In accordance with the European Regulation 2016/679 of 27 April 2016 (known as the "General Data Protection Regulation" or RGPD)
This personal data protection charter (hereinafter: the "Charter") describes the commitment of the AFTER BEACH Site - RCS Toulouse 818 720 997 00019 - 11 Impasse Aragon 31130 Balma - France - N°TVA : FR07 818720997 published by Mrs Tiphen LE PORT as the data controller with regard to the respect of privacy and the protection of the personal data of its users This Charter has been drawn up to enable you to become acquainted with the practices and conditions under which AFTER BEACH collects, uses and stores your personal data (hereinafter: the "Data").
It describes the various types of Data that we may collect and process or that you may provide to us when you access and/or use the www.after-beach-en.com website (the "Website") on which our products are sold. The term "Site" refers only to www.after-beach-en.com
Given the constant evolution of the laws and regulations concerning technology and the protection of personal data, it is likely that this Charter will be updated. If you are a user of the Site, you will be informed of any changes by e-mail.
If any of the clauses of this Charter should be declared null and void or contrary to the regulations, it will be deemed unwritten but will not entail the nullity of the other clauses of this Charter.
The present Charter applies to the Data collected:
- Via simple navigation on the Site
- Via emails exchanged between AFTER BEACH and you or any other email tool
- When you create a user account on the Website
- When you place an order on the Website
- When you subscribe to the Website's newsletter (the "Newsletter")
It does not apply to information collected by any third parties or through sites operated by them, including through applications or content (including advertisements) that redirect the user to the Site. Please read carefully the Charter concerning the processing of your Personal Data.
1. WHAT DATA IS COLLECTED BY AFTER BEACH
Depending on the nature and purpose of your interaction with AFTER BEACH (creation of a user account, subscription to the Newsletter, completion of contact forms, as well as during any telephone exchanges) we are likely to collect the following Data:
- Your e-mail address will be requested if you wish to create a user account, communicate with us via the contact forms and/or receive our Newsletter
- Data relating to your identity such as your name, first names, e-mail address, postal addresses and telephone numbers may be requested
- Data relating to navigation: this is Data relating to the way in which you use the Site including: IP address, the browser used, the duration of navigation, the search history, the operating system used, the language and the pages viewed
- Data about your visits to the Site, including traffic data, log files and other data or communication resources you use when accessing the Sit
- Data relating to orders: your postal address is required for invoicing purposes. Similarly, your bank details, PayPal, or other financial partner must be filled in to pay for your order
- Data relating to the use of social networks when you use their features.
2. HOW YOUR DATA IS COLLECTED
3. WHY WE COLLECT YOUR DATA
If you are an ordinary user, we collect your Data to :
- Send you our Newsletter and/or personalised commercial offers if you have consented to this
- Manage orders and execute the contract
- Ensure the security and traceability of purchases on the site
- Send you information about your account (including purchase invoices, order history)
- To manage your requests made via the contact page
- Allow you to leave a review of products and/or the Site
- Inform you of changes to the Site or our product and service offering
- To fulfil our rights and obligations under contracts with users and for any other lawful purpose.
- To secure your browsing and to enable us to improve your user experience, including recognising the username and password you have already provided so that you do not have to enter them on every page of the Site where they are required. Refusal to do so will prevent you from ordering from the Site (i.e., no identification).
- analyse traffic and data on the Site in order to measure the number of users of the Site, to make it easier to use and to ensure its ability to respond quickly to your requests.
Refusal to complete the Site's form(s) correctly may block access to certain pages, particularly those concerning the ordering of products or services.
4. WHO PROCESSES YOUR DATA
Your Data is processed by AFTER BEACH staff and collaborators in charge of
- The management of the Website (orders and shipments)
- The management of the support, to answer all your questions
- The management of the invoicing.
In addition, within the framework of our activity, and for processing purposes, your Data may be communicated to subcontractors, service providers or other third parties, and in particular
- Accounting services
- Tax services
- Google Analytics
Each of these parties respects a commitment to confidentiality concerning the use and processing of personal data.
For the management of payment and in order to facilitate the experience of its users, AFTER BEACH offers the following means of payment to make purchases on the Website:
- Online payment by credit card (Carte Bleue, Visa, Eurocard / Mastercard) managed by Stripe
- Online payment by PayPal
AFTER BEACH has no access to your credit card details and numbers. All transactions are secured using SSL encryption, guaranteeing both the identity of the payment organisation and the confidentiality of the data.
All of the above-mentioned subcontractors, service providers, partners or other third parties are bound by contractual obligations to respect the confidentiality and protection of the Data and to process it only for the purposes for which we provide it to them.
Your Data may be transferred to any purchaser or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of AFTER BEACH's assets due to uncertainty or bankruptcy, liquidation or other processes in which AFTER BEACH's User Data is one of the transferred assets.
Finally, we may also disclose your Data:
- to comply with any mandate required by applicable law, including governmental and regulatory requests
- if we believe that disclosure is necessary or appropriate to protect the rights, property or safety of AFTER BEACH, its customers or other stakeholders.
This possible disclosure includes exchanging information with other companies and organisations for the purpose of protecting against fraud and forgery.
5. HOW LONG DO WE KEEP YOUR DATA
AFTER BEACH will only keep your Data for the period of time necessary for the purposes set out in Article 3. This retention period is not the same for all Data, as the nature and purpose of the collection may vary. Similarly, certain legal obligations impose a specific retention period.
When you subscribe to the Newsletter, we keep your email address until you unsubscribe.
When you contact AFTER BEACH by e-mail, via the contact form or when you contact us by telephone, your data may be kept :
- up to one (1) year from the last contact if you do not have a customer account or an order made on the Website.
- up to ten (10) years (legal duration) from the last order placed on the Site, if this information concerns this order.
- In all other cases, the retention period of the Data exchanged shall not exceed one (1) year.
With respect to your user account, all of your billing information is retained for ten (10) years from the date of purchase, even if you have made a request to deactivate your user account.
If you wish to request deletion of Personal Data, please use the contact page of the Site or send us an e-mail: firstname.lastname@example.org. Your user account on the Site will be deactivated and anonymised, and then completely deleted at the end of the above-mentioned periods from the day you made the request. Finally, with regard to the Data collected by means of cookies or tracers, they will be kept for up to six (6) months for cookies or tracers measuring the audience and up to thirteen (13) months for the others. Beyond the above-mentioned retention periods, your Data will be anonymised and kept exclusively for statistical purposes.
6. HOW YOUR DATA IS PROTECTED
Your Data is stored on a secure server protected by a firewall and antivirus. We have put in place technical and organisational measures to ensure the security and confidentiality of your Data against accidental loss and against unauthorised access, use, modification and disclosure. However, due to the inherent characteristics of the Internet, it is impossible for us to guarantee the optimal security of information exchanges on this network. While we strive to protect your Data, we cannot guarantee the absolute security of information transmitted to the Site. You agree that you transmit your Data at your own risk. We cannot be held responsible for any breach of the privacy settings or security measures in place on the Site. As such, you agree that the security of your information is also your responsibility. For example, it is your responsibility to keep your user account password secret. Under no circumstances should you disclose it to third parties. Similarly, you should be careful about disclosing information in the public areas of the Site, as these areas may be viewed by any user of the Site.
7. WHAT ARE YOUR RIGHTS
You can choose how the Data you provide to us is used:
- You may browse the Site without providing any Data. If you do, you will not be able to use certain features of the Site and in particular, to make purchases (if you are an ordinary user) and/or downloads from the Site.
- You may refuse to provide your bank or PayPal details and/or your postal address. In this case, you will not be able to make any purchases on the Site
- You can decide not to receive the Newsletter and our personalised offers: in this case, you just need to log in to your user account on the Site or click on the link in the e-mail sent to you.
In any case, you can access your user account at any time to consult or update your Data and to unsubscribe from our Newsletter if you were registered. In accordance with the provisions of the regulations applicable to the protection of personal data, in particular the European Regulation 2016/679 on Data Protection (the "RGPD") as well as the law of 6 January 1978 n°78-17 known as "Informatique et Libertés" and its amendments, you have a right of access and a right of rectification on your Data.
In addition, subject to the conditions provided for by the aforementioned regulation for the exercise of these rights, you benefit from :
- a right to the deletion of your Data (except for accounting data which must be kept for 10 years as required by French law - Article L123-22 of the French Commercial Code)
- A right to limit the processing of your Data
- A right to object to the processing of your Data for legitimate reasons, in accordance with Article 21 of the RGPD
- a right to portability of the Data you have provided (for automated processing based on consent or the performance of a contract)
- The right to withdraw consent, where consent has been requested from you. Where the processing of your Data is carried out on the basis of your consent, you may withdraw it at any time.
However, you acknowledge that the processing carried out prior to the withdrawal of your consent remains perfectly valid. You also have the right to object without giving any reason to AFTER BEACH's analysis of your Data in order to share it for marketing purposes.
However, in accordance with Article 12.6 of the RGPD, in order to exercise these rights, AFTER BEACH, as the party responsible for this processing, reserves the right to ask you to prove your identity. We inform you that the data allowing us to prove your identity will be deleted once we have responded to your request. You can exercise these rights by contacting our customer service or at the following address AFTER BEACH - 11 Impasse Aragon - 31130 Balma - France.
We have a period of one month to respond to any request relating to the exercise of your rights. This period may be extended by two months, due to the complexity or excessive number of requests.