Privacy Policy

 

This privacy policy ("privacy policy") defines and informs visitors and customers (potential and actual), hereinafter referred to as "visitors," of how Stéphane Sacré, hereinafter referred to as "The Company," uses and protects the information provided to it, particularly but not exclusively, when the visitor uses the present site accessible via the following link: https://www.myprecious.be/, hereinafter referred to as the "site," or when the visitor engages with or uses the products offered by the company.

This privacy policy is subject to modification or supplementation at any time by the company, especially to comply with any legislative, regulatory, jurisprudential, or technological developments. In such a case, the date of its update will be clearly identified at the beginning of this policy. These changes are binding on the visitor as soon as they are posted online. Therefore, the visitor is invited to regularly consult this privacy policy, as well as the rules regarding the use of cookies, to be aware of any modifications.

Personal Data

In general, it is possible to visit the site without providing any personal information. In any case, the visitor is not obligated in any way to transmit their information to the company.

However, in certain situations where information is not provided, it is possible that the visitor may not be able to benefit from the requested services. Indeed, in order to provide the visitor with the services offered by the company, the company may, in some cases, ask you to provide your name(s), first name(s), postal and email addresses, hereinafter referred to as "personal information." By providing this information, the visitor expressly agrees that it may be processed by the company for the purposes stated in point 2 below and as indicated at the time of each request.

In accordance with the General Data Protection Regulation (GDPR) of April 14, 2016, the company informs you of the following points:

1. Identity of the Data Controller

The data controller is

Mr. Stéphane SACRE, Koudenberglaan, 8 – 1652 - Beersel

Email. stephanesacre@icloud.com.

The data controller ensures the accuracy and relevance of the personal data collected and processed. In addition to the above, they ensure that the data complies with applicable regulations and this privacy policy.

2. Data Collected

The company collects the following personal data:

  • Preferred language, name, first name, postal address, email address, fixed and/or mobile phone number
  • Internet browser used, mode of navigation used (PC or mobile);
  • Geolocation;
  • Company logo.

In certain situations, the bank account and VAT number may be collected for professional visitors.

3. Processing Purposes

The company may process the personal information provided for the following purposes:

  • Sending electronic newsletters to visitors of the company;
  • Providing information or services requested by the visitor (through presence on operational sites (pop-up stores or private sales), by email, by phone, by postal mail, or via the contact form on the website https://www.myprecious.be/) and tailored to the visitor, including:
  • Processing and tracking price and/or information requests made to the company;
  • Presenting the goods offered and provided by the company;
  • Website visitor statistics;

Collecting information to allow the company to improve the website and products (including through cookies);

To Google Analytics, through cookies, as described in the disclaimer available on the company's website via the following link: https://myprecious.be/pages/disclaimer

Enabling visitors to access the company's services under the best possible conditions;

Enabling visitors to access the company's facilities under the best possible conditions;

Managing contracts concluded between the visitor and the company in light of its legal and contractual obligations.

4. Recipients

Only the company is the recipient of the personal information provided.

This information, whether in individual or anonymized form, is not in any way transmitted to a third party, except for subcontractors, external service providers, or partners to whom the company may turn in fulfillment of its legal or contractual obligations or in the pursuit of its corporate purpose, in order to provide comprehensive and adequate service to the visitor.

Neither the company nor any of its subcontractors, external service providers, or partners engage in the commercialization of the personal data of visitors to the site or the company.

5. Data Retention Period

The personal information is kept by the company only for the time corresponding to the purposes of the collection as set out above. In any case, unless another retention period is imposed by a legal or contractual obligation, data retention will not exceed 10 years.

6. Data Storage Location

The company stores data on computer media and, primarily, on an internal server as well as in the Shopify cloud, the privacy policy of which can be consulted via the following link: https://www.shopify.com/fr/legal/confidentialite

The company takes all necessary measures to ensure the security of the data by implementing technical and organizational measures in accordance with applicable standards for this type of data and business.

7. Visitor's Rights

The visitor has the following rights, in accordance with the aforementioned European regulation:

· Access and Communication of Data Rights

The visitor has the right to access and consult the personal data concerning them, kept by the company. The visitor can also find out how the company obtained the data and to whom it has been communicated. The visitor can also request a copy of this personal data being processed.

Given the obligation of security and confidentiality in the processing of personal data that the company is responsible for, the request for access and consultation of data made by the visitor will be processed subject to providing proof of their identity, particularly by producing an electronic or paper copy (accompanied by a signature) of their identity card during its validity period. The request is, in any case, free of charge for the visitor.

However, the company may oppose requests that are manifestly abusive or unfounded (due to their number or repetitive or systematic nature, for example).

· Data Rectification Rights

The European regulation allows the visitor to request the rectification, updating, or erasure of data concerning them that may be inaccurate, incorrect, incomplete, or outdated.

· Right to Object

The visitor has the right to object to the processing of data in the following two situations:

  • When the exercise of this right is based on legitimate grounds or
  • When the exercise of this right is intended to prevent the data collected from being used for commercial prospecting purposes.

· Right to Erasure

The visitor has the right to request and obtain the erasure of data concerning them held by the company.

The company will comply with the visitor's request if:

  • The personal data is no longer necessary for the purposes for which it was collected;
  • Data processing was based solely on the visitor's consent and they withdraw their consent;
  • The visitor objects, for legitimate reasons, to the processing.

In any case, the request for erasure may be refused by the company if the request is necessary for the exercise or defense of legal rights or to comply with a legal or contractual obligation on the part of the company.

· Right to Data Portability

The visitor may request that their personal data be transmitted to a data controller similar to the company. The visitor can therefore request that the data be transmitted to them in a structured, commonly used, and machine-readable format.

· Exercise of Rights Procedures

The aforementioned rights can be exercised by sending postal mail to the company's address or by sending an email to the following address: stephanesacre@icloud.com

8. Response Times

The company will respond to the visitor's request using a method identical to that used by the visitor to exercise their rights.

The company undertakes to respond to any request for access, rectification, objection, erasure, or any other supplementary request for information within a reasonable period and, in any case, within a maximum of 1 month from the receipt of the request.

Depending on the complexity of the request, the response time may be extended to 3 months, in accordance with the applicable European regulation.

9. Persons Authorized to Access Personal Data

Only company staff members are authorized to access personal data, with the exception of the provision in point 4 above. These individuals reasonably require the data due to the tasks and responsibilities assigned to them or the needs related to the company's activities.

10. Authorized Service Providers and Transfer to a Third Country Outside the European Union

The company also informs the visitor that it uses authorized service providers to facilitate the collection and processing of data communicated. These service providers are located within the European Union.

The company has ensured that these service providers implement adequate guarantees and comply with strict conditions regarding confidentiality, use, and data protection.

11. Complaint to the Competent Authority

The company hopes that any difficulties related to the processing of personal data will be resolved through dialogue. However, if this is not the case, the visitor has the right to file a complaint with the APD (Data Protection Authority).

The APD is located at 35 rue de la Presse, 1000 Brussels. They can be reached by phone at +32 2 274 48 00 or by email at contact@apd-gba.be.