletion.

 

Data subjects also have the right to object at any time, on grounds relating to their particular situation, to the processing of personal data whose legal basis is our legitimate interest, as well as the right to object to commercial canvassing. They may also withdraw their consent to processing at any time, without affecting the lawfulness of processing based on consent prior to withdrawal.

 

Data subjects also have the right to define general and specific directives defining the way in which they intend the above-mentioned rights to be exercised after their death. Finally, they have the right to lodge a complaint with the CNIL.

 

If you wish to contact the Data Protection Officer (DPO), you will be asked to provide proof of identity and, if necessary, to justify the reasons for your request. In the event of an access request, the DPO has two months in which to respond.

 

Requests to exercise your rights should be sent electronically to: dpo@siteweb.com

 

For all intents and purposes, it is specified that once the right to erasure, to object to processing or to withdraw consent has been exercised, the proper functioning of www.siteweb.com for the person concerned may be disrupted. For example, if these rights are exercised at the time of ordering products, the said order cannot be placed by the person concerned.

 

Article 5. Retention period of personal data

 

With a view to minimization, we keep data only as long as is necessary for the operations for which it was collected and in compliance with current regulations.

 

Customer data. In this respect, www.siteweb.com customer data is kept for the duration of the contractual relationship, plus 3 years for promotion and prospecting purposes, without prejudice to retention obligations or limitation periods.

 

Accounting. In accounting terms, they are kept for 10 years from the close of the financial year.

 

Non-customer prospects. We may retain personal data relating to a non-customer prospect for a period of three years from the date of collection or from the last contact from the prospect (for example, a contact request or a click on a hyperlink contained in an e-mail; however, the opening of an e-mail will not be considered as a contact from the prospect). At the end of this three-year period, we may contact the person concerned again to find out whether he or she wishes to continue receiving commercial solicitations. In the absence of a positive and explicit response from the person concerned, we will delete or archive the data in accordance with the provisions in force, and in particular those set out in the French Commercial Code, the French Civil Code and the French Consumer Code.

 

Identification documents. With regard to identity documents transmitted in the event of exercising the right of access or rectification, data relating to identity documents may be kept for the period stipulated in article 9 of the Code of Criminal Procedure (i.e. one year). If the right to object is exercised, such data may be archived for the limitation period stipulated in article 8 of the French Code of Criminal Procedure (i.e. three years).

 

Bank details. In the case of payment by credit card, the card number and its validity date may be stored in an intermediate archive for thirteen months following the debit date, for the purpose of proof in the event of any dispute concerning the transaction. This period will be extended to fifteen months to take account of the possibility of using deferred debit payment cards. This data must be used only if the transaction is contested. The data stored for this purpose must be subject to security measures, as described in article 8 of the present standard and article 5 of the aforementioned deliberation no. 2013-358 of November 14, 2013. It should be noted that we may keep bank card data for longer, subject to obtaining the express consent of the customer, who will be informed in advance of the objective pursued (for example, to facilitate the payment of regular customers). In any event, credit card data will be deleted when the card expires.

 

Internet data. Lastly, the browsing and connection data collected from Internet users, in particular via cookies, will be automatically deleted at least every thirteen months.

 

Inactivity for two years. If you have not logged on to www.siteweb.com or have not been active (clicked on a link) for a period of two years, you will receive an e-mail inviting you to log on as soon as possible, failing which your data will be archived in our databases.

 

Article 6. Recipients of personal data and subcontracting

 

The data processed is intended solely for the persons we have expressly authorized for the purposes described above, as well as for our service providers for the proper performance of the services rendered on www.siteweb.com.

 

We ensure that all recipients and processors present or make every effort to ensure appropriate technical and organizational measures so that the processing meets the requirements of the GDPR and guarantees the protection of the data subject's rights.

 

We may use one or more subcontractors to carry out specific processing activities which will be subject to the terms of this Charter. Any subcontractor will not be authorized to use a subcontractor without our prior written authorization.

 

In particular, we use the Systempay service provider to manage payments.

 

Article 7. Communication of personal data to third parties

 

In general, we undertake to comply with all legal rules that may prevent, limit or regulate the dissemination of information or data.

 

On the basis of legal obligations, your personal data may also be disclosed in application of a law, regulation or by virtue of a decision by a competent regulatory or judicial authority.

 

If you have made a purchase on www.siteweb.com, we may, with our partners and on an occasional basis, keep you informed of our new products, news and special offers, by e-mail, by post and by telephone concerning products or services similar to the products or services that were the subject of your order.

 

We may make certain personal data available to strategic partners working with us to provide products and services or to help us market our products to customers.

 

We may share information with advertising partners (cookies...) in order to send you promotional communications, or to show you more tailored content, including relevant advertising for products and services that may be of interest to you, and to understand how users interact with advertisements.

 

Download our catalog

You prefer to work with our consumable catalog in digital format. Download it and consult it at your convenience.

Download catalog