- Protection of personal data
The customer is informed and accepts that his personal data may be collected on the site via the Shopify platform and used by Napperon, which acts as data controller within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter "General Data Protection Regulation" or "GDPR").
Napperon undertakes to protect and ensure the security and confidentiality of its customers' personal data in accordance with the GDPR, in particular by taking all useful precautions to prevent this data from being distorted, damaged or accessed by unauthorized third parties. It is specified that the Site is hosted by Shopify, which provides Napperon with an online e-commerce platform for selling products and that the Customer's personal data is stored via Shopify's data storage, its databases and the general Shopify application.
In the event of a personal data breach, Napperon shall notify the CNIL of the breach in question as soon as possible. If the personal data breach is likely to result in a high risk to a customer's rights and freedoms, Napperon shall inform the person concerned of the personal data breach as soon as possible.
Customers' personal data is collected for the following purposes:
- order management and customer relations;
- customer information relating to offers and commercial information relating to the brand;
- strengthening and improving the communication of the website and the brand by sending, in particular, newsletters and special offers based on customer preferences observed on the site;
- compliance with legal and regulatory obligations.
Napperon does not store the customer's personal data; they are only kept for the period strictly necessary for the purposes previously set out.
In accordance with the GDPR, the customer has the right to access, rectify and oppose personal data concerning him/her (hereinafter the "Data Protection Rights"). To exercise one or more of the Data Protection Rights, the customer must send a request by email via lesdessousnapperon@gmail.com or by unsubscribing directly from the newsletter.
Each request must be signed and accompanied by a photocopy of an identity document bearing the customer's signature and specify the reply address. The response to the request made on the basis of one or more Data Protection Rights will be sent within 2 months of receipt of the request.
The customer may communicate to Napperon specific instructions in which he or she defines the manner in which he or she intends that the Data Protection Rights and Freedoms be exercised after his or her death in accordance with the GDPR.
- Cookies
When consulting the site, information relating to customer browsing may be recorded in “cookie” files installed on their terminal (computer, tablet, smartphone).
These cookies are issued in order to facilitate navigation on the site and make it possible to recognize customers' browsers when they are connected to the site.
Cookies are only installed after acceptance by the customer, continuing to browse the site constitutes acceptance.
Most browsers automatically accept cookies, but the customer can choose at any time to accept or not cookies from his browser settings, often located in the "Tools" or "Preferences" menu of his browser.
Any settings implemented by the customer may negatively affect their user experience and parts of the site may no longer be accessible in their entirety.
