Privacy Policy

Here, we share our expertise, our advice, and our vision for skincare.

This Privacy Policy applies to all personal data collected and/or processed by the publisher of the “Céline Staubli” website.

Definition

  • “Site”:refers to all pages accessible via a web browser at the following address: https://www.cdermabyceline.com/
  • Data”: in this policy, refers to all personal data, as defined by applicable law, including Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR), relating to a natural person;
  • Data Controller”: refers to the entity that collects and processes the Data, in this case the website operator;
  • Processor”: means any natural or legal person that processes personal data on behalf of the Data Controller;
  • Data subject”:refers to the natural person to whom the data being processed relates. Any natural person who can be identified, directly or indirectly, in accordance with applicable regulations—in particular by reference to a name, unique identification number, location data, unique pseudonym, or one or more factors specific to their physical, physiological, genetic, mental, economic, cultural, or social identity that are sufficient to identify them—is deemed to be a Data Subject;
  • Processing”: means any operation performed on Data.

1. Purpose

The purpose of this Privacy Policy (hereinafter the “Policy”) is to inform Data Subjects about how Data is collected and processed by the Publisher, and to inform them of their rights and the means made available by the Publisher to exercise those rights.

Data Controller

For all browsing and purchases on the Site, the Data Controller is ¤Legal_Representant_Nom¤.

2. Treatment

Purposes of Processing

In connection with the operation of the Site, the Publisher collects and processes data in accordance with the purposes specified at the time of collection, namely:

  • The conduct of statistical studies on navigation,
  • The creation and proper functioning of the personal space,
  • Order management for orders placed through the website,
  • Cookie management,
  • Contact management is handled through the form provided for this purpose.

Data processed

As part of the data collection process, the Publisher may collect the following data:
Identity: last name, first name, email address, mailing address, mobile phone number; data that must be provided to the Publisher’s services is indicated as such.
Data is collected by entering information into the fields provided for this purpose, or through cookies that have been previously accepted.

When making online purchases, the banking information provided is not collected by the Publisher and is not processed by the Publisher in any way.
This data is processed exclusively and directly in a secure manner by the secure payment service set up by the Publisher, whose terms and conditions are available on its website:
¤UrlSite¤
The purpose of collecting this data is to ensure the proper operation of the Site and to track orders placed through it.
Only the data necessary for this purpose is collected and processed.

 

3. Data Security

The processed data is stored securely, and access to it is strictly controlled and limited to only those who need it.
All access to the data is subject to access through a specialized, secure module, protected by technical measures and strong passwords.

4. Recipients of the data

In accordance with applicable regulations, the Publisher has implemented state-of-the-art organizational and technical measures designed to safeguard the security, integrity, and confidentiality of the Data, and to prevent unauthorized access to it.

The Recipients are the Publisher and its employees who have a legitimate need to access the Data.

5. Data transferred to public authorities and/or agencies

In accordance with applicable regulations, Data may be disclosed to the competent authorities upon a substantiated request, including public agencies—solely to comply with legal obligations—as well as court officers, judicial officers, and agencies responsible for debt collection.

6. Retention periods

Data related to accounts or orders is not retained for more than two years from the date of the last login to the Account or the date of the order.

As an exception, in accordance with applicable regulations, accounting data—particularly that related to billing—will be retained in an archive for 10 years from the date of billing.

7. Rights of Data Subjects

Data subjects have the right of access, the right to rectification, the right to erasure (right to be forgotten), the right to object, the right to restrict processing, and the right to data portability with respect to their personal data.

These rights may be exercised in accordance with the amended Law No. 78-17 of January 6, 1978, and the GDPR.

  • by simply sending an email to the following address: ¤Legal_Representant_Email¤
  • by mail to the Publisher's address
  • through the contact page on the Website.

When processing any request, proof of identity may be required.

Unless the User violates the provisions below, the User has the right to file a complaint with the CNIL (https://www.cnil.fr).

8. Data Transfer

As a general rule, the data collected on the website is intended exclusively for the Publisher.

However, when an order is placed through the Site, the Data of the Data Subjects may be shared with the Publisher’s logistics partners (delivery and shipping services). The legal basis for this transfer is the sales contract.

Furthermore, prior to any transfer of Data to third parties, the consent of the Data Subject will be obtained.

However, the Publisher reserves the right to transfer the Data to fulfill its legal obligations, particularly if compelled to do so by a court order.

9. Safety

The Publisher places particular importance on protecting the personal data of its users and partners, but relies on their active cooperation to ensure that data is protected. The Publisher therefore strongly recommends the consistent use of strong passwords. (For more information, please refer to the guide:https://www.ssi.gouv.fr/guide/mot-de-passe).

10. Cookies

A cookie is a small file stored by a server on a user’s device (computer, phone, etc.) and associated with a web domain (i.e., in most cases, all the pages of a single website). This file is automatically sent back during subsequent interactions with the same domain.

Cookies have multiple uses: they can be used to store your customer ID on an e-commerce site, the current contents of your shopping cart, the display language of the web page, an identifier used to track your browsing for statistical or advertising purposes, etc.

There are several types of cookies:

  • "Essential" cookies, which are first-party cookies, are used to store information between visits to the same website on the same device. They are used to store shopping cart items, login credentials, and interface customization settings. They do not require the user's consent.
  • "Statistical" cookies are used to track a user's activity on a website. When the statistics are anonymous (i.e., they do not allow a specific individual to be identified), the user's consent is not required.
  • "First-party" cookies are set by the website you are visiting. They may be set in addition to necessary cookies and can be used to collect personal data, track user behavior, and serve advertising purposes.



So-called "third-party" cookies are cookies placed by (or on behalf of) Site B (often an advertising network) on Site A: this allows Site B to see which pages a user has visited on Site A and to collect information about the user.
The information stored on the device is theoretically limited to the domain currently being visited. In practice, this is not the case for “first-party” cookies placed by the main domain. Indeed, web pages may incorporate content from other domains.
All non-essential cookies are subject to consent upon connection to the Site.
Essential cookies are deleted at the end of the browsing session and are not used for data collection.
The retention period for cookies varies depending on the type of cookie.
To ensure the proper functioning of the Website, BOONDOOA/¤Legal_Representant_Nom¤ may need to place cookies in the Visitor’s browser.
For statistical purposes, BOONDOOA/¤Legal_Representant_Nom¤ and your client’s name may collect browsing information through the use of cookies.
The Visitor is free to accept or refuse cookies by configuring their browser (disabling all or some cookies—see the web browser manual or help function).
Disabling cookies may result in certain Site Services becoming unavailable.
The Visitor may, furthermore, at any time delete cookie storage or cookies already stored on their computer by configuring the privacy settings of their web browser.
The CNIL website also provides instructions on how to manage and delete cookies in your browser.
These explanations are available at the following address:https://www.cnil.fr/fr/cookies-les-outils-pour-les-maitriser.
Any cookies placed have a maximum lifespan of thirteen (13) months.
The maximum retention period for Data resulting from their use is 25 months