General Data Protection Regulation GDPR of the website Perles and co

The protection of our customers' data has always been of the utmost importance to us. At no time in the past have they been sold or traded. We are committed to continuing these good practices and going even further.

In accordance with the legal and regulatory provisions in force at the time of writing, and in particular Law n°78-17 of January 6, 1978 "Informatique et Libertés Informatique et Libertés" (as amended by the law of August 6, 2004 on the protection of individuals with regard to the processing of personal data).gard des traitements de données à caractère personnel)) and the General Regulation on the Protection of Personal Data, this charter sets out your rights and remedies, as well as everything you need to know about the collection, processing and use of your personal data by Perles & Co.

1) Collection of personal data:

When you create an account and place orders on the https://www.perlesandco.co.uk website, hereinafter referred to as "the Site", SAS Internet & E-commerce is required to record personal data concerning its customers. The party responsible for collecting and processing this data is SAS Internet & E-commerce, a simplified joint stock company, registered in the Albi Trade and Companies Register under the numbere au RCS de Albi sous le numéro 453605933, whose registered office is located at 25 Rue Henri Moissan 81000 Albi, hereinafter referred to as "the Company". The term "personal data" refers to all data that can be used to identify an individual. You will find below all the personal data concerning you that may be stored by Perles & Co, as well as their purpose:

Name / First name
Email
Date of birth
Postal address
E-mail
Phone number
Comments and product reviews
Login data
Browsing data
IP address
Banking transactions
Order history
Newsletter subscription
In-stock product alerts

2) Purpose of data collection :

It is our intention that all data collected should be useful and necessary for the purpose for which it is collected. You may be asked to provide optional information, but this is never compulsory and is only used to personalize or improve our relationship with our customers. Here are the different patterns for collecting your data:

Managing your orders

- To manage your orders, both pre-sales and post-sales, and to contact you by email or telephone in order to provide you with the best possible service.

- To meet our legal and regulatory obligations, such as recording purchase orders and issuing invoices, which must be kept for 10 years.

- Sales and marketing management

- To compile sales statistics and carry out market and behavioral research in order, for example, to anticipate our purchases.

- Build up and manage prospect files.

- Combat payment fraud under the conditions defined below,

- Propose an appropriate loyalty policy and targeted promotional actions for private individuals and/or professionals.

- Organize competitions

Newsletter

And for customers and prospects or subscribers to one of our newsletters:

- Propose new products for sale by the company,

- Inform you of our latest news and promotional offers, DIY tutorials, videos...

You can unsubscribe from these newsletters at any time by clicking on the appropriate link at the bottom of each e-mail or on the Newsletter page (https://www.perlesandco.co.uk/newsletter.php).

Customer request management

- Responding to your requests, opinions and queries, solving your problems and providing you with a customized solution.

NB: under no circumstances do we pass on our subscribers' e-mail addresses to commercial partners who might use them.

3) Fight against fraud

In order to combat payment fraud, or to manage any complaints, the Company may also retain information relating to credit card or Paypal transactions. However, we have no knowledge of your credit card number, expiry date or cryptogram, so we do not store this information. What's more, we've set up a multi-criteria system that includes alerts based on typical order profiles. This may lead us to ask you for certain supporting documents (identity card, passport, proof of address, etc.) in order to validate your order. The data collected in this way will not be kept after verification. We may momentarily block an order during manual validation while we carry out transaction security checks (3D secure guarantee) or consult the supporting documents, and sometimes contact the customer. The order is then confirmed as soon as possible.

4) Recipients of collected data

Only our company and the external companies to which we are contractually linked for the management of your order or the sending of our newsletters have access to the personal data that you communicate to us. The categories of persons who will have access to your personal data within the Company are, within the limits of their respective needs, the sales department, the marketing department, the IT department, the logistics department and the departments responsible for management control such as the statutory auditor, the accounting firm for the proper keeping of our accounts, etc.

Your personal data may also be sent to public bodies, exclusively to meet legal obligations, court officers, legal agents, tax authorities in the event of a tax audit, for example, and customs authorities. External companies who will have access to your personal data in order to process your orders are :

Our payment service providers (Crédit Agricole, Caisse d'Epargne or Paypal)
Our transport service providers (La Poste, Chronopost, UPS)
Our subcontractors and hosting, storage, maintenance and site security services (OVH)
Our online chat service (Freshdesk, whatsapp, MoustacheAi)
Our online customer review system (Google Avis Clients)
Our feed analysis services (Google Analytics, Google Search Console)
Our advertising and retargeting services (Google Adwords, Facebook)
Our newsletter mailing service provider headquartered in France (Brevo)
Our CRM management and prospecting tool for partners and affiliates (Zoho)
Our interactive marketing and data collection platform for personalized communication (Qualifio)

As required by law, we ensure that all our external service providers comply with European regulations on the protection of personal data. The Company undertakes not to sell any personal data collected on its website, and to store such data only at European level, or at the very least with foreign service providers who guarantee compliance with current legislation. The Company undertakes to request guarantees from its service providers and any other subcontractors, and reserves the right to monitor them.

5) Retention period for personal data

The date taken into account to define the retention period of the personal data we collect is the date of the last transaction you carried out on our site or the date of the last connection to your customer account. In this context, we undertake to delete such data as soon as :

- you ask us to remove them from our databases,

- you have not logged in to your customer account for more than 3 years,

- you request to unsubscribe from any of our newsletters.

Please note that if you subscribe to more than one of our newsletters, you will have to unsubscribe from all of them to stop receiving emails (other than those processing your order). We also reserve the right to contact you by e-mail before deleting your customer or prospect account in order to offer you the option of keeping it. In this case, your account will be kept for a further 3 years from your new date of consent, unless you request its deletion before the end of this period.

6) Security

We inform you that we take every precaution to protect the security of your personal data and, in particular, to prevent it from being distorted, damaged or accessed by unauthorized third parties:

Our databases are kept in France and are duplicated to guarantee their preservation.
Our internal databases and information systems are accessible only to authorized personnel and service providers.
All our IT equipment is equipped with firewalls, antivirus and other protection systems. Computer maintenance is carried out on a regular basis.
Our premises are equipped with intruder alarms and remote surveillance.
Our service providers are selected and made aware of RGPD standards.
Our website and all intermediary payment providers, including the online credit card payment system, are secured by the standardized "SSL protocol" encryption system.

We strongly encourage you to choose a password for your customer or prospect account that is at least 8 characters long, including at least one upper-case letter, one lower-case letter, one number and one special character. For customers and prospects who have already registered, we invite you to change your password to one with a minimum of 8 characters, including at least one upper-case letter, one lower-case letter, one number and one special character. We also advise you, once you have logged on to our site and used it according to your needs, particularly if you use a computer, tablet or telephone to which several people may have access, to remember to log off from your account before leaving the Site. If, despite all the precautions we have taken, an intrusion or security breach directly affecting your data were to be detected by our services, "the Company" would be obliged to inform you.covered by our services, "la Société" undertakes to inform the CNIL and to inform you within 72 hours with the following notice:

- the nature of the personal data breach, including, if possible, the categories and approximate number of persons affected by the breach, and the categories and approximate number of personal data records concerned for the purposes of informing the CNIL;

- the name and contact details of the Data Protection Officer (DPO), or any contact from whom further information can be obtained;

- the likely consequences of the personal data breach;

- the measures taken or proposed to be taken by the controller to remedy the personal data breach, including, where appropriate, measures to mitigate any negative consequences.

7) Cookie use policy

When you browse our website https://www.perlesandco.co.uk and perform certain actions, we store small alphanumeric text files in your browser, more commonly known as "cookies".These small files enable us to memorize certain actions you have carried out and to keep them in memory for your convenience (e.g. sorting products by date added, by price range, etc.). Technically, a cookie is linked to a browser on the machine (computer, tablet, smartphone) where it has been deposited. It is neither spyware nor a virus; it simply enables a choice to be retained, or certain information to be passed on from one page to another within the same website (e.g.: to know whether you are logged into your account, to transmit your account number to your shopping cart to retrieve a current cart, etc.).The use of our own or third-party cookies that are not necessary for the operation of the site requires us to ask for your consent, whereas those that are necessary for its use will be automatically installed. Please note that you may at any time express your consent to, or refuse the use of, cookies by configuring your browser accordingly. To do this, please refer to your browser's user guides.In accordance with current regulations, the cookies we use have a maximum lifespan of 12 months. On our website we use cookies to :

- Check whether you are logged in or not

- Check the number of connection attempts

- Remember your product sorting options (product pages, favorites page, shopping cart, etc.)

With regard to cookies issued by third parties when browsing our website, it is possible that certain services also record cookies, as is the case with the main networks (Facebook, Pinterest, etc.). We would also like to inform you that we use Google Analytics, a free web analytics service used by over 10 million websites worldwide, which will also save a cookie on your browser.

8) Consent

When you create your customer account and choose to communicate your personal data on the site, you expressly give your consent to the collection and use of such data in accordance with what is set out in this Charter and current legislation. Similarly, you give your consent when you register on the site as a prospect on our newsletter registration page and when you contact us directly or via the site's "contact" form to enable us to reply to you.

9) Right of access, rectification, portability and deletion

In accordance with EU Regulation 2016/679, you have the right to access, rectify, query, portability, erasure (right to be forgotten) and, where applicable, opposition to the use of your personal data.This right may be exercised by contacting us in writing by any means at your convenience, including the following e-mail message: [email protected] or by writing to us at Perles & Co, 25 rue Henri Moissan 81000 Albi. Your request must in all cases be accompanied by proof of your identity (copy of your identity card, passport, etc.). This will not be kept.

You can also manage your newsletter subscriptions directly on the site, or request to be removed from our mailing lists via your customer account.

You can also modify your personal data directly on the Perles & Co website by logging on to the "Account" section. Please do not hesitate to contact us if you encounter any difficulties.

The customer or any user of our website may, if necessary, lodge a complaint with a supervisory authority in the event of alleged failure to respect their rights.

However, we advise you to contact us beforehand, as often the resolution of this type of request does not require a complaint. Our team is at your service.

10) Charter update

This charter may be amended at any time to take account of changes in our business and processes, and to comply with regulatory changes. Its various versions will be kept as they evolve within the company.

Date of this Charter: 30/05/2018