This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
PRIVACY POLICY
Between the undersigned :
The company DAILY RETAIL, a limited liability company with share capital of 20,000 euros,
registered at the Rouen Trade
and Companies Register (RCS) under no. 827 451 063, with Intra-Community VAT no. FR. 11 827 451
063 and head office at
159 Route de Paris 76920 AMFREVILLE-LA-MI-VOIE.
Hereinafter referred to as the "Data Controller",
On the one hand,
And
Any Individual Browsing the website of the Data Controller ;
Hereinafter referred to as the "Data Subject",
On the other hand,
Without exception or limitation, the Data Subject and the Data Controller are subject to this
Privacy Policy. This
policy’s objective is to inform you of how the Data Controller collected and processed certain
of your personal
information in connection with your use of the website https://kilo-shop.com (hereafter referred
to as the “Site”) in
accordance with applicable law, including European Regulation No. 2016/670 and Law No. 78-17
(collectively referred to
as “the Legislation”).
This Privacy Policy is an integral part of the Data Controller’s General Terms and Conditions of
Sale.
- Supervisory Authority means the local authority in charge of data protection. The Supervisory
Authority is the
Commission Nationale Informatique et Libertés (CNIL).
- Consent means any free, specific, informed and unambiguous expression of will by which the
Data Subject accepts, by a
declaration or by a clear positive act, that Data relating to him or her may be Processed by the
Data Controller.
- Cookie means a file that enables the Data Subject's path on the Site to be traced.
- Recipient means any natural or legal person, public authority, service or other body that
receives communication of
the Data, whether or not it is a Third Party. However, public authorities that are likely to
receive communication of
the Data, in particular in the context of an investigation mission, are not considered as
Recipients within the meaning
of this definition.
- File means any structured set of Data accessible according to determined criteria, whether
this set is centralized,
decentralized or distributed in a functional or geographical manner.
- Legislation means all laws and regulations relating to data protection, and in particular
Federal Decree-Law N°45/2021
and European Regulation n°2016/679.
- Browsing means the consultation, acknowledgement, ordering and/or purchase of Products on the
Site by the Data
Subject.
- Data Subject means any natural person who browses the Site, when he or she can be identified,
directly or indirectly,
in particular by reference to an identifier, such as a name, an identification number, location
data, an online
identifier, or to one or more elements specific to his or her physical, physiological, genetic,
psychological, economic,
cultural or social identity.
- Products means the products offered for sale on the Site by the Data Controller to the Data
Subject.
- Pseudonymization means the processing of Data in such a way that it can no longer be
attributed to the Data Subject
without the need for additional information.
- Data Controller means DAILY RETAIL, a limited liability company with share capital of 20,000
euros, registered at the
Rouen Trade and Companies Register (RCS) under no. 827 451 063, with Intra-Community VAT no. FR.
11 827 451 063 and head
office at 159 Route de Paris 76920 AMFREVILLE-LA-MI-VOIE.
- Site means the infrastructure developed by the Data Controller in accordance with the computer
formats usable on the
Internet, comprising data of various kinds, in particular text, sound, still or animated images,
videos and databases,
intended to be consulted by the Data Subject in order to find out about, reserve, order and/or
purchase Products
(www.kilo-shop.com).
- Processor means any natural or legal person, public authority, department or body other than
the Data Controller who
processes Data on behalf of the Data Controller.
- Third Party means any natural or legal person, public authority, department or other body
other than the Data
Controller, the Processor and those persons who, under the direct authority of the Data
Controller or the Processor, are
authorized to process the Data, and in particular tour operators, travel agencies and
reservation systems.
- Processing means any operation or set of operations, whether or not carried out by automated
means, applied to the
Data or sets of Data, such as collection, recording, organization, structuring, storage,
adaptation or alteration,
retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making
available, alignment or
combination, restriction, erasure or destruction.
The Data Controller commits to implementing all the principles established by the GDPR, in
accordance with its Article
5.
The Data Controller collects and processes a variety of Data, including :
• Personal information (surname, first name, gender, postal address, email address, telephone
number, date of birth,
age, date of registration and unsuscription to the Data Controller’s customer accounts and
newsletter, messages
exchanged with the Data Controller, telephone conversation with the Data Controller’s customer
service)
• Banking information
(i) Payment method
(ii) Credit card number
• Information about your order such as :
(i) Product ordered
(ii) Delivery Address
(iii) Delivery tracking number
(iv) Order price
(v) Purchase history
• Technical information
(i) Browsing behavior
(ii) IP address
(iii) Products added to the shopping cart
(iv) Collection of consent
Data will be collected and processed in numerous occasions :
• Purchase
• Contact with the Data Controller
• Creating a customer account
• Browsing the Site
| PURPOSE OF THE PROCESSING | TYPE OF DATA | LEGAL BASIS OF THE PROCESSING | DURATION OF DATA RETENTION |
|---|---|---|---|
| MANAGEMENT OF PRODUCT PURCHASES, DELIVERIES, INVOICING AND ACCOUNTING STANDARDS | First name, last name, email address, postal address, telephone number, delivery address, order placed, delivery tracking number, date of registration and deregistration, payment method, credit card number | Contract, legal obligation and legitimate interest of the Data Controller to establish, exercise and defend his legal rights | 10 years from the purchase of the Product EXCEPT : 15 months from the purchase of the product for the banking data (immediately for the visual cryptogram) |
| CREATION AND MANAGEMENT OF CUSTOMER ACCOUNTS | First name, last name, email address, postal address, telephone number, date of creation of customer account, date of deletion of customer account, collection of consent | Consent of the Data Subject | 3 years from the last time the Data Subject logs on to his/her customer account |
| COMMERCIAL RELATIONSHIP MANAGEMENT | First name, last name, email address, postal address, telephone number, purchase history, shopping cart, date customer account created, date customer account deleted, consent obtained | Legitimate interest of the Data Controller in managing the customer relationship | 3 years from the last contact by the Data Subject |
| COMMERCIAL PROSPECTING (E.G. USEFUL INFORMATION, PRODUCT ADVICE, SHOPPING CART ABANDONMENT REMINDERS, PERSONALISED OFFERS) | First name, last name, email address, shopping carts, postal address, phone number, purchase history, consent collection | Consent of the Data Subject or legitimate interest of the Data Controller to promote its Products | 3 years from the last contact by the Data Subject |
| NEWSLETTER MANAGEMENT | Email address | Consent of the Data Subject | 3 years from the last contact by the Data Subject |
| SECURING AND IMPROVING THE SITE | IP address, Browsing data. | Legitimate interest of the Data Controller to improve the Site and to manage the Site, to secure and administer the Site, to prevent fraud and malicious acts. | 13 months |
| COMPLAINTS AND CUSTOMER SERVICE MANAGEMENT | First name, last name, email address, postal address, telephone number, purchase history, exchanges, IP address, consent collection | Consent of the Data Subject and legitimate interest of the Data Controller to improve its Products and customer service. | 3 years from the last contact by the Data Subject |
| SITE STATISTICS AND PERSONALISED ADVERTISING | IP address, Browsing data, Collection of consent | Consent of the Data Subject | 6 months |
In principle, the Data Controller is the sole Recipient of the Data.
However, the Data Controller may transfer the Data to other Recipients, in particular in
connection with the management of Product purchases by the Data Subject, and/or to any public authority that may request it, in particular in connection with an investigation.
The following recipients may process your data as subcontractors on behalf of the Data
Controller:
Emmanuel Blot via contact@kilo-shop.fr
The list of the Data Controller’s subcontractors may change at any time.
The Data Controller undertakes to require from its Processors sufficient guarantees as to the
implementation of appropriate technical and organizational measures so that the Processing meets the legal and
regulatory requirements and guarantees the protection of the rights of the Data Subject.
In addition, the Data Controller may disclose to any Recipient or Third Party the Data being processed where a legal
obligation to do so exists or where the Data Controller considers in good faith that this is
necessary to:
• Respond to any claims against it;
• Comply with the requirements of the judiciary and/or the administrative order and/or the
Supervisory Authority;
• To enforce any contract to which the Data Subject is a party;
• Safeguarding the vital interests of all natural persons;
• The performance of a public interest task.
In the event that the Data Processor is purchased by a Third Party, the Data Processor reserves
the right to share the
Data with the purchasing Third Party subject to the Third Party's compliance with this Privacy
Policy.
(i) The Data Subject shall have the right of access to their Data. The overall aim of the right
of access is to provide
individuals with sufficient, transparent an easily accessible information about the processing
of their data so that
they can be aware of and verify the lawfulness of the processing and the accuracy of the
processed data.
(ii) The Data Subject has the right to obtain from the Data Controller the rectification and/or
erasure of inaccurate or
outdated Data as soon as possible, unless the contrary situation prevents the exercise of this
right, and in particular :
• The exercise of the right to freedom of expression and information;
• Compliance with a legal obligation;
• Public interest in the field of public health, archives, scientific or historical research or
statistics;
• The establishment, exercise or defense of legal rights.
(iii) The Data Subject has the right to object at any time, on grounds relating to his of her
particular situation, to
the Processing of Data based on the performance of a task carried out in the public interest of
the need to legitimate
interest of the Data Controller.
(iv) The Data Subject has the right to obtain from the Data Controller the restriction of the
Processing of the Data
where :
• The accuracy of the Personal Data is challenged by the Data Subject, for a period of time
allowing the Data Controller
to verify the accuracy of the Data;
• The processing is unlawful and the Data Subject objects to their erasure and demands instead
that their use be
restricted;
• The Data Controller no longer needs the Data for the purposes of the Processing, but they are
still necessary for the
Data Subject to establish, exercise or defend legal claims;
• The Data Subject has objected to the Processing during the verification as to whether the
legitimate grounds pursued
by the Data Controller prevail over those of the Data Subject.
(v) The Data Subject who has obtained the restriction of the Data Processing shall be informed
by the Data Controller
before the restriction of the processing is lifted.
(vi) The Data Subject shall have the right to receive the Data he or she has provided to the
Data Controller in a
structured, commonly used and machine-readable format, and shall have the right to transmit such
data to another
controller without the Data Controller's interference.
(vii) The Data Subject has the right to lodge a complaint with the Supervisory Authority if
he/she considers that he/she
has been subject to unlawful Processing of Data by the Data Controller.
(viii) The Data Subject has the right to define directives on the fate of the Data after his/her
death with the Data
Controller who will use all technical means to ensure that this wish is respected.
The Data Controller shall take appropriate technical and organizational measures to protect the
Data against
destruction, loss, alteration, misuse and unauthorized access, modification or disclosure,
whether such actions are
intentional or accidental.
The purpose of these technical and organizational measures is to ensure the confidentiality,
integrity, availability and
resilience of the Site and the information systems where the Files are stored.
In order to secure the Person's browsing, the Site is SSL (Secure Socket Layer)
encrypted.
Article 7. Changes to the Privacy Policy
The Data Controller reserves the right to modify this Privacy Policy from time to time. In the
event of a material
change to this Privacy Policy, the Data Subject will be informed personally of the new Privacy
Policy. The Data Subject
is invited to consult this Privacy Policy regularly to take note of any changes to it.
Questions about this Privacy Policy may be sent by the Data Subject to the following addresses:
contact@kilo-shop.fr
If any provision of this Privacy Policy is found to be invalid by any applicable law or court decision, it shall be deemed to be unwritten, but this shall not invalidate the entire Privacy Policy or affect the validity of the remaining provisions.
Article 9. Cookie management
When browsing the Site, the Data Subject may consent to or oppose the installation of Cookies on his/her computer terminal. Les cookies présents sur le Site sont les suivants :
| Cookie name | Finality | Category | Storage duration |
|---|---|---|---|
| __stripe_mid | Following the user through the order process | Necessary | 1 year |
| _ga | User tracking on the site for analysis purposes (google) | Analytical | 1 year et 1 month |
| _gid | User tracking on the site for analysis purposes (google) | Analytical | 1 day |
| _pk_id | User tracking on the site for analysis purposes (matomo) | Analytical | 1 year |
| _pk_ref | User tracking on the site for analysis purposes (matomo) | Analytical | 6 months |
| last_display | Newsletter popup display | Functional | 1 year |
| lastAccessFolder | Caching | Necessary | 1 year |
| moove.gdpr.popup | GPDR | Necessary | 1 year |
| tk.ai | Track the user's connection path | Necessary | Session |
| woocommerce_cart_hash | Follow the user through the order process | Necessary | Session |
| woocommerce_items_in_cart | Follow the user through the order process | Necessary | Session |
| woocommerce_logged_in | Track the user's connection path | Necessary | Session |
| wordpress_sec | Track the user's connection path | Necessary | Session |
| wp_woocommerce_session | Track the user's connection path | Necessary | Session |
| wp_settings-1 | Saving user settings | Necessary | Session |
| wp_settings-time-1 | Saving user settings (date and time format) | Necessary | Session |
| wp-wpml_current_language | Saving user settings (language) | Necessary | 1 day |
At any time, you can configure your browser :
• For Microsoft Internet Explorer 8.0 and above (including Edge)
- Click on the menu in the browser toolbar
- Go to "Settings"
- Click on "Cookies and stored data" and "Manage and delete cookies and site data
and data".
• For Mozilla Firefox
- Click on the menu in the browser toolbar
- Go to "Tools" and "Options"
- Click on "Privacy"
- Select "Cookies"
• For Google Chrome
- Click on the menu in the browser toolbar
- Click on "Settings", then on "Privacy & Security".
- Click on "Cookies"
When browsing the Site, the Data Subject may consent to or oppose the installation of Cookies on
his/her computer
terminal.
In general, Cookies record information relating to the navigation of computers on the Site (the
pages consulted, the
date and time of consultation, etc.), information that may be read during the Data Subject's
subsequent visits to the
Site with transmission of the Data to the Data Controller. The installation of these
non-functional Cookies requires the
consent of the Data Subject.
Some Cookies are essential for the proper functioning of the Site and do not require the consent
of the Data Subject
before being installed.
Cookies are automatically deleted within thirteen (13) months of their installation if the Data
Subject does not renew
his/her consent before the expiry of this period.