ARTICLE 1 – PERSONAL INFORMATION COLLECTED
When you make a purchase on our store, as part of our buying and selling process, we collect the personal information you give us such as your name, address and email address.
When you browse our store, we also automatically receive the Internet Protocol address (IP address) of your computer, which allows us to obtain more details about the browser and operating system you are using.
All information we collect from you may be used to:
- Customize your experience and meet your individual needs
- Provide personalized advertising content
- Improve our website
- Improve customer service and your support needs
- Contact you by email
- Administer a contest, promotion, or survey
Email Marketing: With your permission, by signing up to our newsletter, we may send you emails about our store, new products and other updates.
ARTICLE 2 - CONSENT
How do you get my consent?
When you provide us with your personal information to complete a transaction, verify your credit card, place an order, schedule a delivery or return a purchase, we assume that you consent to our collecting your information and using it to this end only.
If we ask you to provide us with your personal information for another reason, such as for marketing purposes, we will ask you directly for your express consent, or we will give you the opportunity to refuse.
How can I withdraw my consent?
If after giving us your consent, you change your mind and no longer consent to our contacting you, collecting your information or disclosing it, you can notify us by contacting us at firstname.lastname@example.org or by mail at :
E-Shop Customer Service
6, rue Maryse Bastie
ARTICLE 3 – DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms and Conditions of Sale and Use.
ARTICLE 4 – ACCOMMODATION
Our store is hosted on an OVH.com server. They provide us with the online e-commerce platform that allows us to sell our services and products to you.
Your data is stored in the OVH.com data storage system and databases.
Backup Platform physical data storage sites
Datacenter OVH SGB-2
Datacenter OVH GRA-1
The company hosting the data backup is 772424.com
Chemin du Petit Cabri
13100 Le Tholonet
ARTICLE 5 – SERVICES PROVIDED BY THIRD PARTIES
In general, the third-party providers we use will only collect, use and disclose your information to the extent necessary to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies regarding the information we are required to provide to them for your purchase transactions.
With respect to these providers, we recommend that you read their privacy policies carefully so that you can understand how they will treat your personal information.
It should be remembered that some providers may be located or have facilities located in a jurisdiction different from yours or ours. So if you decide to proceed with a transaction that requires the services of a third-party provider, then your information may be governed by the laws of the jurisdiction in which that provider is located or those of the jurisdiction in which its facilities are located.
For example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, the information belonging to you that was used to complete the transaction may be disclosed under the laws of the United States. United States, including the Patriot Act.
You may be required to leave our website by clicking on certain links on our site. We assume no responsibility for the privacy practices exercised by these other sites and recommend that you read their privacy policies carefully.
ARTICLE 6 – SECURITY
To protect your personal data, we take reasonable precautions and follow industry best practices to ensure that it is not lost, misused, accessed, disclosed, altered or destroyed inappropriately.
If you provide us with your credit card information, it will be encrypted using the SSL security protocol and stored with AES-256 type encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
Security measures implemented with regard to the storage of data from the Backup Platform
Data Storage Security:
Encryption: AES CBC ESSIV algorithm
Key: SHA with a length of 256 bits or more
Passphrase: random length between 256 and 512 characters composed of numbers, letters and symbols, typed interactively each time backup nodes are started to ensure that a physical theft of the server makes the data inaccessible
Data Transfer Security:
Encryption: SSH AES CBC
Key: RSA with a length of 2048 bits or more
Passphrase: random length between 12 and 32 characters composed of numbers, letters and symbols
Data recovery method in case of problem
Remote connection by SSH or physical access to the servers by our intervention team in extreme cases.
Payments for purchases are made through direct payment gateway, PayPal and Payzen, which store your credit card information. This information is encrypted in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). Information relating to your purchase transaction is kept for as long as necessary to finalize your order.
Our shop only hosts incomplete banking information.
All direct payment gateways are PCI-DSS compliant, managed by the PCI Security Standards Council, which is a joint effort of companies such as Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card data by our store and its service providers.
ARTICLE 7 – COOKIES
Here is a list of cookies we use. We have listed them here for you to choose whether you want to allow them or not.
TW_SESSION_ID, TW_SESSION_SEQUENCE, TW_VISITOR_ID: session identifiers, used to store information about your session (referrer, landing page, etc.).
PrestaShop-0d525f8979c4ab7e0d71bf49bb1b641c persists for 3 weeks
__lglaw persists for one year.
_cae persists for two months.
_pk_id. and _pk_ses. : audience identifiers, used to store information about your session (referrer, landing page, etc.), persist for one week.
If our store is acquired by or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, file a complaint, or simply want more information, contact our Privacy Compliance Officer at contact@loding. fr or by post to:
E-Shop Customer Service
6, rue Maryse Bastie