ARTICLE 1: PREAMBLE
* The way in which their personal data are collected and processed. All data that can identify a user must be considered as personal data. These include first and last name, age, postal address, e-mail address, user’s location or IP address;
* What are the rights of users regarding this data?
* Who is responsible for the processing of the personal data collected and processed?
* To whom these data are transmitted;
* Possibly, the site’s policy regarding cookies files.
ARTICLE 2: GENERAL PRINCIPLES FOR DATA COLLECTION AND PROCESSING
In accordance with the provisions of Article 5 of European Regulation 2016/679, the collection and processing of data from users of the site complies with the following principles:
* Legality, fairness and transparency: data may only be collected and processed with the consent of the user who owns the data. Whenever personal data are collected, the user will be informed that their data are being collected, and for what purposes their data are being collected;
* Limited purposes: the collection and processing of data is carried out in order to meet one or more objectives determined in these general conditions of use;
* Minimization of data collection and processing: only the data necessary for the proper execution of the objectives pursued by the site are collected;
* Storage of data reduced in time: the data are stored for a limited period of time, of which the user is informed. If the storage period cannot be communicated to the user;
* Integrity and confidentiality of the data collected and processed: the data controller undertakes to guarantee the integrity and confidentiality of the data collected.
In order to be lawful, and in accordance with the requirements of Article 6 of European Regulation 2016/679, the collection and processing of personal data may only take place if they comply with at least one of the following conditions listed below:
* The user has expressly consented to the processing;
* The processing is necessary for the proper execution of a contract;
* The processing is in accordance with a legal obligation;
* The processing is necessary in order to safeguard the vital interests of the data subject or another natural person;
* The processing may be explained by a necessity linked to the performance of a task in the public interest or in the exercise of public authority;
* The processing and collection of personal data is necessary for the legitimate and private interests pursued by the controller or by a third party.
ARTICLE 3: PERSONAL DATA COLLECTED AND PROCESSED IN THE CONTEXT OF BROWSING THE SITE
A: DATA COLLECTED AND PROCESSED AND HOW IT IS COLLECTED
Personal data collected on the Myriametjacky.com website may include name, address, e-mail address and information relating to any purchase or reservation.
This data is collected when the user performs one of the following operations on the site:
When the user makes a purchase or reservation or subscribes to a newsletter.
In addition, when making a payment on the site, proof of the transaction, including the order form and invoice, will be kept in the site publisher’s computer systems.
The controller will store all the data collected in his site’s computer systems under reasonable security conditions for a period of: 10 years.
The collection and processing of data shall serve the following purposes:
The processing of any purchase or reservation;
Internal record keeping;
The improvement of our products/services;
The transmission by e-mail of marketing documents that may be of interest to you;
For market research purposes, by email, telephone, fax or mail. This information may be used to customize or update the Website;
B: TRANSMISSION OF DATA TO THIRD PARTIES
The data may be transmitted to the following third party(ies):
Third party service providers who provide us with services that require the processing of personal data – to help third party service providers who receive shared data perform functions on our behalf to ensure the proper functioning of the website;
Third-party payment providers who process payments made on the website – to allow third party payment providers to process user payments and refunds;
C: DATA HOSTING
The myriametjacky.com website is hosted by : SiteGround, headquartered at the following address:
SiteGround Spain S.L. / Serrano 1, 5º
The host can be contacted at https://www.siteground.com/contact_us.htm
ARTICLE 4: DATA CONTROLLER AND DATA PROTECTION OFFICER
A: THE DATA CONTROLLER
The persons responsible for the processing of personal data are:
Myriam and Jacky Boisset
They can be contacted as follows:
EMAIL: contact @ myriametjacky.com
The data controller is responsible for determining the purposes and means used to process personal data.
B: OBLIGATIONS OF THE DATA CONTROLLER
The controller undertakes to protect the personal data collected, not to transmit them to third parties without the user having been informed and to respect the purposes for which the data were collected.
The site has an SSL certificate to ensure that the information and data transfer through the site is secure.
An SSL certificate (“Secure Socket Layer” Certificate) is used to secure the data exchanged between the user and the site.
In addition, the data controller undertakes to notify the user in the event of rectification or deletion of the data, unless this would entail disproportionate formalities, costs and procedures for him.
In the event that the integrity, confidentiality or security of the user’s personal data is compromised, the controller undertakes to inform the user by any means.
C: THE DATA PROTECTION OFFICER
In addition, the user is informed that the following persons have been appointed Data Protection Officers: Myriam and Jacky Boisset
The role of the Data Protection Officer and to ensure the proper implementation of national and supranational provisions relating to the collection and processing of personal data. It is sometimes called DPO (Data Protection Officer).
The Data Protection Officer can be reached as follows:
contact @ myriametjacky.com
ARTICLE 5: USER RIGHTS
In accordance with the regulations concerning the processing of personal data, the user has the following rights.
In order for the data controller to comply with his request, the user is required to provide him with: his first and last name and e-mail address, and if relevant, his account or personal or subscriber space number.
The data controller is required to reply to the user within a maximum of 30 (thirty) days.
A: PRESENTATION OF THE USER’S RIGHTS TO COLLECT AND PROCESS DATA
a. Right of access, rectification and deletion
The user may review, update, modify or request the deletion of data concerning him/her, in accordance with the following procedure:
The user must send an email with his request for information.
If he has one, the user has the right to request the deletion of his personal space by following the following procedure:
The user must send an email with his request to delete his information. The request will be processed within 10 business days.
b. Right to data portability
The user has the right to request the portability of his personal data, held by the site, to another site, by complying with the following procedure:
The user must send an email with his request for information
c. Right to limit and object to data processing
The user has the right to request the limitation or to oppose the processing of his data by the site, without the site being able to refuse, unless it can demonstrate the existence of legitimate and compelling reasons, which may prevail over the user’s interests and rights and freedoms.
In order to request the limitation of the processing of his data or to formulate an objection to the processing of his data, the user must follow the following procedure:
The user must send an email with his request.
d. Right not to be the subject of a decision based exclusively on an automated process
In accordance with the provisions of Regulation 2016/679, the user has the right not to be the subject of a decision based exclusively on an automated process if the decision produces legal effects concerning him, or significantly affects him in a similar way.
e. Right to determine the fate of data after death
Users are reminded that they can organise the future of their data collected and processed if they die, in accordance with law n°2016-1321 of 7 October 2016.
f. Right to have recourse to the competent supervisory authority
In the event that the data controller decides not to respond to the user’s request, and the user wishes to contest this decision, or, if he believes that one of the rights listed above is being infringed, he is entitled to refer the matter to the CNIL (Commission Nationale de l’Informatique et des Libertés, https://www.cnil.fr) or any competent judge.
B: PERSONAL DATA OF MINORS
In accordance with the provisions of Article 8 of European Regulation 2016/679 and the Data Protection Act, only minors aged 15 or over may consent to the processing of their personal data.
If the user is a minor under 15 years of age, the consent of a legal representative will be required in order for personal data to be collected and processed.
The site editor reserves the right to verify by any means that the user is over 15 years of age, or that he or she has obtained the consent of a legal representative before browsing the site.
ARTICLE 6: USE OF “COOKIES” FILES
The site may use “cookie” techniques.
A “cookie” is a small file (less than 4 kb), stored by the site on the user’s hard disk, containing information about the user’s browsing habits.
These files allow it to process statistics and traffic information, facilitate navigation and improve service for the user’s comfort.
For the use of “cookie” files involving the storage and analysis of personal data, the user’s consent is necessarily required.
This user’s consent is considered valid for a maximum period of 13 (thirteen) months. At the end of this period, the site will again request the user’s authorization to save “cookie” files on his hard disk.
a. Opposition of the user to the use of “cookies” files by the site
The user is informed that he or she may oppose the recording of these “cookies” files by configuring his or her browser software.
For information, the user can find at the following addresses the steps to follow in order to configure his browser software to prevent the recording of “cookie” files:
* Chrome: https://support.google.com/accounts/answer/61416?hl=en
* Firefox: https://support.mozilla.org/fr/kb/enable-and-disable-cookies-website-preferences
* Safari: http://www.apple.com/legal/privacy/fr-ww/
* Internet Explorer: https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies
* Opera: http://www.opera.com/help/tutorials/security/cookies/
In the event that the user decides to deactivate the “cookies” files, he/she will be able to continue browsing the site. However, any malfunction of the site caused by this manipulation could not be considered as being due to the publisher of the site.
b. Description of the “cookie” files used by the site
The site editor draws the user’s attention to the fact that cookies are used when browsing the site:
While browsing the site, the user is informed that third party cookie files may be stored.
In addition, the site includes social network buttons, allowing the user to share their activity on the site. Cookies” files from these social networks are therefore likely to be stored on the user’s computer when using these features.
The user’s attention is drawn to the fact that these sites have their own privacy policies and general conditions of use that may differ from the site. The site editor invites users to consult the privacy policies and general conditions of use of these sites.
The site editor reserves the right to modify it in order to guarantee its conformity with the law in force.