PRIVACY POLICY
(A) THE DATA COLLECTED
1. Definitions
Personal data (or Data): Any information which, directly, indirectly or in combination with other information - including a personal identification number - allows the identification or identifiability of a natural person.
Usage data: Information collected automatically by this Site (or by third-party services employed by this Application), which may include the IP addresses or domain names of the computers used by Users who use this Application, URI (Uniform Resource Identifier) addresses, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numeric code indicating the status of the server response (successful, error, etc.), the country of origin, the characteristics of the browser and operating system used by the User, the various details relating to the time per visit (e.g. time spent on each page of the Site) and details relating to the path followed on this Site with special reference to the sequence of pages visited, and other parameters relating to the User's operating system or computer environment.
User: The person using this Site who, unless otherwise indicated, corresponds to the Person concerned.
Data Subject: The natural person to whom the Personal Data refers.
Processor: The natural or legal person, public authority, institution or any other body that processes Personal Data on behalf of the Data Controller, as described in this privacy policy.
Controller (or Owner): The natural or legal person, public authority, institution or any other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures relating to the operation and use of this Site. Unless otherwise stated, the Data Controller is the Owner of this Site.
The Site: The means by which the User's Personal Data is collected and processed.
Service: The service provided by this Site as described in the relevant terms and conditions.
European Union (or EU): Unless otherwise stated, all references in this document to the European Union include all current Member States of the European Union and the European Economic Area.
Legal information: This privacy policy applies solely to this Site, unless otherwise indicated in this document.
Site owner: Maison Thishan Les Parfums - 229 rue Saint Honoré 75001 Paris. Owner contact email : relationclientele@maisonthishan.com
1.Types of Data collected
The types of Personal Data that this Site collects directly or through third parties include: Usage Data; device information; area code; gender; first name; last name; physical address; city; state; postal code; country; language; User ID; billing address; Data provided when using the service.
Full details of each type of Personal Data collected are provided in the sections devoted to this Privacy Policy or in specific explanatory texts published before the Data is collected.
Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically when you use this Site.
Unless otherwise indicated, all the Data requested by this Site are mandatory and their absence may make it impossible for this Site to provide the Services. In the event that this Site specifies that certain Data is not compulsory, Users are free not to provide it without any consequences for the availability or operation of the Service.
If Users have any doubts about the Personal Data required, they are invited to contact the Owner.
Any use of Cookies - or other tracking tools - by this Site or by the owners of third-party services used by this Site is intended to provide the Service requested by the User, in addition to the other purposes described in this document and in the Cookie Policy.
Users are responsible for any third-party Personal Data obtained, published or communicated via the Site.
2. How and where the Data is processed
Treatment methods
The Owner takes appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of the Data.
The Data is processed using computers or IT tools, following the procedures and organisational methods closely related to the purposes indicated. In addition to the Owner, the Data may be accessible, in certain cases, to certain categories of persons in charge of the operation of this Site (administration, sales, marketing, legal department, system administration) or to external parties (such as third-party technical service providers, courier services, hosting providers, IT companies, communications agencies) designated, where applicable, as Subcontractors by the Owner. An updated list of these parties may be requested from the Owner at any time.
Place of treatment
Data is processed at the Owner's head office and at all other locations where the parties responsible for processing are located.
Depending on the User's location, data transfers may result in the User's Data being transferred to a country other than their own. To find out more about where this transferred Data is processed, Users can consult the section containing details about the processing of Personal Data.
Shelf life
Unless otherwise specified in this document, Personal Data is processed and kept for as long as required for the purpose for which it was collected and may be kept for longer by virtue of an applicable legal obligation or on the basis of the User's consent.
Purposes of processing
User Data is collected to enable the Owner to provide its Service, to fulfil its obligations, to respond to law enforcement requests, to protect its rights and interests (or those of its Users or third parties), to detect any malicious or fraudulent activity, as well as the following: Platform services and hosting.
For precise information on the Personal Data used for each purpose, the User may consult the "Detailed information on the processing of Personal Data" section.
Detailed information on the processing of Personal Data:
Personal Data is collected for the following purposes using several services.
The function of these services is to host and run the key components of this Application, enabling it to be made available from a unified platform. This type of platform offers a wide range of tools to the Owner - for example: analyses, user registration, publication of comments, database management, e-commerce, payment processing - which involve the collection and handling of Personal Data.
Some of these services operate via geographically dispersed servers, making it difficult to determine the actual location where Personal Data is stored.
Hostinger (Hostinger International Ltd.)
Hostinger is a hosting service provided by Hostinger International Ltd.
Personal data processed: billing address; physical address; postcode; area code; data communicated when using the service; usage data; User ID; device information; language; surname; country; first name; gender; city; state.
Place of processing: Cyprus - Privacy policy.
Legal basis for processing
The Owner may process Personal Data relating to Users if one of the following conditions applies:
- Users have given their consent for one or more specific purposes; Note: Under certain legislation, the Owner may be authorised to process Personal Data until the User objects ("opt-out"), without having to rely on consent or one of the following legal bases. However, this condition does not apply where the processing of Personal Data is subject to European data protection law;
- the supply of Data is necessary for the performance of an agreement with the User or for any of the User's pre-contractual obligations;
- processing is necessary to comply with a legal obligation to which the Owner is subject;
- the processing is linked to a task carried out in the public interest or in the exercise of public authority vested in the Owner;
- processing is necessary for the purposes of the legitimate interests pursued by the Owner or a third party.
In all cases, the Owner will be happy to help you clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a legal or contractual requirement, or a requirement necessary to enter into a contract.
Additional information on shelf life
Unless otherwise specified in this document, Personal Data is processed and kept for as long as required for the purpose for which it was collected and may be kept for longer by virtue of an applicable legal obligation or on the basis of the User's consent.
Therefore :
- Personal Data collected for purposes relating to the performance of a contract between the Owner and the User must be kept until the contract has been fully performed.
- Personal Data collected for the purposes of the Owner's legitimate interests shall be retained for as long as necessary to achieve those purposes. Users can find specific information about the Owner's legitimate interests in the relevant sections of this document or by contacting the Owner.
The Owner may be authorised to retain Personal Data for a longer period of time whenever the User has given his/her consent to such processing, for as long as such consent is not withdrawn. In addition, the Owner may be obliged to retain Personal Data for longer periods whenever this is required to comply with a legal obligation or by order of an authority.
Once the retention period has expired, the Personal Data will be deleted. Consequently, the right of access, the right of erasure, the right of rectification and the right to data portability cannot be applied after the retention period has expired.
4. User rights
Users may exercise certain rights regarding their Data processed by the Owner.
In particular, Users have the right to do the following, to the extent permitted by law:
- Withdraw their consent at any time. Users have the right to withdraw their consent if they have already consented to the processing of their Personal Data.
- To oppose the processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent.
- Access their Data. Users have the right to know whether their Data is being processed by the Owner, to obtain information on certain aspects of the processing and to obtain a copy of the Data being processed.
- Check and obtain a correction. Users have the right to verify the accuracy of their Data and to request that it be updated or corrected.
- Limiting the processing of their Data. Users have the right to limit the processing of their Data. In this case, the Owner will only process their Data for storage purposes.
- Have their Personal Data deleted or erased. Users have the right to obtain the deletion of their Data from the Owner.
- Recover their Data and have them transferred to another data controller. Users have the right to recover their Data in a structured, commonly used and machine-readable format and, if technically possible, to have it transmitted to another data controller without hindrance of any kind.
- Making a complaint. Users have the right to lodge a complaint with their competent data protection authority.
Users also have the right to know the legal basis for transfers of Data to any foreign country and in particular to any international organisation governed by public international law or created by two or more countries, such as the UN, as well as the security measures taken by the Owner to safeguard their Data.
Information concerning the right to object to processing
Where Personal Data is processed in the public interest, in the exercise of official authority vested in the Owner or for the purposes of the legitimate interests pursued by the Owner, Users may object to such processing by providing a reason linked to their particular situation that should justify such objection.
However, Users should be aware that if their Personal Data is processed for direct marketing purposes, they may object to such processing at any time, free of charge and without any justification. If the User objects to the processing for canvassing purposes, the Personal Data will no longer be processed for these purposes. To find out whether the Owner processes Personal Data for direct marketing purposes, Users may refer to the relevant sections of this document.
5. How to exercise these rights
Any request to exercise the User's rights may be addressed to the Owner using the contact details provided in this document. Such requests may be made free of charge and will be answered by the Owner, providing Users with the information required by law, as soon as possible and always within one month. Any rectification or erasure of Personal Data or any restriction on processing will be communicated by the Owner to each recipient to whom the Personal Data has been communicated, where applicable, unless this proves impossible or involves a disproportionate effort. At Users' request, the Owner will inform them of these recipients.
Further information on the processing and collection of Data
6. Legal action
The User's Personal Data may be used for legal purposes by the Owner before the courts or in steps that may lead to legal action resulting from inappropriate use of this Application or related Services.
The User is aware that the Owner may be required to disclose Personal Data at the request of the public authorities.
Additional information concerning the User's Personal Data
In addition to the information contained in this privacy policy, this Application may provide the User with additional information and contextual information concerning particular services or the collection and processing of Personal Data.
System and maintenance logs
For operational and maintenance purposes, this Application and any third-party services may collect files that record interactions with this Application (system logs) or use other Personal Data (such as IP address) for this purpose.
Information not included in this policy
Further information regarding the collection or processing of Personal Data may be requested from the Owner at any time. Please refer to the contact details at the beginning of this document.
Changes to this privacy policy
The Owner reserves the right to make changes to this Privacy Policy at any time, by informing its Users on this page and possibly on this Site or - insofar as this is technically and legally possible - by sending a notice to Users via the contact details available to the Owner. Users are strongly advised to consult this page frequently, referring to the date of the last modification indicated at the bottom.
If the changes affect the processing activities carried out on the basis of the User's consent, the Owner must obtain new consent from the User where necessary.
(B) COOKIE MANAGEMENT
This document informs Users of the technologies that enable this Site to achieve the purposes described below. These technologies enable the Owner to access and store information (using a Cookie, for example) or use resources (running a script, for example) on a User's device when the User interacts with this Site.
For the sake of simplicity, all these technologies are defined as "Trackers" in this document, unless there is a reason to differentiate between them.
For example, although Cookies can be used on both web and mobile browsers, it would be inaccurate to refer to Cookies in the context of mobile applications as these are browser-based Trackers. For this reason, in this document, the term Cookies is only used where it is specifically intended to indicate this specific type of Tracker.
Some of the purposes for which Trackers are used may require the User's consent. Where consent is given, it may be freely withdrawn at any time by following the instructions provided in this document.
This Site only uses Trackers managed directly by the Owner ("first party" Trackers).
The validity and expiry periods of first-party Cookies and other similar Trackers may vary depending on the lifetime defined by the Owner. Some expire at the end of the User's browsing session.
Activities strictly necessary for the operation of this Site and the provision of the Service
This Site uses so-called "technical" Cookies and other similar Trackers to carry out activities that are strictly necessary for the operation or provision of the Service.
How can I manage my preferences and give or withdraw my consent?
There are various ways to manage preferences relating to Trackers and to give and withdraw consent, where appropriate:
Users can manage Tracker preferences directly in the settings of their own device, for example by preventing the use or storage of Trackers.
In addition, whenever the use of Trackers relies on consent, Users may give or withdraw such consent by setting their preferences in the cookie notification, or by updating such preferences accordingly using the appropriate privacy consent preferences widget, if applicable.
It is also possible, via the relevant browser or device functions, to delete previously stored Trackers, including those used to remember the User's initial consent preferences.
Other Trackers in the browser's local memory can be deleted by deleting the browsing history.
Access to Tracker settings
Users can, for example, find information on how to manage Cookies in the most commonly used browsers at the following addresses:
Users can also manage certain categories of Trackers used on mobile applications by disabling the appropriate device settings, such as device advertising settings for mobile devices or tracking settings in general (Users can open the device settings and search for the appropriate setting).
Consequences of refusing to use Trackers
The User is free to decide whether or not to authorise the use of Trackers. However, it should be noted that Trackers enable this Site to provide Users with a better experience and advanced functionalities (in accordance with the purposes described in this document). Therefore, if the User chooses to block the use of Trackers, the Owner may not be able to provide the related functionality.
