INTRODUCTION

This page describes the principles with which Bleu de Paname collects different types of data about its customers. The elements described in this page are explained in detail in Bleu de Paname 's data protection principles.

This page also details the commitments regarding Bleu de Paname's security and data protection policy.

DEFINITION

In order to avoid an imprecise interpretation, here are some elements for understanding the terms used:

• Personal data: any information relating to an identified or identifiable natural person is deemed to be an “identifiable natural person” a natural person who can be identified, directly or indirectly

• Processing: any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means (collection, recording, transmission, storage, conservation, extraction, consultation, use, interconnection, etc.).

DATA CONTROLLER

Any processing of personal information communicated to Bleu de Paname is carried out under the responsibility of the company PANAME UNDERLINED - 6 BIS CITÉ D'ANGOULÊME 75011 PARIS - siret: 509 331 203 000 42.

HOW DO WE COLLECT DATA AND WHAT IS IT?

The collection of your personal data is most often based on your customer relationship: creation of a customer account on the site, subscription to a newsletter, browsing our pages, etc.

This data includes your name, first name, address, telephone number, email address, date of birth, direct marketing information and consent, order, delivery, invoicing.

The customer information we collect helps us personalize and continually improve your shopping experience at Bleu de Paname . We use this information to process orders, deliver products and services, process payments and communicate with you about your orders, products, services and promotional offers, maintain and update our files and thus your accounts with us, make available to you content such as wish lists and customer reviews and recommend products and services that may be of interest to you.

HOW DO WE MANAGE YOUR INFORMATION?

Please note that Bleu de Paname staff act under an obligation of secrecy when processing data about you. We maintain the confidentiality of your data and ensure that it is only used for predefined purposes. Your data is processed for the purpose of producing and delivering the agreed communication and other services, developing services, invoicing, providing you with the best and most comprehensive services possible, and informing you about our services. We also use your data for customer communication, such as sending information about our services and for direct marketing purposes.

We also use data for customer profiling using billing, usage amounts, duration of customer relationship and external classifications. We use both summarized usage data and person-specific data to create target groups for marketing. We process data of our potential customers for direct marketing purposes. We strive to ensure that customer data is up-to-date and correct. We delete outdated and unnecessary data where possible. We protect all data about you through task-based personal access rights and prevent third parties from accessing the data.

WHERE DO WE SEND YOUR DATA?

We only submit your data to the extent permitted by applicable law and as stated in the file description to authorities and other telecommunications companies. When we use subcontractors, we will sign a security agreement with them that also covers the use of your data. We are also responsible for this kind of handling for you.

BLEU DE PANAME DATA PROTECTION PRINCIPLES

The purpose of this data protection policy is to describe the principles and practices that we observe at Bleu de Paname to ensure the protection of privacy, confidentiality of communication and legal protection of our customers.

Bleu de Paname regularly updates this policy as operations or services change or develop. For this reason, we encourage you to regularly review the latest statement. Important core values ​​for Bleu de Paname include the confidentiality of customer data and communication, as well as the protection of customer privacy in all company operations. When handling our customers' personal data, we follow French legislation, orders and instructions from authorities, and good data processing practices. Bleu de Paname implements a high level of data protection. Personal and identification data as well as location-related data are collected only for specific, predefined and lawful purposes and are not processed in a manner incompatible with these purposes. We protect the security of your personal information during transmission by using Secure Sockets Layer Software (SSL), which encrypts information you enter before it is sent to us.

We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of customer personal information. Our security procedures may require us to ask you for proof of identity before we can disclose your personal information to you. We continually train our staff on the principles of data processing and monitor data usage by appropriate means.

GENERAL PRINCIPLES OF CUSTOMER DATA MANAGEMENT

The processing of personal data must always be justified for Bleu de Paname operations.

Bleu de Paname has defined the purpose of collecting, handling and submitting personal data in the following section.

Bleu de Paname only processes customer data that is necessary for its operations, as defined in the purpose of use indicated in the file description for the customer register. We strive not to process incorrect, incomplete or obsolete data. The processing of customer data is generally based on a relevant relationship, information received when using or registering a service or your consent. We may also process your data for other reasons, for example at your request or when required by law. Your information may be processed within Bleu de Paname . We encourage our customers to regularly update their contact information.

We record your conversations with our customer service to verify a business transaction, to respond to your requests and to monitor and develop the quality of the service. Please note that as a customer of Bleu de Paname , you have the right to check what data about you has been stored in our information systems, or that there is no data about you in our file. You can also refuse the use of your data in accordance with the relevant legislation. The inspection can be carried out once a year free of charge. The request for data inspection must be made with a document signed between Bleu de Paname and you.

COLLECTION, STORAGE, EXTRACTION AND PROCESSING OF PERSONAL DATA

Register of data collected directly via Bleu de Paname services

Contact form
Data collected: email and message
Objective pursued: Customer relationship management
Data retention: Recording in database
Shelf life: 1 year
Access to data: Bleu de Paname customer relations department
Is the data stored or processed outside the EU: No

Customer account creation
Data collected: name, surname, address, telephone number, email address, date of birth, direct marketing information and consent, company contact information, company name, information provided by yourself, customer classification information, order, delivery, agreement and invoicing.
Objective pursued: Order and its follow-up - Address - Returns - Credit
Is the data stored or processed outside the EU: No

Loyalty management
Data retention: Recording in database
Shelf life: Customer lifetime
Access to data: Logistics (partially, only data related to the processing and shipping of your order) - Marketing department - Customer service
Is the data stored or processed outside the EU: No

REGISTER OF DATA TRANSMITTED TO SUBCONTRACTORS VIA BLEU DE PANAME SERVICES

The Post Office
Service provider information: https://www.laposte.fr/
Provider location: France
Objective pursued: Deliveries
Is the data stored or processed outside the EU: No

Shopify
Provider information: https://www.shopify.com/
Provider location: France
Objective pursued: E-commerce
Is the data stored or processed outside the EU: No

Facebook
Provider information: https://www.facebook.com/
Provider location: United States
Objective pursued: Connection to your customer account on the site via your Facebook account
Is the data stored or processed outside the EU: Yes
GDPR charter of the service provider: https://www.facebook.com/business/gdpr

Google Analytics
Provider information: https://analytics.google.com/analytics
Provider location: United States
Objective pursued: Analysis of site traffic + Remarketing
Is the data stored or processed outside the EU: Yes
Service provider's GDPR charter: https://privacy.google.com/intl/fr_fr/businesses/compliance/

SENDING AND SHARING DATA

Bleu de Paname may only submit your data to third parties in accordance with applicable legislation. We submit information upon request to authorities, such as the police and security authorities, as well as other authorities for reasons specified by law. Information about our customers is an important part of our business and it is not our business to trade in it. We share this information only in the cases previously expressed and for the purposes described in this privacy policy with

Bleu de Paname controls and which are either subject to this privacy policy or apply rules at least as protective as those described in this privacy policy. In addition, we may submit your data to subcontractors, in which case we will ensure that the confidentiality of the data is maintained, and we will also be responsible for the management of the data in this case. If we process your data outside the EU region, we will protect your data by ensuring that the subcontractor guarantees the appropriate treatment of the data.

PROCESSING OF IDENTIFICATION AND LOCATION DATA RELATED TO ELECTRONIC COMMUNICATION

Bleu de Paname treats all data and messages created during communication as confidential. Our staff is bound by an obligation of secrecy and a prohibition on using messages or other confidential information. When communication takes place via a network, it always leaves a trace. These network traces are called identification data if they can be connected to a person. Network traces are created, for example, during telephone calls, sending e-mails and SMS messages and surfing the Internet, and may contain information about the correspondents, the connection route or routing, the data transfer protocol used, the event and the terminals used or their location.

Bleu de Paname manages the identification and location information of the communication in accordance with the law in force for the purposes, for example, of the implementation and use of the services, billing and technical development, consent, marketing. The data may also be used for billing other service providers to the extent necessary.

Bleu de Paname can also manage identification data in the event of misuse, data security breach and breakdown repair.

In all of the above situations, we process identification and location data only to the extent that it is necessary to perform a certain specific task.

USE OF LOCATION DATA

A real location method where another person can track another person's location requires the consent of the person to be located. The customer may not be located at all if they decline geolocation services. If we submit location information to location service providers, we ensure by appropriate means that there is consent of the person to be located.

DURATION OF PROCESSING OF IDENTIFICATION AND LOCATION DATA AND STORAGE OF DATA

We process identification and location data for as long as necessary for the purposes of billing, technical development, troubleshooting, marketing, investigating misuse or data security. However, the handling only takes place to the extent required by the actions and without unduly compromising the confidentiality of a message and the protection of privacy. We store the data required for billing for at least one year from the due date of the invoice and for a period not exceeding three years from the due date of the invoice, unless there is a need to retain the data for a longer period. related to the collection of the invoice. Otherwise, the data is stored to the extent permitted and required by the relevant legislation.

WEBSITES, TRACKING VISITS

We also collect data about website visits. This data includes the IP address and corresponding DNS name, the organization that registered the IP address, the name and address of the page visited, the time the page was loaded, and the browser type.

Please note that the IP address is an identification required for the operation of the Internet, used to direct messages transmitted over the Internet to the appropriate places. As a rule, the IP address is not connected to the person using the computer, but it can be connected to the organization that registered the IP address. The IP address connection can be established at the request of the authorities.

COOKIES

As a Bleu de Paname customer, you can view our websites anonymously.

However, like most websites, we use cookie technology.

When you view our website, the cookie sets a random number for the browser that does not indicate your identity. Cookies help Bleu de Paname determine which sections of its websites are the most popular, where visitors go and how long they stay there. The data is used to implement and develop services and target advertisements on the websites. You can prevent the storage of the cookie by changing the settings of your browser. In some cases, prevention may slow down or make it impossible to navigate the pages or the website.

DATA SECURITY

We ensure the security of our services' data using methods proportionate to the severity and sophistication of the threats and the cost.

Bleu de Paname takes care to carry out actions aimed at preventing data security breaches or eliminating disruptions that affect data security. In addition, we use all means to ensure that the confidentiality of messages or the protection of privacy is not unduly compromised when carrying out the above actions.

We provide information about our services' data security actions and other data security issues through appropriate channels, such as our website or customer newsletters.

In order to prevent data security breaches and eliminate disruptions affecting data security, we may, among other things, prevent the receipt of electronic messages, remove viruses and other malware from messages and take other comparable technical measures. Necessary measures within the permitted and required limits specified in the relevant legislation. We use physical, administrative and technical protection measures to keep messages and identification data transmitted over the communication network secret. These actions reduce the risk that data about you will be disclosed to third parties and prevent misuse or other unauthorized access. Some of our services also use standardized encryption methods. Please note that as a user of Bleu de Paname services, you must also use the most appropriate methods to ensure your own data security. We encourage you to store and use our Services and your devices carefully and control their use, for example by using secure codes and unique passwords, and to use sufficient anti-virus and firewall services and keep them and the operating system updated.

CUSTOMER COMMUNICATION AND DIRECT MARKETING

Bleu de Paname sends customer messages regarding its products and services to its customers via the consent available in the customer account. Bleu de Paname also sends direct marketing messages in electronic format. You have the right to prohibit Bleu de Paname from 'send direct marketing messages. You can prohibit marketing by following the instructions included in the direct marketing message or through your customer account available on our website.