Date: September 1st, 2020
LEAF-CYCLE (owner of AEMIUM brand) may need to collect your Personal Data when you browse on the website www.aemium.com.
LEAF-CYCLE takes the protection of your privacy very seriously as the controller of the data it collects and it ensures that it maintains the confidentiality of your personal data. It is stored with the utmost care and is subject to the most appropriate security measures.
Please read our Confidentiality Policy carefully, as it describes the nature of the personal information that we collect from our customers, how we use and process it, and who we share it with. It enables you to understand your rights concerning the processing of your personal data, the measures that we take to guarantee the security of your information and how long your personal information is stored.
These terms of our Confidentiality Policy go together with our Terms and Conditions of Sale, our Cookies Policy and our Website Terms and Conditions of Use. It applies to all the personal information concerning you and your browsing data, that you provide, and which is collected and processed by us on different occasions.
You acknowledge that by browsing on our Website, and in particular by placing orders on our Website, you accept the terms of our Confidentiality Policy and consent to our collection, disclosure and use of your Personal Data in accordance with our Confidentiality Policy.
1. What is personal data?
The term ‘Personal Data’ refers to any information relating to a physical person who is likely to be identified, either directly or indirectly, through their name, photo, fingerprint, email address, telephone number, IP address, a login ID or your shopping habits.
2. Who is the controller of your Personal Data?
LEAF-CYCLE, S.A.S.
simplified joint-stock company with capital of €5000,
EU VAT number: FR09 845 056 530,
registered on the Orleans Trade and Companies Register under number 845 056 530
whose registered office is located at 160, rue de la verdelle, 45430 Mardié
is the controller of personal data collected on the website www.aemium.com (the ‘Website’) within the meaning of the legal provisions applicable, and in particular the GDPR - EU regulation 2016/679 relating to the protection of physical data with respect to processing of personal data and the free circulation of data.
3. What information do we collect from you and how do we collect it within the framework of our activity?
We collect your Personal Data from different sources, which are as follows:
-
Sources from the information that you send us, in particular through collection forms, when you visit our shops, on our Website, in your telephone conversations with our sales department, via our social network pages, at one of our events. This personal information concerning you relates, for example, to: your identity, your postal or digital addresses, your telephone number, the details and history of your purchases, your choices and preferences for our products and services, the information given to our customer services, your bank details*, information or content with, for example, photographs, videos, survey answers and comments and information via social networks when you browse on our pages on social networks.
* We would like to remind you that your bank card details never transit in plain text via our Website, but via a secure payment platform, and are encrypted with SSL protocol, to guarantee a secure environment for your payment methods.
-
Sources from the information that we collect indirectly, either automatically or with your consent from yous through various technologies, in particular the Cookies described according to the terms of our Cookies Policy (see paragraph 12), to gather information about:
-
technical data, for example your IP address to connect to your device to the Internet, your browsing software, your device's ID and your login information;
-
data about your visit to our Website, including all the URLs visited before, during and after our Website, the pages visited and downloaded, the page response times, the download errors and the products that you have viewed or searched for.
-
-
Legitimate external sources with respect to the Personal Data concerning you that we collect from third-party companies, with which we work closely, such as, for example commercial partners, subcontractors responsible for delivering your orders, technical services, payment services, advertising agencies, credit agencies and statistical analysis service providers which are likely to send us, with your consent, personal information about you.
4. When can we collect your personal data?
We collect your personal data on these different occasions:
-
You create an account on our Website, in our shops
-
You browse on our Website;
-
You make purchases on our Website;
-
You talk to our customer services by different methods, in particular letters, emails and telephone;
-
You take part in the promotional events, games and competitions that we organise;
-
You share content on social networks using the hashtag #AEMIUM, #PARFUMSAEMIUM, hashtags that we create or the phrase @aemium or @aemiumofficiel;
-
You follow and/or comment on our AEMIUM pages on social networks (such as Instagram, Facebook, LinkedIn or YouTube);
-
You have given your consent to third parties for them to send us your Personal Data.
5. For which purposes and what uses do we collect your Personal Data?
We will only collect the data necessary to fulfil explicit, legitimate and determined purposes for which it is processed. Within the framework of our activity, the main purpose of the processing of your Personal Data is to make our Website available to you, to ensure ergonomic and optimal browsing and to guarantee a safe environment, in particular:
-
to provide you with all the services available via the Website, telephone and via email;
-
to create and manage access to your account;
-
to process and manage the monitoring of your orders;
-
to manage your participation in the commercial events, competitions or loyalty programmes that we offer our customers;
-
to manage our customer relationship through our CRM software to get to know your choices better, to personalise our offers according to your preferences and to send marketing communications or Newsletters, on condition that you have given your consent;
-
personalise the website features according to your preferences;
-
handle your requests or questions in the FAQs;
-
make online transactions secure and prevent fraud and payment incidents and manager recovery;
-
check, authenticate and identify the personal data you have sent;
-
analyse your shopping habits;
-
ensure that the Website operates smoothly and improve it;
-
guarantee the Website’s security;
-
gather statistics and analyse Website visits.
6. On what legal bases can we justify the collection and processing of your Personal Data?
The ‘Legal Bases’ are the bases on which a company is authorised to process a natural person’s Personal Data.
Our policy is to ensure that your Personal Data is processed with the following justification:
-
we use the personal information concerning you, to enable us to fulfil our obligations resulting from the sales contract, which binds us to you, and to ensure optimal management of your orders;
-
it is our legitimate interest, for marketing management purposes, to offer you the best online browsing and shopping experience on our Website;
-
the legal provisions sometimes will require that we collect and use our customers’ Personal Data. These are, for examples, requests from the administrative authorities requiring the data of people who are involved in fraudulent or criminal activities. Or sometimes, tax laws may require that we store data relating to orders and payment for our products;
-
in some cases, we may ask for your consent before using your Personal Data, in particular for the purposes of managing our sales canvassing and your browsing data via cookies.
Whether or not the Personal Data is required or optional and the potential consequences of not responding are stated when it is collected.
7. What are your rights and how can you exercise them?
Pursuant to the data protection amended law of 6 January 1978, and the General Data Protection Regulation no. 2016/679 of 27 April 2016, you have the following rights:
-
to request access to a copy of your Personal Data that we have collected;
-
request the rectification of Personal Data;
-
oppose the processing of your Personal Data on legitimate grounds, in particular, if you consider that this processing would cause you damage;
-
request the deletion of your Personal Data subject to legitimate grounds,
-
request the portability of your Personal Data to request that it be sent to another data controller;
-
you can withdraw by requesting that your consent be withdrawn at any time, at no cost.
You can exercise your rights by writing to:
LEAF-CYCLE
Service e-commerce (Loi informatique et liberté/RGPD)
160 rue de la Verdelle
45430 MARDIE France
Any request must contain the following information: user’s last name, first name, postal address and/or email address. It must be supported by a copy of the latter’s ID. You will be sent a response within 1 month of receipt of the request.
You may also make a complaint to the CNIL (French data protection authority) by sending a letter to:
CNIL
3 Place de Fontenoy
- TSA 80715 –
75334 PARIS CEDEX 07
8. Who can we disclose your Personal Data to?
We are the priority recipients of your Personal Data and it may under no circumstances be sold by us.
Personal information concerning you is mainly processed by LEAF-CYCLE employees and by people who we have authorised to access it, when this is necessary to enable us to fulfil our contractual obligations towards you, for example to process your order.
Insofar as necessary, we may also share your Personal Data with trusted third parties or subcontractors, who we require to observe the law and our terms, and to take technical and organisational measures to maintain the security and confidentiality of your Personal Data. We only provide personal information that is necessary for them to provide their services and we require that they do not use your Personal Data for other purposes.
These are mainly, and necessarily, the following services providers that we use within the framework of our activity:
-
Website hosting and Personal Data collection solution service providers;
-
financial intermediaries such as banks or payment service providers;
-
transport and delivery services for the products that you have ordered;
-
analysis providers to collate statistics;
-
commercial partners that we use to organise events, in particular promotional events;
-
service providers in charge of communications for our brand and canvassing on social networks, for example advertisers and advertising networks to publish targeted adverts in our name;
-
Service providers in charge of our email campaigns;
-
analysts and search engine providers to help us optimise browsing on and the ergonomics of our Website;
Due to a legal or regulatory obligation, sometimes we are obliged to disclose or share your Personal Data with administrative, tax or judicial bodies and authorities.
9. What is our policy for transferring your data abroad and outside the European Union?
Sometimes we share or transfer your Personal Data with or to trusted third-parties who are located outside the European Union, in countries whose Personal Data protection laws are different to those applicable in Europe and France. In these circumstances, we take technical and organisational measures to guarantee your rights and freedom and to ensure the security and confidentiality of any personal information concerning you, in particular by gathering your consent and ensuring that the service providers take the technical and organisational measures to guarantee security and protection of an equivalent level.
10. How do we protect your Personal Data?
We endeavour to secure your data and protect our systems and our activity on the Internet, and in this context, we take adequate technical and organisational measures to guarantee the security and confidentiality of your Personal Data.
However, despite our efforts to deploy security, IT and physical measures, taking into account the sensitivity of certain Personal Data, we are not immune to the risks of computer piracy, given the functions and nature of the Internet as a communication method without borders, and we cannot guarantee that we will eliminate all the risks of third-party intrusion or the abusive use of your data.
11. For how long do we have the right to store your Personal Data?
Pursuant to the applicable laws and the CNIL’s (French data protection authority) recommendations, we store your Personal Data only for the time necessary to fulfil the aims or purposes for which we have collected and processed your Personal Data, within the limits permitted by law. When the use of your Personal Data is no longer justified, we will delete it or take all the measures to anonymise the personal information concerning you.
For example, when paying for your purchases on our Website; your bank card’s details can only be stored while the payment transaction is carried out. After this purpose has been fulfilled, the data must be deleted, archived or undergo a data anonymisation process to make it impossible to identify you, in which case your data that is no longer personal may be stored freely and used for the production of statistics.
12. Policy specific to IP addresses and cookies
For commercial and technical reasons, we may collect information about your computer and IP address. We use cookies, which are cookies for connection purposes. They provide us with data and settings via your web browser.
Please note that all this data is statistical in nature and does not identify any particular individual. Their purpose is:
-
To save information about your preferences, and thus to allow us to personalize the site according to your needs.
-
To facilitate your access to the site
-
To recognize you quickly at each of your visits.
You have the right to refuse these cookies by adjusting your parameters to this effect, however you may be unable to access certain data on our site.
13. What is our responsibility policy on social networks?
Our Website may contain hypertext links that direct you to social network websites or our partners’ websites, which are neither operated nor controlled by us. We would like to inform you that each of these networks has its own confidentiality policy and Cookies, which may differ from ours. Even if we make every effort to ensure that the confidentiality and security of your Personal Data are observed by our partners, LEAF-CYCLE does not assume any liability for their confidentiality policy and the content of their website.
14. Our Newsletters — Your consent and your right to unsubscribe are important to us
With your consent, we will use your email address to send you our Newsletters. You may unsubscribe from our Newsletter mailing lists at any time by clicking the unsubscribe link in any of the newsletters sent.
15. Updating our confidentiality policy
Please note that we reserve the right to amend the terms of our Confidentiality Policy at any time, in particular to bring them into compliance with the law and the CNIL’s (French data protection authority) recommendations. Each update will be indicated clearly on the first page.