Privacy Policy

We ask you to read this privacy policy carefully to understand how your personal data is collected, processed and stored during your use of this website (hereinafter the “ Site ”).

All personal data collected on this website are processed under the responsibility of the company DANYBERD, a simplified joint stock company with share capital of 37,500 euros registered in the Lyon Trade and Companies Register (RCS) under number 305 445 975, and whose head office is located at 3 rue Vauban, 69006 Lyon (hereinafter the “ Company ”, “ our ”, “ we ” and “ our ”).

This policy describes:

1. How does the Company use your personal data?
2. Who has access to your personal data?
3. How does the Company protect your personal data?
4. Where does the Company host your personal data?
5. How you can exercise your rights relating to your personal data?
6. What cookies does the Company use?
7. Updates to this policy
8. How to contact us
9. How does the Company use your personal data?

The Company may use your personal data for the following purposes:

1. Create your customer account on the Site
2. Manage product orders on the Site
3. Send you informational emails on products similar to those already purchased
4. Send you our newsletter
5. Produce traffic statistics for our Website
6. Respond to your contact request made from the Site contact form or from the form to become a wholesale partner

Most of the processing operations listed above are necessary for the execution of the contract entered into with the Company when you use our website to order the products available for sale on the Site, or necessary for the accomplishment of pre-contractual measures when you decide to complete the contact form on our Site in order to become a wholesale partner of our Company.

The processing of your personal data in order to send you informational emails is based on our legitimate interest in retaining our prospects and customers. You can end these emails and requests at any time via the functionality provided for this purpose or by simple request by email.

The processing of your email in order to send you our newsletter or produce visitor statistics is also based on your consent to subscribe to our newsletter, or that relating to the acceptance of audience measurement cookies used on our Site. . You can unsubscribe from our newsletter at any time via the functionality provided for this purpose or by simple request by email. You can also withdraw your consent to the use of cookies via the functionality provided for this purpose on our Site.

Finally, the legal basis for processing your personal data when you complete the contact form on our Site will depend on the subject of your request.

2. Who has access to your personal data?

Within the Company, and with regard to each processing purpose, personal data concerning you are collected, processed and stored by authorized personnel of the Company, only within the framework of their respective skills, and in particular by customer service, the marketing department and the IT department.

We do not share personal data with other companies, organizations and individuals except in the following circumstances:

(1) Sharing with our service providers: The Company may disclose your information to companies that provide services for us or on our behalf. Examples of these service providers include companies which offer services necessary for the operation of the Site, such as the Site's administration and hosting platform, Shopify, or our service providers allowing us to manage our mailing campaigns or customer reviews posted on our website.

(2) In fulfillment of a legal obligation, sharing in accordance with laws and regulations: the Company, may share your information as required by laws and regulations, to resolve legal disputes, or as otherwise required. stipulate the judicial or administrative authorities under the law.

The Company will ensure the legality of any sharing of personal data via data processing clauses with the companies with which your personal data is shared, requiring them in particular to comply with this policy and to take security and confidentiality measures. appropriate when processing personal data.

3. How does the Company protect your personal data?

The Company attaches great importance to the security of your personal data and has implemented measures consistent with industry standards to protect your personal data and to prevent unauthorized access, disclosure, use, modification, alteration or loss of this information.

We have also taken the necessary precautions to ensure that our host preserves the security and confidentiality of the data and in particular prevents it from being altered, compromised or communicated to unauthorized persons.

The Company also adopts the following organizational measures:

(1) We take reasonable and feasible measures to ensure that the personal data collected is minimal and relevant as necessary, having regard to the purposes for which it is processed.

(2) We retain your personal data for the period strictly necessary for the purpose of the processing, unless retention of your data is required or permitted by law. For example, we keep data related to the execution of your orders for the period required by law for the retention of accounting records, namely a maximum of 10 years from the financial year concerned.

(3) We deploy access control mechanisms to ensure that only authorized personnel can access your personal data.

In the event of a personal data breach, the Company will comply with applicable legal and regulatory requirements for notifying personal data breaches to the relevant supervisory authorities and/or data subjects.

4. Where does the Company host your personal data?

Your personal data will be hosted within the hosting infrastructures of our host Shopify, located in Canada.

Canada benefits from an adequacy decision from the European Commission recognizing that this country benefits from adequate protection in terms of the protection of the processing of personal data carried out in the context of commercial activities.

We do not transfer your personal data to service providers established in countries outside the European Union and not offering an adequate level of protection with regard to legal requirements for the protection of personal data.

The only service providers established outside the European Union that we use and can have access to the data are located in the United Kingdom, which also benefits from an adequacy decision from the European Commission recognizing that this country benefits from protection adequate in terms of protection of the processing of personal data.

We also use certain service providers located in the United States, but only if they are certified by the Data Privacy Framework, thus authorizing the transfer of data to these service providers under the adequacy decision taken by the European Commission in this regard.

5. How can you exercise your rights relating to your personal data?

You have a right of access, rectification, erasure, limitation, opposition concerning the processing of your personal data as well as the right to define directives relating to the fate of your data after your death and the right to the portability of your personal data.

You can contact us at any time at the addresses indicated in the “How to contact us” section below in order to exercise your rights regarding personal data under the conditions set by the applicable regulations. You must indicate which right you intend to exercise as well as all the necessary details so that we can respond to your request.

These rights are exercised under the conditions set by the applicable regulations.

• The right of access means that you can ask us at any time to tell you whether we are processing personal data concerning you and, if so, to tell you what personal data are concerned as well as the characteristics of the processing(s) carried out.
• The right to rectification means that you can ask us to rectify your personal data when it is inaccurate. You can also request that your personal data, if incomplete, be completed to the extent that this is relevant to the purpose of the processing in question.
• The right to erasure means that you can request to erase your personal data in particular when: (i) their conservation is no longer necessary in view of the purposes for which they were collected (ii) your personal data is processed on the basis of your consent, you wish to withdraw this consent, and there is no other legal basis which could justify the processing (iii) you have objected to the processing of your personal data and you therefore wish them to be erased (iv) your personal data has been the subject of unlawful processing; (v) your personal data must be erased to comply with a legal obligation which is provided for either by European Union law or by French law.
• The right to limitation means that you can ask us to limit the processing of your personal data (i) when you contest the accuracy of your personal data for a period allowing us to verify the accuracy thereof, (ii) when following processing established as non-compliant, you prefer the limitation of the processing to the complete erasure of your personal data (iii) when we no longer need your personal data for the purposes of the processing but they- these are still necessary for you to establish, exercise or defend legal rights; (iv) when you have objected to the processing of your personal data and you wish to limit the processing for the period allowing us to verify whether the legitimate reason you invoke is justified. Restriction of processing means that the processing of your personal data will then only mean the storage of your corresponding personal data. We will then no longer carry out any further operations on the personal data in question.
• The right to object means that you can object to the processing of your personal data, when this processing is based on the pursuit of the legitimate interests of the Company. The right to object is exercised subject to providing a legitimate reason relating to your particular situation. We will then cease the processing in question unless there are legitimate and compelling reasons justifying continuation in accordance with the applicable regulations.
• The right to define directives relating to the fate of your data after your death allows you to make known your instructions concerning the conservation, erasure and communication of your personal data after your death.
• The right to portability means that you can ask us, under the conditions set by the applicable regulations, to receive your personal data in a structured, commonly used and machine-readable format, and to transmit them to you, or to ask us to transmit directly to a third party of your choice when legally and technically possible.

When we process your personal data on the basis of your consent, you finally have the option to withdraw your consent at any time by contacting the addresses indicated in the section below “How to contact us” or by clicking, where applicable, on the unsubscribe link present in each of our commercial communications.

However, the withdrawal of your consent does not call into question the validity of the processing carried out before this withdrawal.

6. What cookies does the Company use?

We use different types of cookies on our Site.

A cookie is a tracker placed on your terminal which is used to record information relating to your consultation and navigation on the Site. When you connect to the Site, we may install cookies on your terminal.

We first use so-called technical cookies which are cookies strictly necessary for your navigation on the Site and the operation of certain specific features. These include cookies which allow information entered into a form on the Site to be saved (such as delivery information, for example).

Our site being created via Shopify, you can find more information on the technical cookies used by our Site in the “Cookies necessary for the operation of the store” section of the Shopify conditions accessible here: https://www.shopify.fr/ legal/cookies

We also use audience measurement cookies which allow us to collect and analyze statistics such as the number of visits, unique visitors, page views or to produce other aggregate statistics on the activities of the Site in order to to optimize our Site as best as possible. We use more specifically for this purpose the audience measurement cookies provided by Shopify, or the “Google Analytics” cookie provided by Google and allowing us to produce such audience measurement statistics.

When you visit our Site for the first time and the Company plans to place cookies, other than so-called “technical” cookies on your terminal, we inform you that we use cookies using an information banner . You will then have the opportunity to consent to the use of such cookies.

By consenting to the use of these third-party cookies, you thereby agree that we transfer the data collected from the cookies to the third parties who originate these cookies, namely Google or Shopify . We invite you to consult the practices of these third-party publishers regarding the protection of personal data by clicking on their name, to the extent that these publishers can reuse the data concerning you from these cookies, for their own purposes. .

You have a certain number of options allowing you to deactivate non-technical cookies subsequently, including in advertising matters, namely:

• You can click on the link provided on our Site to directly configure your cookie preferences.

• You can also go to the following site to select the cookies you wish to deactivate: http://www.youronlinechoices.com/fr/controler-ses-cookies/

• To delete cookies published by Google, you can deactivate them directly via Google by going to the following page:

 https://tools.google.com/dlpage/gaoptout?hl=fr 

1. Updates to this policy

The Company reserves the right at any time to modify or update, in whole or in part, this policy, due to the modification of the regulations applicable to the protection of personal data or the data processing carried out.

Any substantial modification of the policy will be notified to you by e-mail when you have provided us with a valid e-mail address and will be published on the website. We recommend that you regularly read this policy in order to have complete knowledge of our commitments in terms of security and protection of your personal data.

VII. How to contact us

If you have any questions, comments or suggestions, please contact us by simple written request by post to DANYBERD 3 rue Vauban, 69006 Lyon or via the contact form provided on the Site.

If you are not satisfied with the response provided by the Company to a request to exercise rights in accordance with Article V above or you wish to report a violation of the applicable data protection regulations, you have the right to submit a complaint to the CNIL by mail (CNIL - 3 Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07) or on its website (www.cnil.fr), or to the authority of data protection of the country in which you usually reside or work.