GDPR, Cookies & Personal Data Protection
As part of the provision of our website, we process your personal data in compliance with the General Data Protection Regulation 2016/679 of April 27, 2016 ("GDPR") and under the conditions set out below.
2. What are the general principles of data collection and processing?
In accordance with the provisions of Article 5 of European Regulation 2016/679, the collection and processing of website's user data respects the following principles:
Lawfulness, loyalty and transparency: data can only be collected and processed with the consent of the user who owns the data. Whenever personal data is collected, the user will be informed that their data is collected, and for what reasons their data is collected;
Limited purposes: collections and processing of data are carried out to meet one or more objectives determined in these General Terms and Conditions;
Minimization of data collection and processing: only the data necessary for the proper execution of the objectives pursued by the website are collected;
Conservation of data reduced in time: the data is kept for a limited period of tim and communicated to the user. When this information cannot be communicated, the user is informed of the criteria used to determine the retention period;
Integrity and confidentiality of data collected and processed: the data controller undertakes to guarantee the integrity and confidentiality of the data collected.
In order to be lawful, and in accordance with the requirements of Article 6 of European Regulation 2016/679, the collection and processing of personal data may only take place if they comply with at least one of the following conditions:
The user has expressly consented to the processing;
The Processing is necessary for the proper performance of a contract;
The Processing meets a legal obligation;
The processing is explained by a requirement related to the protection of the vital interests of the data subject or of another natural person;
The processing may be explained by a requirement linked to the performance of a task of public interest or which falls within the exercise of public authority;
The processing and collection of personal data is necessary for the purposes of the legitimate and private interests pursued by the controller or by a third party.
3. Personal data collected and processed in the context of browsing the website
Foliumize only uses your personal data in the cases provided for by the regulations in force:
The performance of a contract that we have concluded with you,
Compliance with a legal obligation,
Your consent to the use of your data.
3.1 What type of data is collected and processed?
The personal data collected on foliumize.com website are as follows:
Names, first names, civility;
A customer identifier number;
Photos or videos taken during events or shared by users or partners of Foliumize.
Postal address, e-mail address;
phone number (optional);
Information necessary for the delivery or transport of an ordered product;
Review collected following the order of a product;
Any other information that you wish to bring to our attention during our electronic communications.
In addition, when paying on the website, proof of the transaction including the order form and invoice will be kept in the website editor's computer systems.
The collection and processing of data serve the following purposes:
Management and follow-up of orders (including invoicing and delivery);
Customer and prospect management;
Sending of information regarding the modification or evolution of our services;
Management of subscriptions to our newsletters and / or email alerts;
Purposes associated with the deposit of cookies on your browser;
Operation and optimization of navigation on our website;
The data collected is essential for order management (preparation of invoices, organization of physical or dematerialized delivery) as well as for sharing any Foliumize news.
Exclusion of any sensitive, automated or profiling data
Foliumize does not collect sensitive data about any user. The following are considered sensitive data: racial or ethnic origin, political opinions, religious or philosophical beliefs, union membership, data relating to health or sexual orientation.
No profiling or automated decision making is implemented.
3.2 When is the data collected?
This data is collected when the user performs one of the following operations on the website:
The execution of an order;
The operation of tracking an order;
Subscription to a newsletter;
The response to a satisfaction survey;
Navigation on the website;
Contact the website to ask a question or share a comment.
3.3 How long do we keep your personal data?
The data controller will keep all the data collected through the website's computer-based systems and under reasonable security conditions for a period of 3 years from the user's last contact.
3.4 Data transmission with third-party companies
The data can be shared with third companies, in the following cases:
When Foliumize uses the services of subcontractors for the shipment of orders;
If necessary, in order to follow up on claims made against Foliumize, the latter may transmit data in order to comply with administrative and legal procedures;
When the user uses the payment services offered by the service provider with which Foliumize has entered into a contract. The payment service provider offered on the website is STRIPE. This company receives banking data shared by users when paying for their order. STRIPE sets up a secure transaction system and applies technical security measures to ensure the integrity and confidentiality of data provided by the customer. All direct payment gateways used by Foliumize adhere to the standards set by PCI-DSS, managed by the PCI Security Standards Council, which is a joint effort of brands such as Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure management of credit card information by their platform and service providers. You can consult STRIPE's personal data policy: https://stripe.com/en-fr/privacy#pagmt .
3.5 Data hosting
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com data storage, databases and general Wix.com applications. They store your data on secure servers behind a firewall.
Wix may store visitor data to your site in multiple locations and locations for the purpose of backing up data in geographically diverse locations.
The personal information of your site visitors may be stored in data centers located in the United States of America, Ireland, South Korea, Taiwan and Israel.
Wix is a global company that obeys the laws of the jurisdictions in which it operates. The processing of customer user data can take place in the territory of the European Union, in Israel or in a third country, a territory or one or more sectors specified in this third country, which the European Commission has decided that they offer an adequate level of protection (transfer on the basis of an adequacy decision).
Wix.com is certified under the EU-US Privacy Protection Framework and the Switzerland-US Privacy Protection Framework as defined by the US Department of Commerce, regarding the collection, use and retention of personal information transferred from the European Union and Switzerland to the United States, and therefore adheres to the principles of privacy protection.
500 Terry A François Blvd San Francisco, CA 94158,
+1 415-639-903 4
4. Data controller and data protection officer
4.1. The data controller
The person responsible for processing personal data can be contacted as follows: email@example.com
The data controller is responsible for determining the purposes and means used for the processing of personal data.
4.2. How do we protect your personal data?
The data controller undertakes to protect the personal data collected, not to transmit them to third parties without the user having been informed and to respect the purposes for which these data were collected.
The website has an SSL certificate to guarantee that the information and the transfer of data passing through the website are secure.
An SSL certificate ("Secure Socket Layer" Certificate) is intended to secure the data exchanged between the user and the website.
In addition, our host uses cryptographic hashing functions to protect your information.
In the event that the integrity, confidentiality or security of the user's personal data is compromised, the data controller undertakes to inform the user by any means.
4.3. Contact for your questions regarding your personal data
In addition, the user is informed that the following person has been appointed Data Protection Officer: Romain Rouyer, co-founder of Foliumize.
The role of the Data Protection Officer is to ensure the proper implementation of national and supranational provisions relating to the collection and processing of personal data.
5. What are your user rights?
In accordance with the regulations concerning the processing of personal data, the user has the rights listed in this section.
In order to assert his/her rights, the user must send an email to the person responsible for processing personal data. In order for the data controller to grant his/her request, the user is required to provide him/her with: his/her first and last name as well as his/her e-mail address, specifying the subject of his/her request and using the email address of contact which is provided in section 4 of this document.
The data controller is required to respond to the user within a maximum of 30 (thirty) days.
5.1. What are your user rights in terms of data collection and processing?
5.1.1. Your right of access, rectification and right to oblivion
The user can read, update, modify, request the deletion of data concerning him/her, or unsubscribe from the newsletter.
5.1.2 Your right to limit and oppose data processing
The user has the right to request the limitation or to oppose the processing of his/her data by the website, without the website being able to refuse, except to demonstrate the existence of legitimate and compelling reasons, which may prevail over the interests and the rights and freedoms of the user.
5.1.3 Your right not to be the subject of a decision based exclusively on an automated process
In accordance with the provisions of Regulation 2016/679, the user has the right not to be the subject of a decision based exclusively on an automated process if the decision produces legal effects concerning him/her, or significantly affects him/her in a similar way.
5.1.4. Your right to determine what will happen to your data after death
The user is reminded that he/she can organize what should happen to his/her data collected and processed if he/she dies, in accordance with Law No. 2016-1321 of October 7, 2016.
5.1.5 Your right to appeal to the competent supervisory authority
In the event that the data controller decides not to respond to the user's request, and the user wishes to challenge this decision, or, if he/she believes that one of the rights listed above, he/she is entitled to appeal to the CNIL (Commission Nationale de l'Informatique et des Libertés, https://www.cnil.fr ) or any competent judge.
First of all, a cookie is a small text file, stored by the website on the user's terminal, containing information relating to the user's browsing habits. These files allow it to process statistics and traffic information, facilitate navigation and improve the service for the convenience of the user.
Manage shopping carts and customer connection options;
Establish statistics and volumes of frequentation and use of the various elements making up the website to improve interests and ergonomics of our services;
Adapt the presentation of the website to the display preferences of the user's terminal;
Memorize information relating to a form filled in by the user on the website;
Implement security measures.
For the use of cookie files involving the saving and analysis of personal data, the user's consent is necessarily requested.
This user consent is considered valid for a maximum period of 13 (thirteen) months. At the end of this period, the website will again request the user's authorization to save cookie files on their hard drive.
6.1 A user can restrict the use of these cookies: what are his/her rights in terms of acceptance and management of cookie files by the website?
It is brought to the attention of the user that he can oppose the registration of these cookie files by configuring his browser software.
For information, the user can find at the following addresses the steps to follow in order to configure his/her browser software to oppose the recording of cookie files:
Internet Explorer: https://support.microsoft.com/en-us/topic/delete-and-manage-cookies
In the event that the user decides to deactivate the cookie files, he/she will be able to continue browsing the website. However, any dysfunction of the website caused by this manipulation could not be considered as being due to the editor of the website.
6.2 What are the cookie files used by the website?
Foliumize draws the user's attention to the fact that the following cookies are used when browsing:
In addition to this, any user need to know more about it.
Foliumize reserves the right to modify it in order to guarantee its conformity with the law in force.
If you have any questions regarding this document, you can contact the Data Protection Officer.
The Foliumize team