What personal data do we collect?
1. Creating your customer account
You voluntarily enter personal data for the purpose of creating your customer account on our website. For some personal data, its truthfulness is essential. This duty concerns the following data: first name, surname, address, date of birth, email address, password. The data recorded on the customer account can be viewed and edited by customers at all times. Finally, you can request the complete erasure of your customer account.
If you want to purchase a product from our website, we need different data to be able to fulfil the sales contract. You must provide the following data: first name and surname, postal address, e-mail address, telephone number, payment details, identification data.
Each time this data is processed it is for specific purposes. In this case, the collection and use of your personal data referred to above, namely Surname, First Name, address, e-mail address, telephone number, and payment information, is needed to fulfil our respective contractual obligations. This data is essential for the conclusion, tracking, invoicing and fulfilment of your orders.
Data relating to the fulfilment of orders may be kept for a period of 5 years from the fulfilment of the last order, for the purpose of proving that the orders have been properly fulfilled, and may be archived with limited access beyond this period.
You have the possibility to decide to receive commercial communications by subscribing to our newsletter. For this purpose, we will use your e-mail address. However, you have the possibility to accept or refuse such use of your data in advance. You may also decide at any time to stop receiving commercial communications from us by following the unsubscribe instructions included in each of our emails or by contacting us directly at firstname.lastname@example.org.
The personal data collected in the context of the newsletters will not be stored for more than 3 years.
- absolutely necessary for the use of the basic website functionalities, Prestashop operating cookies
- used for audience measurement and analysis: Google Analytics, Google tag manager - cookie duration: 13 months - For more information, you can check Google information (https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage)
- related to targeted advertising, in particular to offer you products in line with your habits or your previous purchases or products placed in your shopping cart, Google Analytics, Adwords, retention period 13 months
- or social networks: Facebook, Twitter, Pinterest.
SKIN'UP uses operating cookies; these cookies collect anonymous data and cannot track your movements on other sites; they allow the Platform to identify your browser in order to store your account login data, shopping cart data, and preferences.
Audience measurement and analysis cookies are used for audience measurement and statistics in order to improve the Platform and its services, and to detect technical problems.
SKIN'UP does not have control over the cookies that can be placed for analysis (google analytics) and for social networks. For more information, please refer to the information published by Google Analytics https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=en or on the platforms of the various social networks, in particular the privacy policies of these social networks in order to learn about the purposes for which they are used, in particular advertising and browsing data they may collect through these application buttons. These privacy policies must in particular allow customers to exercise their choices with these social networks, in particular by configuring their user accounts for each of these networks.
You also have the means to refuse them:
- In Internet Explorer: "tool" tab (cog symbol at the top right) / "Internet options". Click on "Privacy" and choose "Block all cookies". Confirm with Ok. In Firefox: at the top of the browser window, click the "Firefox" button, then go to the "Options" tab. Click the "Privacy" tab. Set the retention rules to: "use custom settings for history". Finally, uncheck it to "disable cookies". https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies
- In Firefox: on the upper part of the navigator window, click on the button “Firefox” then go to “Options”. Click on “Privacy”. Set the conservation rules, on: “use the personalized settings for history”. Finally, untick to “deactivate cookies”. http://support.mozilla.org/fr/kb/Activer%20et%20d%C3%A9sactiver%20les%20cookies
- In Safari: Click on the menu symbol at the top right of the browser (cog symbol). Select "Settings". Click "Show advanced settings". In the "Privacy" section, click "Content settings". In the "Cookies" section, you can block cookies. https://support.apple.com/kb/PH21411?viewlocale=en_US&locale=en_US
- In Chrome : Click on the menu icon at the top right of the browser (three horizontal lines). Select "Settings". Click "Show advanced settings". In the "Privacy" section, click "Preferences". In the "Privacy" tab, you can block cookies http://support.google.com/chrome/bin/answer.py?hl=fr&hlrm=en&answer=95647
- In Opera : http://help.opera.com/Windows/10.20/fr/cookies.html
The personal data collected by these cookies will be stored for a maximum period of 13 months.
5. How do we protect your personel data?
In accordance with the General Data Protection Regulations, we have the technical and organisational means to guarantee the security of your personal data. Your data is stored on our servers which are located in the OVH Datacenters in France.
6. To whom do we transfer your personel data?
Personal data may be shared with third party companies in the following cases:
- when users use payment services, for the implementation of these services, the Platform is in contact with third party banking and financial establishments with which it has contracts;
- when users authorise a third party website to access their data;
- when the Platform uses the services of service providers to provide advertising and payment services. These service providers have limited access to user data in the context of the performance of these services, and have a contractual duty to use them in accordance with the provisions of applicable personal data protection regulations;
- if required by law, the Platform may send data to respond to complaints against the Platform and comply with administrative and judicial procedures;
These entities are required to provide the same degree of data protection as SKIN'UP itself. In order to ensure payment security, the www.skinup-eboutique.com website uses a secure payment service. This service includes the Secure Socket Layer (SSL) security standard. Confidential data (16-digit bank card number, expiry date and cryptogram) are directly sent in encrypted form to the servers managing this service without passing through SKIN’UP server physical media.
7. You rights
In accordance with Regulation (EU) 2016/679 on the protection of personal data, you have the following rights over your personal data:
- The right to rectify, update or erase your data by logging into your account and configuring the settings of that account;
- The right to object, for legitimate reasons, to the processing of your personal data for purposes other than those announced herein to which you have consented;
- The right to object, free of charge, to the current or future processing by the data controller of the collected data for commercial activities;
- The right to delete your account by writing to the following email address: email@example.com. It should be noted that data shared with other users, such as forum postings, may remain visible to the public on the Platform, even after an account has been deleted;
- The right to obtain information relating to the processing of personal data managed by SKIN'UP and any information allowing to know and, if necessary, to challenge the logic underlying the processing of such data. To do so, you will need to provide proof of your identity.
- Subject also to proof of your identity, the right to obtain a copy of the personal data concerning you, as well as a right of portability over all or part of the said data, in accordance with applicable data protection laws.
These rights can be exercised by writing to the following addresses: firstname.lastname@example.org and Laboratoire Skin'Up, 1 Chemin de la Noraie, 37190 Azay-le-Rideau, FRANCE.
If you encounter difficulties in the management of your personal data, you can file a complaint with the CNIL.