Privacy Policy

Website publisher

This website is published by E-LIR SAS.

SAS with a capital of 1500 euros. Registered with the Paris Trade and Companies Register under number 95397743600013.Address: 78 Avenue des Champs Elysées 75008 ParisTelephone: 0780930018Director of publication: Loubna Jamal

Hoster

This website is hosted by:

Aut O'Mattic Ltd.Grand Canal Dock, 25 Herbert PlDublin, D02 AY86IrelandPrivacy Policy

The purpose of this privacy policy is to explain why we collect your data and how we are committed to protecting it.

E-LIR SAS is committed to the protection of your personal data and your privacy.

As such, and in accordance with the General Data Protection Regulation (hereinafter referred to as the "GDPR"), we hereby inform you of the conditions under which your personal data is to be processed by us.

What personal data do we process?

 

Purposes:

We may collect and store your personal data, in particular to:

 Process and respond to your messages, Create and manage access to your accounts, Receive and process your order, Manage your subscriptions to our newsletters, Establish and monitor the commercial relationship that may result from your messages, Write a review/comment published on the site,  Collect your payment, Send you marketing and advertising information based on your preferences, Allow you to communicate with other users of the website, Remember your choices regarding the use of cookies, To meet current or pending regulatory requirements

Data categories:

Contact details (e.g. surname, first name, telephone number, email);

Legal bases for processing

The processing of personal data implemented is based on:

• Or on the consent of the data subject (Article 6.1.a of the GDPR) for all processing operations that require the prior collection of consent. In online forms, mandatory fields are marked with an asterisk. If you do not answer the mandatory questions, we will not be able to provide you with the requested services.

• Either for the performance of a contract or the execution of pre-contractual measures,

• Or for the pursuit of a legitimate interest (Article 6.1.e of the GDPR).

• Either for compliance with a legal or regulatory obligation;

Your data is kept for the time necessary to achieve the purposes mentioned above.

The length of time Customers' personal data is stored depends on the purpose concerned. In this context, Customers' personal data are kept for the time necessary to fulfill their request. In the absence of any realization, personal data is deleted within the time limits recommended by the Commission Nationale Informatique et Libertés (CNIL), at the end of a period of three years from their collection, subject to: – the legal possibilities and obligations in terms of archiving, – the obligations to retain certain data, for evidentiary purposes, and/or to anonymize them. The Client's personal data collected and processed, for the purposes of executing the offers, are kept for the time necessary to manage the contractual relationship. By way of derogation, the personal data required for the establishment of proof of a right or contract are archived in accordance with the legal provisions (5 or 10 years after the end of the business relationship, as the case may be).

Who are the recipients of your data?

Your personal data is intended for E-LIR SAS.

Our internal services: They are processed by the staff of our various departments such as the sales department or the department in charge of IT security., Companies or trusted persons: they process your information for us for the purposes set out above, in accordance with our instructions as described in our Privacy Policy and any other appropriate use cases in terms of confidentiality and security.,  Technical subcontractors: Your personal data may be transferred to our technical subcontractors (within the meaning of Article 4.8 of the GDPR) in a strictly regulated manner. In the event of a transfer, we ensure that the processors comply with the GDPR and take technical and organisational measures to ensure data protection (Art. 28 GDPR).

Payment Provider (such as Stripe)

We sometimes need to allow our partners to process, on our behalf, the personal information we hold about you for the purposes set out in this policy or for any other reason required by law.

The Customers' personal data collected is hosted in France.

In the case of the use of a service provider located outside the European Union, we undertake to verify that appropriate measures have been put in place to ensure that personal data benefits from an adequate level of protection.

How does E-LIR SAS keep your data secure?

We put in place all organisational and technical measures to ensure an appropriate level of security for your personal data, and in particular to avoid any loss of confidentiality, integrity or accessibility.

We frequently back up data, implement technical and organizational measures to ensure that the storage of Clients' personal data is secure for the time necessary to achieve the purposes pursued.

What are your rights over your personal data?

In accordance with the Applicable Regulations, you have the following rights:A right to rectification: you have the right to obtain the rectification of inaccurate data concerning you. You also have the right to complete incomplete data concerning you, by providing an additional declaration. In the event of exercising this right, we undertake to communicate any rectification to all recipients of your data,A right to erasure: in certain cases, you have the right to obtain the erasure of your data. However, this is not an absolute right and we may for legal or legitimate reasons retain this data. A right to restriction of processing: in certain cases, you have the right to obtain the restriction of processing of your data,A right to data portability: you have the right to receive your data that you have provided to us, in a structured, commonly used and machine-readable format, for your personal use or to transmit it to a third party of your choice. This right only applies when the processing of your data is based on your consent, on a contract or when this processing is carried out by automated means,A right to object to processing: you have the right to object at any time to the processing of your data for processing based on our legitimate interest,  a mission of public interest and those for commercial prospecting purposes. This is not an absolute right and we may for legal or legitimate reasons refuse your request to object,The right to withdraw your consent at any time: you can withdraw your consent to the processing of your data where the processing is based on your consent. The withdrawal of consent does not affect the lawfulness of processing based on consent carried out prior to such withdrawal,The right to lodge a complaint with a supervisory authority  : you have the right to contact your data protection authority to complain about our personal data protection practices,In

application of the GDPR, the conditions for exercising these rights may vary depending on the basis of lawfulness of the processing referred to in the first paragraph. We will respond to any exercise of rights as soon as possible and in any event within 30 days of receipt of the request.

We reserve the right to:

•  

• To request proof of the applicant's identity in the event of reasonable doubt about the latter, in order to comply with its obligation of confidentiality,

•  

• To extend the response period by two months, informing the applicant of this extension and the reasons for the postponement within one month of receipt of the application,

•  

• To refuse to respond to an exercise of rights if it was considered abusive (in view of their number, their repetitive or systematic nature).

•  

 

Who to contact for all GDPR-related requests?

To exercise your rights, you can contact us:

We have appointed a Data Protection Officer (DPO), who will be able to respond to all your requests, including the exercise of rights, relating to your personal data.

E-LIR SAS



SAS with a capital of 1500 euros. Registered with the Paris Trade and Companies Register under number 95397743600013.Address: 78 Avenue des Champs Elysées 75008 ParisTelephone: 0780930018Director of publication: Loubna Jamal

If, despite our efforts and commitments, you believe that your rights regarding your personal data have not been respected, you can file a complaint with the Commission Nationale Informatique et Libertés:  CNIL 3 Place de Fontenoy TSA 80715 75334 Paris Cedex 07

Reservation of changes to the Data Protection Policy

This Personal Data Protection Policy may change. They have been developed from a free model that can be downloaded from the https://donnees.net website. As we are constantly developing our services, we reserve the right to change this Privacy Policy, in accordance with the applicable legal provisions. Any changes are published on this document in a timely manner. We advise you to check this page regularly for any changes or updates to our Privacy Policy.

 

Cookies Policy

 

What is a "cookie"?

Cookies are small text files that a website saves on your computer or mobile device when you visit the site.

They make your online experience easier by saving browsing information. Through cookies, sites can keep you logged in, remember your site preferences, and provide you with personalized content. Cookies may also be used to compile statistics on the browsing experience and to show targeted advertisements.

In general, cookies can be categorized by:

Domain:

– First-party cookies are issued by a website that a user visits directly.

– Third-party cookies are not created by the website visited, but by a third party such as Google Analytics, DoubleClick, Facebook, Twitter, LinkedIn, Youtube, Vimеo, etc.

Purpose:

– Strictly necessary cookies are required for the website to function properly.

– Preference cookies allow a website to remember choices you have made in the past.

– Statistical cookies help the website owner to collect statistical data and understand how visitors interact with the website.

– Marketing cookies track the user's online activity to help advertisers deliver more relevant ads.

Duration:

– Session cookies that are deleted when the user closes the browser.

– Persistent cookies that remain on the user's device for a certain period of time.

What cookies and trackers do we use?

Strictly Necessary cookies

Cookie key Domain Path Cookie type Expiration Description

PHPSESSIDFirst-party Session Cookie generated by applications based on the PHP language. This is a general purpose identifier used to maintain user session variables. It is normally a random generated number, how it is used can be specific to the site, but a good example is maintaining a logged-in status for a user between pages.


Performance cookies

_gidFirst-party 1 day This cookie is set by Google Analytics. It stores and update a unique value for each page visited and is used to count and track pageviews.

_gatfirst-party 1 minute This cookie name is associated with Google Universal Analytics, according to documentation it is used to throttle the request rate – limiting the collection of data on high traffic sites._gaFirst-party 2 years This cookie name is associated with Google Universal Analytics – which is a significant update to Google's more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports.


Targeting cookies

Cookie key Domain Path Cookie type Expiration DescriptionYSCMore info .youtube.com / Third-party Session This cookie is set by YouTube to track views of embedded videos.

VISITOR_INFO1_LIVEMore info .youtube.com / Third-party 6 months This cookie is set by Youtube to keep track of user preferences for Youtube videos embedded in sites; it can also determine whether the website visitor is using the new or old version of the Youtube interface.

Your Cookie Preferences

When you arrive for the first time on the site, a cookie banner offers you to accept or refuse Cookies that are not essential to the operation of the site. You can refuse/disable Cookies at any time, except for Cookies that are necessary for the stable operation of the site. You have the option to change your preferences for managing cookies at any time.

 

Questions

What is a privacy policy?

.

What information do I need to provide? (CNIL)

In all cases:

• Identity and contact details of the organisation (data controller);

• Purposes (what the data collected will be used for);

• Legal basis for data processing (i.e. what gives an organisation the right to process the data): this can be the consent of the data subjects, compliance with an obligation provided for by a text, the performance of a contract, etc.) ;

• Mandatory or optional nature of the collection of data (which implies upstream reflection on the usefulness of collecting this data in view of the objective pursued – principle of "minimization" of data) and consequences for the person in the event of non-provision of data;

• Recipients or categories of recipients of the data (who needs to access or receive it in view of the defined purposes, including processors);

• Data retention period (or criteria for determining it);

• Rights of data subjects (rights of access, rectification, erasure and restriction apply to all processing)

• Contact details of the organisation's data protection officer, if appointed, or a point of contact on personal data protection issues;

• Right to lodge a complaint with the CNIL.

How to make a privacy policy in the rules?

All websites collecting, directly or indirectly, personal data must include a privacy policy. This measure to protect users of your website's services is also known as a privacy policy. In addition to its protective role, the privacy policy provides users of your services on the web with the necessary information on the processing and publication of their personal data. The drafting of a website's privacy policy must meet certain requirements. More details in this content!

Understanding the principle of the privacy policy and its usefulness

By definition, the privacy policy is a written statement. It is a protection measure that must be integrated by websites collecting data and which provides information on how the collection, classification, storage and processing of users' personal data is carried out. Clearly, the privacy policy is useful to provide greater browsing security to users of e-commerce site services. For the company that owns the website, it is also a way to establish a relationship of trust with its Internet users.

In addition, the drafting of a privacy policy must meet certain standards. Among these, there is the General Data Protection Regulation (GDPR) which must be respected. Indeed, the services offered on your site must comply with the GDPR standard. Users who search on Google will then be reassured of the legality of your services and know how their personal data is processed.

Have all the information you need to write the privacy policy

To draw up your privacy policy, you need some essential data. These will make it possible to have a comprehensible, transparent privacy policy that meets the required standards. Through this charter, Internet users must know, in a precise way, the purpose of your collection of their personal data in your company. Thus, the privacy policy includes, among other things, the rights of data subjects.

The first right of data subjects is to know exactly what the personal data they provide to the company is used for. Users of your services also have the right to correct or even delete such personal data, under certain conditions. All of these details should be included at this level of your privacy policy. You will also have to mention the articles of the GDPR that support these rights of Internet users, the users of your services. To go further, you will need to integrate redirect links at this level to allow users of your online services to check the articles of the GDPR cited.

For clarification, personal data obtained directly from users (to register for a newsletter, competition, payment or purchase) must be dissociated from data collected indirectly.

Inform the customer about the interest of cookies, making them understand that they allow us to optimize the user experience of the site for future browsing. However, you should not use too many technical terms either at the risk of confusing users. It should be noted that the personal data collected by cookies has a retention period. If you can, inform users about the time after which this information will be deleted from your e-commerce site and therefore from your company's archives.

The privacy policy can also reassure Internet users about their financial information. Provide information to your users that the information provided is encrypted and will not be disclosed to third parties. This protection charter complements the general terms and conditions of sale on your site. At this level, the responsibilities of each party are exposed so that transactions take place in the best conditions.

In short, here is what your privacy policy must contain:

• the identification information of the body responsible for the data processing

• a description of your purposes for data collection

• Define whether your data collection is mandatory or optional

• Who are the people who will have access to the data you collect on your site (IT managers, subcontractors, etc.)

• what legal bases you rely on to have the right to collect and process personal information from Internet users

• What is the data retention period

• what are the conditions for deleting this collected data?

• Define the right to access, modify and delete data

• what are the possible rights to complain to the CNIL regarding this data collection?

• give the identity of your DPO (Data Protection Officer) and a way to contact him

Tips for writing a privacy policy

Once you have all the useful information available, you can start writing your site's charter itself. Be careful not to lose sight of the GDPR rules here. In addition, you will have to play the transparency and conciseness card.

So start by structuring the information to be included in the privacy policy. This will make your data protection document easier and more understandable. People will also be able to search more easily for the information they need on the page. For the structure, it is the most relevant information that must be highlighted. The others will follow.

When writing the charter, you should also adopt a clear tone and easy-to-understand language. By writing, you should be able to make sure that an average Internet user will understand exactly what you write. Technical and/or legal terms are therefore to be avoided here.

As for the presentation of the privacy policy page, it must be airy. Cleverly bet on line breaks, line breaks, and other ways to bring clarity to your content.

The Role of the Privacy Policy Generator

If you don't have experience, it can be quite difficult to write a privacy policy properly. Thus, it would be beneficial for you, to use a privacy policy generator. Failing that, the Legal France website, for example, can help you with your drafting.

It allows you to automatically generate a privacy policy by integrating the necessary customizations. You will then find the general terms and conditions of sale, the legal notices and the return and refund policies. Using such an application is a simple and easy way to design the privacy policy of your website, whether you have legal knowledge or not.

You can also contact a law firm to write this page of your site. Such a professional will take into account the European and French laws in force, to offer you a legal privacy policy that meets your expectations.

Moreover, regardless of the writing method you choose, having your privacy policy reviewed by a lawyer at the end of the process seems to be wise. This will reassure you about the legality of your final content.