Privacy policy

[Company name] places great importance on the protection of your personal data and respect for your privacy. This policy describes how we collect, use, and protect your information in accordance with the General Data Protection Regulation (GDPR).

1. Data controller

The data controller is [Company name], whose registered office is located at [Full address].

For any questions regarding the protection of your personal data, you can contact us at: [DPO email]

2. Data collected

We may collect the following data:

  • Identification data: surname, first name, email address, phone number, postal address
  • Connection data: IP address, browser type, pages viewed, date and time of connection
  • Account data: username, password (encrypted), user preferences

3. Purpose of processing

Your data is processed for the following purposes:

  • Managing your user account and authentication
  • Processing and tracking your orders
  • Sending newsletters (with your consent)
  • Improving our services and user experience
  • Compliance with our legal and regulatory obligations

4. Legal basis for processing

The processing of your data is based on the following legal grounds:

  • Performance of a contract: for managing your account and processing your orders
  • Consent: for sending marketing communications and newsletters
  • Legitimate interest: for improving our services and website security
  • Legal obligation: for retaining certain data required by law

5. Data retention period

Your data is retained for the period strictly necessary for the purposes for which it was collected:

  • Account data: for the duration of the business relationship, then 3 years after last contact
  • Order data: 10 years from the closing of the financial year (legal obligation)
  • Cookies: 13 months maximum

6. Data recipients

Your data may be shared with the following categories of recipients:

  • Internal departments of [Company name]
  • Our technical subcontractors (hosting, email sending, online payment)
  • Competent authorities, upon legal request

7. International transfers

Some of your data may be transferred to countries outside the European Union (particularly for hosting and cloud services). In such cases, we ensure that appropriate safeguards are in place (standard contractual clauses, adequacy decision).

8. Your rights

In accordance with the GDPR, you have the following rights regarding your personal data:

  • Right of access: obtain confirmation that your data is being processed and receive a copy
  • Right to rectification: request the correction of inaccurate or incomplete data
  • Right to erasure: request the deletion of your data in cases provided by law
  • Right to restriction: request the restriction of processing of your data
  • Right to portability: receive your data in a structured format and transfer it to another controller
  • Right to object: object to the processing of your data on legitimate grounds

9. Cookies

Our website uses cookies to improve your browsing experience.

  • Essential cookies: necessary for the website to function (authentication, security)
  • Analytics cookies: to measure audience and improve the website (with your consent)
  • Functional cookies: to remember your preferences (language, theme)

10. Security

[Company name] implements appropriate technical and organizational measures to protect your personal data against unauthorized access, modification, disclosure, or destruction.

11. Policy changes

[Company name] reserves the right to modify this privacy policy at any time. Any changes will be published on this page with an updated date.

[Date]