Accordance to the European Regulation 2016/679 of 27 April 2016 (known as the "General Data Protection Regulation" or GDPR)
This personal data protection charter (hereinafter: "Charter") describes the commitment of the AFTER BEACH website - RCS Toulouse 81872099700019 - N°TVA : FR07 818720997 as the data controller, with regard to the respect of privacy and the protection of the personal data of its users. This Charter has been drawn up to acquaint you with the practices and conditions under which AFTER BEACH collects, uses and stores your personal data (hereinafter: "Data").
It describes the various types of Data that we may collect and process or that you may provide to us when you access and/or use the www.after-beach.com website ("Website") on which our products are sold. The term "website" refers only to www.after-beach.com
Given the constant evolution of the laws and regulations concerning technology and the protection of personal data, it is likely that this Charter will be updated. If you are a user of the website, you will be informed of any changes by email.
If any of the clauses of this Charter should be declared null and void or contrary to the regulations, it will be deemed unwritten but will not entail the nullity of the other clauses of this Charter.
The present Charter applies to the Data collected:
- Via simple navigation on the website
- Via emails exchanged between AFTER BEACH and you or any other email tool
- When you create a user account on the Website
- When you place an order on the Website
- When you subscribe to the Website's newsletter (the "Newsletter")
It does not apply to information collected by any third parties or through websites operated by them, including through applications or content (including advertisements) that redirect the user to the website. Please read carefully the Charter concerning the processing of your Personal Data.
1. Whish data is collected by AFTER BEACH
Depending on the nature and purpose of your interaction with AFTER BEACH (creation of a user account, subscription to the Newsletter, completion of contact forms, or during any telephone exchange) we are likely to collect the following Data:
- Your email address will be requested if you wish to create a user account, communicate with us via the contact forms and/or receive our Newsletter
- Data relating to your identity such as your name, first names, email address, postal addresses and telephone numbers may be requested
- Data relating to navigation: this is Data relating to the way in which you use the website including: IP address, the browser used, the duration of navigation, the search history, the operating system used, the language and the pages viewed
- Data about your visits to the website, including traffic data, log files and other data or communication resources you use when accessing the website
- Data relating to orders: your postal address is required for invoicing purposes. Similarly, your bank details, PayPal, or other financial partner must be filled in to pay for your order
- Data relating to the use of social networks when you use their features.
2. How your data is collected
3. Why we collect your data
If you are an ordinary user, we collect your Data to :
- Send you our Newsletter and/or personalized commercial offers if you have consented to this
- Manage orders and execute the contract
- Ensure the security and traceability of purchases on the website
- Send you information about your account (including purchase invoices, order history)
- To manage your requests made via the contact page
- Allow you to leave a review of products and/or the website
- Inform you of changes to the website or our product and service offering
- To fulfill our rights and obligations under contracts with users and for any other lawful purpose.
- To secure your browsing and to enable us to improve your user experience, including recognising the username and password you have already provided so that you do not have to enter them on every page of the website where they are required. Refusal to do so will prevent you from ordering from the website (i.e., no identification).
- analyze traffic and data on the website in order to measure the number of users of the website, to make it easier to use and to ensure its ability to respond quickly to your requests.
Refusal to complete the website's form(s) correctly may block access to certain pages, particularly those concerning the ordering of products or services.
4. Who processes your data
Your Data is processed by AFTER BEACH staff and collaborators in charge of
- The management of the Website (orders and shipments)
- The management of the support, to answer all your questions
- The management of the invoicing.
In addition, within the framework of our activity, and for processing purposes, your Data may be communicated to subcontractors, service providers or other third parties, and in particular
- Accounting services
- Tax services
- Google Analytics
Each of these parties respects a commitment to confidentiality concerning the use and processing of personal data.
For the management of payment and in order to facilitate the experience of its users, AFTER BEACH offers the following means of payment to make purchases on the Website:
- Online payment by credit card (Credit Card, Visa, Eurocard / Mastercard) managed by Stripe
- Online payment by PayPal
AFTER BEACH has no access to your credit card details and numbers. All transactions are secured using SSL encryption, guaranteeing both the identity of the payment organization and the confidentiality of the data.
All of the above-mentioned subcontractors, service providers, partners or other third parties are bound by contractual obligations to respect the confidentiality and protection of the Data and to process it only for the purposes for which we provide it to them. Your Data may be transferred to any purchaser or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of AFTER BEACH's assets due to uncertainty or bankruptcy, liquidation or other processes in which AFTER BEACH's User Data is one of the transferred assets.
Finally, we may also disclose your Data:
- to comply with any mandate required by applicable law, including governmental and regulatory requests
5. How long do we keep your data
AFTER BEACH will only keep your Data for the period of time necessary for the purposes set out in Article 3. This retention period is not the same for all Data, as the nature and purpose of the collection may vary. Similarly, certain legal obligations impose a specific retention period.
- When you subscribe to the Newsletter, we keep your email address until you unsubscribe.
- When you contact AFTER BEACH by email, via the contact form or when you contact us by telephone, your data may be kept:
- up to one (1) year from the last contact if you do not have a customer account or an order made on the Website.
- up to ten (10) years (legal duration) from the last order placed on the website, if this information concerns this order.
- In all other cases, the retention period of the Data exchanged shall not exceed one (1) year.
With respect to your user account, all of your billing information is retained for ten (10) years from the date of purchase, even if you have made a request to deactivate your user account. If you wish to request deletion of Personal Data, please use the contact page of the website or send us an email: email@example.com. Your user account on the website will be deactivated and anonymised, and then completely deleted at the end of the above-mentioned periods from the day you made the request. Finally, with regard to the Data collected by means of cookies or tracers, they will be kept for up to six (6) months for cookies or tracers measuring the audience and up to thirteen (13) months for the others. Beyond the above-mentioned retention periods, your Data will be anonymised and kept exclusively for statistical purposes.
6. How your data is protected
Your Data is stored on a secure server protected by a firewall and antivirus. We have put in place technical and organizational measures to ensure the security and confidentiality of your Data against accidental loss and against unauthorized access, use, modification and disclosure. However, due to the inherent characteristics of the Internet, it is impossible for us to guarantee the optimal security of information exchanges on this network. While we strive to protect your Data, we cannot guarantee the absolute security of information transmitted to the website. You agree that you send your Data at your own risk. We cannot be held responsible for any breach of the privacy settings or security measures in place on the website. As such, you agree that the security of your information is also your responsibility. For example, it is your responsibility to keep your user account password secret. Under no circumstances should you disclose it to third parties. Similarly, you should be careful about disclosing information in the public areas of the website, as these areas may be viewed by any user of the website.
7. What are your rights
You can choose how the Data you provide to us is used:
- You may browse the website without providing any Data. If you do, you will not be able to use certain features of the website and in particular, to make purchases (if you are an ordinary user) and/or downloads from the website.
- You may refuse to provide your bank or PayPal details and/or your postal address. In this case, you will not be able to make any purchases on the website
- You can decide not to receive the Newsletter and our personalized offers: in this case, you just need to log in to your user account on the website or click on the link in the email sent to you.
In any case, you can access your user account at any time to consult or update your Data and to unsubscribe from our Newsletter if you were registered. according to the provisions of the regulations applicable to the protection of personal data, in particular the European Regulation 2016/679 on Data Protection (the "RGPD") as well as the law of 6 January 1978 n°78-17 from the French Data protection act and its amendments, you have a right of access and a right of rectification on your Data.
In addition, subject to the conditions provided for by the aforementioned regulation for the exercise of these rights, you benefit from :
- a right to the deletion of your Data (except for accounting data which must be kept for 10 years as required by French law - Article L123-22 of the French Commercial Code)
- A right to limit the processing of your Data
- A right to object to the processing of your Data for legitimate reasons, according to Article 21 of the RGPD
- a right to portability of the Data you have provided (for automated processing based on consent or the performance of a contract)
- The right to withdraw consent, where consent has been requested from you. Where the processing of your Data is carried out on the basis of your consent, you may withdraw it at any time.
However, you acknowledge that the processing carried out prior to the withdrawal of your consent remains perfectly valid. You also have the right to object without giving any reason to AFTER BEACH's analysis of your Data in order to share it for marketing purposes. However, according to Article 12.6 of the RGPD, in order to exercise these rights, AFTER BEACH, as the party responsible for this processing, has the right to ask you to prove your identity. We inform you that the data allowing us to prove your identity will be deleted once we have responded to your request. We have a period of one month to respond to any request relating to the exercise of your rights. This period may be extended by two months, due to the complexity or excessive number of requests.