The protection of your personal data and the respect of your privacy are ensured on the site cedeux.fr in strict respect of the GDPR.
The purpose of this policy is to inform you of our practices regarding the collection, processing and sharing of data you provide to us as part of our e-commerce activity.
We consider your personal data to be confidential data to which we pay special attention.
Personal data means any data that directly or indirectly identifies you, including your name, gender, age, postal address, telephone number, e-mail address, your IP address, as well as any other data communicated directly by you, including on our website or generated by your browsing or the contacts we may have with you through our customer services.
In accordance with legal and regulatory obligations, we collect, use, share and store this information under enhanced security conditions and for limited periods of time, proportional to the purposes for which you have communicated them to us.
1. DATA COLLECTION
You trust us to process your data and we want to be transparent about how we collect it.
We collect the data you provide when you use our website, including when you:
Browse the pages of the site;
Create a customer account;
Add products to your shopping cart;
Place an order;
Contact us by email or phone;
Under no circumstances do we automatically collect the e-mail address of visitors without their intentional communication.
In addition, certain information requested in the forms for entering the address of purchase orders is mandatory and is indicated by an asterisk. Their collection is necessary to process your application.
2. NATURE OF DATA AND PURPOSES OF DATA PROCESSING
The person responsible for processing is Ms Cécile Chevallard..
The information collected about you allows us to manage your purchases. We use your personal data for the purposes for which you have provided it, which are based on one or more of the following legal bases:
The performance of the services we offer you;
Our legitimate interests;
A legal, regulatory, judicial or administrative obligation.
The table below shows the data we are likely to collect, the ways in which we use it, as well as the intended purpose and legitimate interests.
Surname/first name: Identify yourself, Provide the product or service to the person named eligible.
Mailing address: Ship and deliver your orders, Contact you, Execute a contract, Communicate with you, Identify you, Inform you, Execute a contract.
E-mail address: Identify yourself, Contact you.
Phone number: Contact you, Execute a contract, Improve your customer experience.
Gender: Identify yourself, Execute a contract, Payment information, Securely record your payments, Refund you, Execute a contract.
Purchase data: Manage your orders, Execute a contract, Improve our services and your customer experience
Login data: Enable the finalization of an order, Execute a contract, Improve our services and your customer experience.
Password: Enable and secure your connection, Execute a contract, Prevent abuse and security breaches.
3. TRANSMISSION OF PERSONAL DATA TO THIRD PARTIES
Your personal data, collected on the site cedeux.fr are not transmitted to any third party outside of the possible subcontractors for the payment and the sending of your order and are used exclusively as indicated in this policy.
4. DATA RETENTION PERIOD
We retain your data for the duration of our business relationship and in any case for the period necessary for the purpose of processing your order.
5. RIGHTS OF DATA SUBJECTS
The use of your data is possible either because of the performance of our contractual relations, or because you have expressly consented to it, to protect and guarantee our legitimate interests or to meet legal obligations.
However, at any time, you have the right to access, portability, rectification and erasure of your data or to restrict their processing. You can exercise these rights by email at firstname.lastname@example.org:
You may also object, for legitimate reasons, to your personal data being processed or stored in our files.
If, for whatever reason, you consider that our response is not satisfactory, you can file a complaint with the CNIL (Commission Nationale de l'Informatique et des Libertés), responsible for ensuring the protection of personal data on French territory.
6. COMPUTER SECURITY
6.1 General principle
We implement appropriate technical and organisational measures to ensure the availability, integrity and confidentiality of your personal data and prevent any possible destruction, loss, alteration, disclosure, unauthorized intrusion or access to such data, either accidentally or unlawfully.
6.2 Transaction Security
We pay particular attention to security issues regarding online payment.
Encryption is an indispensable means to ensure a high level of security of transactions on our site. We have adopted the SSL encryption process to protect all data related to personal information and means of payment.
We use an SSL certificate to authenticate exchanges between your browser and our website and encrypt data exchanges.
6.3 Security Vulnerability Management
We undertake to notify cases of personal data breaches as soon as possible and, if possible, no later than 72 hours after becoming aware of them, to the competent supervisory authority, that is to say the CNIL, if the violation in question is likely to pose a risk to your rights and freedoms.
We also undertake to notify you as soon as possible when this violation is likely to pose a high risk to your rights and freedoms. We will also communicate to you the measures taken to remedy the breach of your data, including measures to mitigate the consequences.