Privacy Policy
Privacy Policy
Update: October 31, 2023
Article 1 - Purpose and scope
ALONE 1.62 collects and processes certain personal data from users of the E-shop. As the data controller, it guarantees to comply with the applicable regulations on the protection of personal data, namely the French Data Protection Act n°78-17 of January 6, 1978, as well as the European Data Protection Regulation n°2016/679 of April 27, 2016 and the recommendations of the Commission Nationale Informatique et Libertés ("CNIL") (together the "Data Protection Regulations"). The purpose of the present Personal Data Charter is to inform the user of the E-shop site of the processing of personal data carried out by ALONE 1.62 and of the rights he has to, in particular, oppose or withdraw his consent to the said processing, as well as the methods by which he can fully exercise these rights.
Article 2 - Types of personal data processed
Customer account creation: login and password, surname, first name(s), e-mail address;
Placing an order: surname, first name(s), e-mail address, delivery/billing address, telephone number, bank details.
Article 3 - Purpose
- To manage the creation and maintenance of the Customer Account;
- Management of customer and prospect files;
- Process and execute orders, including payment management;
- Notice management;
- To process and resolve complaints;
- Send commercial offers, if the user has consented by ticking the appropriate box.
Article 4 - Hosting
The user's personal data is hosted on secure servers located in the USA, by the hosting provider indicated in the legal notice published on the E-shop.
Article 5 - Security
ALONE 1.62 undertakes to:
- Guarantee the confidentiality of personal data and ensure that only authorized persons have access to it;
- Implement all technical and organizational security measures required to ensure the security and integrity of personal data that may be stored on its own infrastructure and/or information systems, and limit any risk of violation that may lead, accidentally or unlawfully, to the destruction, loss, alteration, unauthorized disclosure or unauthorized access to personal data;
- To inform the user in the event of a data breach within the required timeframe and form, and to implement all necessary corrective measures;
Article 6 - Data recipients
ALONE 1.62 may transmit some of the user's personal data to third parties, subcontractors and service providers (see list below, subject to change), who are expressly required to respect confidentiality and security obligations in accordance with data protection regulations:
- E-shop hosting provider: Vercel Inc,
- Payment service provider: Stripe ;
- Carrier responsible for delivering ordered products: DHL.
ALONE 1.62 reserves the right to transmit the user's personal data in order to comply with a legal obligation, or in application of a judicial or administrative decision, or of an independent administrative authority.
Article 7 - Retention period
- User's personal data: for the duration of the commercial relationship and 3 years after its end, or a maximum of 3 years after collection or last contact; 1 month after request for deletion.
- Credit card number and expiry date: 4 months after debit date
- Credit card visual cryptogram: for the duration of the transaction
Article 8 - User rights
The user has the right, at any time, to access, modify, rectify, withdraw consent, delete, portability, oppose or simply obtain a copy of his/her personal data. These rights may be exercised by sending an e-mail to contact@averseparis.com. ALONE 1.62 will respond as soon as possible and will notify the user of the follow-up and results of any action taken.
The user has the right to object, free of charge and at any time, to the use of data concerning him/her for canvassing purposes, in particular commercial canvassing, by ALONE 1.62, its commercial partners or any person responsible for further processing.
The user has the right to lodge a complaint with the CNIL - 3 Place de Fontenoy, 75007 Paris or with the competent courts, in accordance with data protection regulations.