Privacy policy

 

(This is an unofficial translation and should in no way be seen as binding. In case of doubt, please refer to the French text.)

 

Effective 27 April, 2022


Article 1: Preamble

This Privacy Policy is for the boutique.vendomecircle.com website.

The purpose of this Privacy Policy is to inform users of our site about the Personal Information we collect and the following information:

  1. The use of the data collected / The purposes of the processing and its legal basis 
  2. The rights of site users (access, rectification, opposition, deletion, etc.)
  3. The origin of the data collection
  4. Their shelf life
  5. Transfer to recipients or subcontractors
  6. Who has access to the data collected
  7. The site's cookie policy

This Privacy Policy operates in conjunction with the Terms and Conditions of Use of our site, which users can view under the heading "Terms and Conditions of Use".

All Users agree that by using our site, they consent to :

  1. the conditions set out in this Privacy Policy and
  2. the collection, use and retention of the data listed in this policy.

All Users also affirm that they are of legal age.


DEFINITIONS


Personal Data: means any information relating to a natural person, identified or identifiable, directly or indirectly, by reference to a name, an identification number, or to one or more elements specific to him or her, as defined by the applicable Regulations.

Applicable Regulations: means all the laws and regulations applicable in France with regard to the protection of Personal Data, including the law known as "Informatique et Libertés" n°78-17 of 6 January 1978 in its latest version, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data ("RGPD") applicable as of 25 May 2018, and their subsequent texts. 


Article 2: Applicable laws 


In accordance with the General Data Protection Regulation (GDPR), this privacy policy complies with the following regulations.

Personal data must be :

  1. processed lawfully, fairly and transparently in relation to the data subject (lawfulness, fairness, transparency);
  2. collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes; further processing for archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes shall not be considered, in accordance with Article 89(1), as incompatible with the original purposes (purpose limitation) ;
  3. adequate, relevant and limited to what is necessary for the purposes for which they are processed (data minimisation); 
  4. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data which are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (accuracy) ;
  5. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data are processed; personal data may be kept for longer periods in so far as they are processed exclusively for archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes in accordance with Article 89(1), provided that appropriate technical and organisational measures required by the Regulation to safeguard the rights and freedoms of the data subject are implemented (limitation of storage) ;
  6. processed in such a way as to ensure appropriate security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, by means of appropriate technical or organisational measures (integrity and confidentiality).


Processing is lawful only if and insofar as at least one of the following conditions is met:

  1. the data subject has consented to the processing of his/her personal data for one or more specific purposes;
  2. the processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the request of the data subject;
  3. the processing is necessary for compliance with a legal obligation to which the controller is subject;
  4. the processing is necessary to protect the vital interests of the data subject or of another natural person;
  5. the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  6. the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data prevail, in particular where the data subject is a child.


Article 3: Personal data collected


In accordance with the applicable regulations, VENDOME CIRCLE protects the privacy of its users. This article describes the personal data collected on the site, the purposes for which it is collected, the ways in which it is collected and its possible sharing with third parties.


Data relating to the device used to consult the site


  • Examples of personal data collected include: web browser version, IP address, time zone, cookie information, sites or products you visit, search terms and how you interact with the site.
  • Purpose of collection: to load the site accurately for you, and to perform analysis on site usage in order to optimise our site.
  • Source of collection: Collected automatically when you access our site using cookies.
  • Sharing for commercial purposes: shared with our Shopify processor.

Ordering information

  • Examples of personal data collected include: name, billing address, shipping address, payment information (including credit card numbers), email address and telephone number. Please note that shop.vendomecircle.com does not collect credit card information directly. This information is collected and encrypted by one of our payment gateways.
  • Purpose of collection: to provide products or services to you in order to fulfill our contract, process your payment information, arrange for shipping and provide you with invoices and/or order confirmations, communicate with you, review our orders for potential risk or fraud, and, where consistent with preferences you have shared with us, provide you with information or advertisements regarding our products or services.
  • Source of collection: collected from you.
  • Sharing for commercial purposes: shared with our processor Shopify and our partner Tunetoo.

Data relating to contacts with customer service

  • Examples of personal data collected: changes to the information listed above or additional information if necessary.
  • Purpose of the collection: to provide customer support.
  • Source of collection: collected from you.

Please note that we only collect data that helps us to achieve the stated purpose in this privacy policy. We will not collect additional data without informing you in advance.


Article 4: Cookies


A cookie is a small amount of information that is downloaded to the User's computer or device when the User visits the Site. The site uses a number of different cookies, including functional, performance, advertising and social media or content cookies. Cookies enhance the User's browsing experience by allowing the website to remember the User's actions and preferences (such as logging in and selecting the region). This means that the User does not have to re-enter this information each time they return to the site or navigate from one page to another. Cookies also provide information about how people use the website, for example whether they are first-time visitors or frequent visitors.

The site uses the following cookies to optimise the User's experience on the site and to provide the services offered on the site.

Cookies necessary for the operation of the shop

Name

Function

_ab

Used in connection with access to administration.

_secure_session_id

Used in connection with navigation in a shop window.

trolley

Used in connection with the shopping cart.

cart_sig

Used in connection with the cash register.

cart_ts

Used in connection with the cash register.

access code to the cash desk

Used in connection with the cash register.

secret

Used in connection with the cash register.

secure_customer_sig

Used in connection with the customer's connection.

storefront_digest

Used in connection with the customer's connection.

_shopify_u

Used to facilitate the updating of customer account information.


Reports and analysis

Name

Function

tracking_consent

Monitoring preferences.

Landing page

Tracking landing pages

_orig_referrer

Tracking landing pages

_s

Analysis of Shopify.

_shopify_s

Analysis of Shopify.

_shopify_sa_p

Shopify analysis of marketing and referrals.

_shopify_sa_t

Shopify analysis of marketing and referrals.

_shopify_y

Analysis of Shopify.

_y

Analysis of Shopify.


The length of time a cookie remains on the User's computer or device depends on whether it is a 'persistent' or 'session' cookie. Session cookies last until the User stops browsing and persistent cookies last until they expire or are deleted. Most cookies used on the site are persistent and expire between 30 minutes and two years from the date they are downloaded to the User's device.

The User can control and manage cookies in different ways. It should be borne in mind that deleting or blocking cookies may have a negative impact on the User's experience and that some parts of the site may no longer be fully accessible.

Most browsers automatically accept cookies, but the User can choose whether or not to accept cookies through their browser controls, which are often found in the browser's 'Tools' or 'Preferences' menu. More information on how to change browser settings or how to block, manage or filter cookies is available in the browser help file or at sites such as www.allaboutcookies.org.

Please be aware that blocking cookies may not completely prevent the way the site shares information with third parties such as advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the "Behavioral Advertising" section above.

Please note that due to the lack of a consistent industry understanding of how to respond to "Do Not Track" signals, we do not change our data collection and use practices when we detect such a signal from your browser.


Article 5: Purposes of processing 

 

The User's personal data is collected and processed for the purpose of managing orders. This processing makes it possible to access all information concerning the execution of orders (quotations, deliveries, etc.), to offer the User similar products or services that may be of interest to him/her, to produce statistics, to register the User at his/her request for newsletters and to communicate to him/her, with his/her consent, information relating to VENDOME CIRCLE and its partners (news, products and services, commercial prospecting and personalised offers) in their capacity as data controller within the meaning of the RGPD.

This data is collected and processed on the basis of the execution of the contract or pre-contractual measures. 


Article 6: Sharing of personal data and transfers


The User's personal data is shared with service providers in order to provide the services offered and to fulfil contractual obligations, as described above. For example:

  • Vendôme Circle uses Shopify to power its online shop. More information on how Shopify handles your personal data can be found here : https://www.shopify.com/legal/privacy.
  • The User's personal data may be shared to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information, or to protect the rights of Vendôme Circle in any other way.
  • Vendôme Circle uses Tunetoo for some of its services, in particular for the printing and embroidery of items for sale. The User's personal data necessary for the execution of the contract will be shared with Tunetoo in order to provide the purchased item.

Your Personal Information will initially be processed in Ireland and then transferred outside Europe for storage and further processing, including to Canada and the United States. For more information on how data transfers comply with the GDPR, see Shopify's GDPR white paper : https://help.shopify.com/en/manual/your-account/privacy/GDPR.


Article 7: Retention period 


The User's personal data is kept for the period strictly necessary to achieve the purposes for which it was collected, which may not exceed 5 years after the end of the commercial relationship, unless: (i) the User exercises his/her right to delete his/her data, under the conditions described below (ii) a longer retention period is authorised or imposed by virtue of a legal or regulatory obligation. 

If a Site User leaves a comment, the comment and its metadata are retained indefinitely. This allows subsequent comments to be automatically recognised and approved rather than left in the moderation queue.

For the User who registers on our site (if possible), we also store the personal data indicated in their profile. Any User can view, edit or delete their personal information at any time (except for their username). Site managers can also view and edit this information.

When a User places an order through the site, their personal data is retained until the User requests that it be deleted. For more information on your right to erasure, please see Article 10, "User Rights" below.

 

Article 8: Protection of Personal Data 


VENDOME CIRCLE undertakes to protect and ensure the security and confidentiality of the User's personal data in accordance with the RGPD, in particular by taking all necessary precautions to prevent this data from being distorted, damaged or accessed by unauthorised third parties. 

While we take all reasonable precautions to ensure that our user data is secure and that users are protected, there is always a risk of harm. The internet as a whole can be, at times, insecure and therefore we are unable to guarantee the security of user data beyond what is reasonably practical.


Article 9: Minors


The GDPR specifies that persons under the age of 15 are considered minors for the purposes of data collection. Minors must have the consent of a legal representative for their data to be collected, processed and used.


Article 10: Rights of the User 


In accordance with the RGPD, the User has the right to access, rectify and delete personal data, the right to limit processing, the right to object, the right to portability of data and the right to define directives relating to the conservation, deletion and communication of personal data after death. 

If you have an account or have left comments on the site, you can request to receive a file containing all the personal data we hold about you, including that which you have provided to us. You may also request the deletion of your personal data. This does not include data stored for administrative, legal or security purposes.

If you are an EEA resident, you have the right to object to processing based solely on automated decision-making (which includes profiling), where that decision-making has a legal effect on you or significantly affects you.

We do not engage in fully automated decision making that has legal or otherwise significant effect using customer data.

Our Shopify processor uses limited automated decision making to prevent fraud that does not have a legal or otherwise significant effect on you.

Services that include elements of automated decision making include:

  • A temporary list of IP addresses associated with repeated transaction failures. This exclusion list persists for a small number of hours.
  • Temporary list of credit cards associated with denied IP addresses. This rejection list persists for a small number of days.

To exercise these rights, the Customer may:

  • Or, send us an e-mail to the following address 

enquiries@vendomecircle.com ;

  • Or, send us a letter to the following address  

           10 Place Vendôme, 75001 Paris.

The exercise of any of these rights may be refused if the request does not meet the conditions laid down in the regulations. In this case, you will be duly informed.


Article 10: Changes to this Policy 


This Privacy Policy may be amended to maintain compliance with the law and to reflect any changes to the data collection process. It is strongly recommended that all Users check this policy to ensure that they are aware of any updates.