Free delivery from 100€ order
10% on your 1st order by subscribing to the newsletter

Privacy Policy

In complete transparency, the company informs you about the processing of your personal data, in a concise, transparent and understandable way, through this privacy policy. All personal data is processed with loyalty, transparency and lawfulness by your service provider, responsible for processing personal data on this site.


Article 1. Applicable law - legal basis


This privacy policy is guaranteed to comply with the following legal requirements:

Articles 12, 13 and 14 of the General Data Protection Regulation (GDPR) 2016/679 of the European Parliament and of the Council.

Law n° 78-17 of January 6, 1978 relating to data processing, files and freedoms modified by law n° 2018-493 of June 20, 2018 relating to the protection of personal data for IT matters. personal data.

Law n° 2004-575 of June 21, 2004 for confidence in the digital economy: for any deletion of disputed content.

The legal bases are as follows:

Consent (for newsletter subscription)
Performance of a contract (for the performance of a service)
Legal obligation (for invoicing)

Article 2. Collection of personal data


When you visit https://howtowearshop.com/, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies installed on your device. Additionally, when you browse https://howtowearshop.com/, we collect information about the web pages or individual products you view, websites, or search terms that brought you to the site. https://howtowearshop.com/, as well as information about how you interact with the https://howtowearshop.com/ site. We refer to this automatically collected information as "Device Information".

The processing of personal data cannot concern:

racial or ethnic origin,
Political Views,
religious or philosophical beliefs,
union membership,
genetic data,
biometric data for the purpose of uniquely identifying a natural person,
data concerning health or data concerning sex life
the sexual orientation of a natural person,
criminal convictions and offences.

We collect Device Information using the following technologies:

COOKIES

Here is a list of the cookies we use. We have listed them here for you to choose whether you want to allow them or not.

_session_id, unique session identifier, allows Shopify to store information about your session (referrer, landing page, etc.).

_shopify_visit, no data retained, persists for 30 minutes from the last visit. Used by our website provider's internal statistics tracking system to record the number of visits.

_shopify_uniq, no data held, expires at midnight (depending on visitor location) the following day. Calculates the number of visits to a store per unique customer.

cart, unique identifier, persists for 2 weeks, stores your cart information.

_secure_session_id, unique session id

storefront_digest, unique identifier, indefinite if the store has a password, it is used to know if the current visitor has access to it.

"Log files" track site activity and collect data such as your IP address, the type of browser you use, your Internet service provider, your referring and exit pages, and timestamp data (date and hour).

"Web beacons", "tags" and "pixels" are electronic files that record information about your browsing on the Site.

Additionally, when you make or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card, Paypal accounts, your e-mail address and your phone number order number). This automatically collected information is called "Order Information".

Article 3. Purpose of processing personal data


The processing of personal data is deemed lawful when at least one of the conditions is met:

The user of this site has consented to the processing of his personal data in order to have access to the free services of the company.

Processing is necessary for the performance of a contract with the service provider.

The processing is made necessary for the company to comply with a legal obligation, to safeguard the vital interests of the data subject or of another natural person or to carry out a task in the public interest or within the scope of the exercise of public authority vested in the controller;

Data collected

Aim

First name

Identification of customers – invoices – sending of newsletters

Name

Identification of customers – invoices – sending of newsletters

Bank account

Payment of the order

Address

Identification of customers – invoices

Phone number

Identification of customers – invoices

E-mail

Identification of customers – invoices – sending of newsletters


Additionally, we use this Order Information to:

Communicate with you; assess potential fraud or risk; and where consistent with the preferences you have communicated to us, provide you with information or advertisements regarding our products or services.

Article 4. Consent to the collection of personal data


The User must give his consent to the collection of personal data in order to benefit from the service provider's services.

It is possible to withdraw this consent at any time, in the simplest formalities, by writing to the service provider. The User who withdraws his consent is aware that this does not call into question the legality of the previous processing of his personal data.

In accordance with article 9 of the Civil Code, all customers have the right to the protection of their image, including their voice, and their private life. The use of the photographs, audios and videos concerning them must be the subject of an assignment of image rights granted in writing, by the acceptance of this legal document. The assignment of image rights granted by the client is valid for 5 years from its written authorization. This also includes the right to collect the customer's personal data, in the context of an event. The assigned image rights apply to all written, audio and video media necessary for the promotion of the services provided by the company, for the production of advertising or prospecting content, on any medium whatsoever. The exploitation of the media concerned by image rights is limited to the European Union.

Article 5. Recipients of data


The recipient of personal data is the company responsible for processing personal data on this site. No personal data is transmitted, sold or rented to third parties. It does not use any personal data outsourcing service.


Article 6. Register of processing activities


In principle, each data controller must keep a register of the processing carried out under his responsibility, mentioning:

The name and contact details of the controller
The purposes of the processing
A description of the categories of data subjects and the categories of personal data

The categories of recipients who are aware of the personal data or the methods of transferring personal data to a third country or to an international organization

Deletion times for the different categories of data

General description of technical and organizational security measures

This register takes the form of a written document which can be electronic or in paper form.

The CNIL supervisory authority must have access to it on simple request, in particular when the company has more than 250 employees or if its activities involve a recurring risk for the rights and freedoms of the persons concerned.

Article 7. Right of access to data


Any person affected by the processing of their personal data has the right to obtain from the controller confirmation of the following information:

the purposes of the processing;
the categories of personal data concerned;
the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular recipients established in third countries or international organisations; if possible, the envisaged retention period of the personal data or, where this is not possible, the criteria used to determine this period; the existence of the right to request from the controller rectification or erasure of personal data, or restriction of processing of personal data relating to the data subject, or the right to object to such processing;
the right to lodge a complaint with a supervisory authority; where the personal data is not collected from the data subject, any available information as to its source the existence of automated decision-making, including profiling.


The company must therefore provide him with a copy upon simple written request.

Article 8. Right to modify personal data


Any person concerned may ask the company to obtain the rectification of personal data concerning him, if they are inaccurate. It may also request to complete, in writing, the personal data collected by the service provider.


Article 9. Right to delete personal data


Any user or customer has the right to be forgotten. Persons affected by the processing of their personal data may request the deletion of the data if one of these cases arises:

  • the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
  • the data subject withdraws the consent on which the processing is based,
  • the data subject objects to the processing;
  • the personal data has been unlawfully processed;
  • the personal data must be erased to comply with a legal obligation which is provided for by Union law or by the law of the Member State to which the controller is subject;
  • the personal data has been collected in the context of the offer of information society services,

The personal data collected is automatically erased after 3 years of collection by the service provider.


Article 10. Right of opposition and limitation


Any person concerned by the processing of personal data may refuse to consent to it, or freely limit its scope, when an element applies:

  • the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
  • the processing is unlawful and the data subject opposes their erasure and instead requests the limitation of their use;
  • the controller no longer needs the personal data for the purposes of the processing, but the data subject still needs them for the establishment, exercise or defense of legal claims;
  • the data subject has objected to the processing pending the verification whether the legitimate grounds pursued by the controller override those of the data subject.


Article 11. Right of portability


The portability of personal data is a right for any person concerned who wants to transmit their data to another data controller, without opposition from the service provider, when this is technically possible and when this does not infringe the rights of third parties.

Any such request must be made in writing to the service provider.



Article 12. Security of processing


To maintain a low risk of personal data leaks, the company can strengthen its data retention measures: set up pseudonyms, encryption, a crisis protocol or reassess the degrees of the protocol in force.


The risks to be assessed in the context of processing are of several kinds, such as the destruction, loss, alteration, unauthorized disclosure of personal data transmitted, stored or otherwise processed, or access not authorized to such data, accidentally or unlawfully.


In the event of a proven risk of violation of personal data, the controller must communicate to the person concerned, in clear and simple terms, all information and measures concerning the resolution of the problem.


Article 13. Responsible for the processing of personal data


The person responsible for processing personal data is: PASTIME Alexander whom you can contact at : howtowearshop@gmail.com at 8 Rue des Roches 49300 Cholet FRANCE .

The controller implements technical, organizational and professional measures to effectively review and update the collection and processing of your personal data. To do this, it takes into account the nature, scope, context and purposes of the processing as well as the risks, the degree of probability and severity of which varies, for the rights and freedoms of natural persons.

He undertakes to cooperate and work, in all intelligence, with the supervisory authority, at the latter's simple request, within the framework of the execution of his missions.



Article 14. Moderation of comments


Any comment and opinion left on this website may be subject to moderation, and any abusive comment will be deleted by way of a report or directly by the service provider.

Comments may be moderated by the service provider, upon notification or in the event of non-compliance with others, in accordance with Law No. 2004-575 of June 21, 2004 on confidence in the digital economy. on any removal of disputed content.



Article 15. Cookies


By browsing this site, you accept that the website may place cookies in your browser, in order to benefit from the service provider's services.

The User has a right of access, rectification, portability and deletion of his data, or limitation of processing, in accordance with the law "Informatique et Libertés" of January 6, 1978 as amended and European Regulation no. °2016/679/EU of April 27, 2016.

Any complaint in this regard must be brought to the service provider.

You can therefore freely refuse the use of cookies through the settings menu of your browser.

If you do not want us to collect your personal data, you will not be able to use all the services of the site, such as a contact or service request, the collection of information to receive newsletters. Indeed, certain information concerning you is necessary for the use of our site, and can collect data on your IP address, your browser, your access times, automatic pre-filling.


This information collected by this website is used exclusively for internal statistical purposes, so as to improve the quality of the services offered to you.

The databases are protected by the provisions of the law of July 1, 1998 transposing directive 96/9 of March 11, 1996 relating to the legal protection of databases.


Cookies are used for:

  • Give you an optimal experience.
  • Identify yourself once registered as a user.
  • Monitor and analyze the performance, operation and effectiveness of the website.
  • Guarantee the security of our platform and the safety of its use.


Article 16. Complaints - CNIL


In accordance with Article 55 of the General Regulations on Personal Data , if you believe that the company has violated your rights regarding the processing of personal data, you can write a complaint to the CNIL as soon as possible, ideally 72 hours at the latest. after knowing about it. The breach notification must:

  • describe the nature of the personal data breach including, where possible, the categories and approximate number of data subjects affected by the breach and the categories and approximate number of personal data records affected;
  • identify the name and contact details of the Data Protection Officer or other point of contact from whom further information may be obtained;
  • describe the likely consequences of the personal data breach;
  • describe the measures taken or that the controller proposes to take to remedy the personal data breach, including, where appropriate, measures to mitigate any negative consequences.

Article 17. Changes


We may modify this Privacy Policy from time to time to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.


Date of last update: 11/07/2023