Is www.agatha-paris.com secure?The transmission of information on our site takes place in a secure context, using the protocols in force on the Internet. Payment card numbers are not stored on www.agatha.fr but on the secure site of our banking institution Adyen. Your purchases are completely secure, we are committed to the security of your bank transactions.
General provisionsThe following provisions concern all processing of personal data carried out by the controller, unless otherwise stated in the specific provisions.
Legal framework - compliance with RGPD and French lawWe process your personal data for the purpose of fulfilling orders placed on our website and for customer relationship management. This processing is necessary for the performance of pre-contractual measures taken at your request and for the performance of the contract concluded between us. It is based on Article 6(1)(b) of the General Data Protection Regulation (Regulation EU 2016/679 of the European Parliament and of the Council of 27 April 2016 - on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the GDPR) and on French Law No. 78-17 of 6 January 1978 on data processing, files and freedoms (as amended). The data request is a condition for the conclusion of the contract. It is of a contractual nature. The data subject is obliged to provide the data. Otherwise, they will not be able to place an order on our site.
Data controller and other stakeholdersThe person responsible for the processing is the site editor, whose identity and contact details are indicated in the legal notice section of the site and are given below. The policy set out below applies to the processing of personal data carried out by AGATHA, a simplified joint stock company under French law with a capital of 2,000,000 euros, registered in the Paris (France) Trade and Companies Register under number 828 378 570, whose registered office is located at 37 rue de Liège 75008 Paris (France) represented by Mr Eric LEFRANC in his capacity as Manager of Renaissance SARL, the legal entity chairing AGATHA. The contact details of the Data Protection Officer are firstname.lastname@example.org
Destincipients of the personal dataThe recipients of the data are the data controller and its service providers who are involved in the execution of the orders: - financial institutions, - fraud detection and prevention entities, - technology service providers, - suppliers and employees of logistics, transport and delivery services, - providers of customer service related services
Data transferThe controller does not intend to transfer personal data to a third country or to an international organisation.
Duration of storage of personal dataWe keep your data for the duration of our business relationship and for as long as necessary for the purposes of the processing. The length of time we need your data varies depending on the type of personal data you have provided to us and the purpose. Your personal data will no longer be used to send you commercial solicitations via email and or sms after a period of three years from your last interaction with us, such as: your last order or your last interaction with our newsletter.
Rights of the person whose data is collectedThe person whose personal data is collected has the right :
- to request from the controller access to, rectification or erasure of personal data, or a restriction of processing in relation to the data subject, - to object to the processing, - to the portability of their data, - to lodge a complaint with a supervisory authority, - to withdraw consent at any time, without prejudice to the lawfulness of the processing based on consent carried out prior to the withdrawal of consent, this right existing exclusively where the processing is based on Article 6(1)(a) or Article 9(2)(a) of the GDPR, i.e. on the consent of the data subject to the processing of his or her personal data for one or more specific purposes
Specific provisionsThe following provisions are specific to each type of personal data processing on the www.agatha-paris.com website
Fulfilment of orders placed on our websitePersonal data processed - We process the following personal data: title, first name, surname, telephone number, e-mail address, postal address, place of delivery, payment methods, payment information. The processing is intended for the execution of orders placed on our website and for the management of the relationship with our customers. This processing is necessary for the execution of pre-contractual measures taken at your request and for the execution of the contract concluded between us. It is based on Article 6(1)(b) of the GDPR. The request for data is a condition for the conclusion of the contract. It has a contractual character. The data subject is obliged to provide the data. Otherwise, he or she will not be able to place an order on our website.
Management of the relationship with our contacts and prospectsWe process the following personal data: title, first name, surname, telephone number, e-mail address, postal address, date of birth, language and country from which you interact with us, newsletter subscriptions, login data, geolocation data and browsing data (if you interact with us from your mobile phone, for example) The processing of personal data is intended to manage the relationship with our contacts and prospects. In particular, this processing is intended to : - to provide the data subject with information about news about our organisation, products and services. - To contact you regarding updates or communications of information about the features, products or services provided, including sending quality surveys about the products or services provided. - If you have subscribed to our newsletter, we will process your personal data to manage your subscription, including sending you targeted information about our products or services through various means (such as email or SMS). Similarly, we may send you this information through push notifications if these have been enabled on your mobile device. We would therefore like to draw your attention to the fact that this data processing involves the analysis of your user profile to determine what your preferences are and therefore what products or services are more appropriate to your style for sending you information. For example, based on your purchase and browsing history (i.e., based on the items you have clicked on), we will offer you products that we believe may be of interest to you. This processing of personal data is based on the consent of the data subject (Article 6(1)(a) GDPR). The request for data is of a contractual nature. The data subject is not obliged to provide the data. If the data subject does not provide the data or withdraws his or her consent to the data processing, he or she will not be able to receive information about news from our organisation, our products and services.
Automated decision making - profilingUnless otherwise specified in the specific provisions, automated decisions will be taken on the basis of the data collected. The specific provisions shall specify, for each type of processing concerned, the logic underlying such automated decisions and the significance and the expected consequences of such processing for the data subject. The CRM programme is underpinned by a segmentation logic of RFM (Recency-Frequency-Amount) and PMG (Small, medium or large customer).
What happens if you provide us with third party data?We offer certain features or services that require the processing of personal data from a third party that you have provided to us, such as activating and sending a Gift Card or managing a Gift Voucher application or referral. If you provide Personal Data to third parties, you assure us that they have been informed of the purposes and manner in which we need to process their Personal Data.
What is a Cookie?A cookie is a small text file that a website stores on your computer, phone or other device to collect data about your browsing on the site.