whoops !
continue

Data confidentiality policy

Updated 24/06/2019

 

1. Preamble

 

In the course of its business, Koosh, an SAS registered with the Trade and Companies Register of Paris under number 845 302 587, with capital of 50,000 euros, having its registered office at 32 rue Médéric, 75017 Paris, France, processes personal data such as the data of its customers and of users of its website, including those who have subscribed to the Koosh newsletter (hereinafter “You”).

 

Through this data protection policy, we are informing you of the ways in which we process personal data during the use of our website and our online shop.

 

Personal data is information that is linked to an identified or identifiable person. This data includes information from which your identity can be determined, for example your name, your telephone number, or your postal or email address.

 

The statistical data that we collect, for example, when you browse our site and that cannot be associated with you is not personal data.

 

You can print or save this personal data protection policy by using your browser’s standard functions.

 

2. Data collected

 

Every time you use our website, we collect the data that your browser automatically sends to enable you to visit our site. This data includes:

 

  • the IP address of the end device used to access the website;
  • the date and time of access;
  • the address of the viewed website;
  • and technical information regarding the browser used and the operating system of the end device.

 

Processing this data is essential to allow visits to the site and to ensure the long-term functionality and security of our systems. The aforementioned data is stored for the purpose described above as well as temporarily in internal log files in order to determine statistics regarding the use of our website and to develop it based on the usage habits of our visitors and in order to perform general administration of our site. The legal basis for this data processing is article 6(1)(b) and 6(1)(f) of the GDPR.

 

The information stored in the log files does not allow us to draw any immediate conclusions about you. In particular, we save IP addresses in their shortened form only. Log files are saved for thirty (30) days then deleted.

 

3. Registration on our Site

 

You are able to register on our online shop in order to be able to use all of the features of our site and to purchase our products. You acknowledge the mandatory data that you must give in the relevant fields during the registration process or the order process (surname and first name, email address and password, payment information and billing and delivery address). You cannot register without this data because it is essential in order to perform the contract. The legal basis for this data processing is article 6(1)(b) of the GDPR.

 

4. Data used during payment

 

For orders from our online shop, we offer the ability to pay via credit card. We work with payment service providers, to whom we transmit your payment information. Without this payment information and these payment service providers, making payments and concluding contracts would be impossible. We do not store the aforementioned payment information. The legal basis for this data processing is article 6(1)(b) of the GDPR.

 

5. Cookies

 

Part of our service requires us to use cookies. A cookie is a text file that is saved temporarily (“session cookies”) or permanently (“permanent cookies”) to your hard drive.

 

We use cookies to make your use of our services more convenient and individual. The legal basis for this data processing is article 6(1)(f) of the GDPR.

 

We use session cookies, for example, for authentication purposes when you log in.

 

We use permanent cookies, for example, to record that a piece of information on our site has been displayed so that it will not be displayed again during subsequent visits or so you do not have to log in again. Permanent cookies are automatically deleted after a predetermined period of time, which may vary from cookie to cookie.

 

The majority of browsers are configured by default to accept cookies. However, you can configure your browser to refuse cookies or accept them only with your prior permission. If you refuse cookies, not all of our features will work correctly for you.

 

6. Marketing data analysis

 

In order to improve our website, we use a range of technology to analyse usage habits and we assess the associated data.

 

This data is processed for marketing purposes, for example in order to be able to display personalised advertising messages. The legal basis for this data processing is article 6(1)(f) of the GDPR. In this paragraph, we want to explain this technology and the providers we work with in greater detail.

 

6.2. a. Facebook technologies

 

We use the social network Facebook Inc., of 1601 Willow Road, Menlo Park, California, 94025, USA (“Facebook”), in two ways: a fan page, and Facebook pixels.

 

Our fan page primarily allows us to communicate with you and our followers and also to communicate about our products and services. By doing so, we can obtain statistics from Facebook regarding the use of our fan page by Facebook users/page fans, for example information regarding interactions, “likes”, comments or collected information and statistics (e.g. about the age of our followers), which helps us to know more about interactions with our site. The legal basis for this data processing is article 6(1)(b) of the GDPR, as well as article 6(1)(f) of the GDPR, based on our aforementioned legitimate interest.

 

Our website also uses Remarketing Tags (also called “Facebook pixels”) from Facebook. If you view our website, these tags establish a connection between your browser and a Facebook server. Through this process, Facebook is informed that our website was consulted using your IP address. If personal data is transferred to the United States, Facebook is subject to the EU-US Privacy Shield. Facebook uses this information to provide anonymous statistical data regarding the general use of our site as well as the effectiveness of our Facebook advertising (“Facebook Ads”).

 

If you are a Facebook member and have given permission through your account’s privacy settings, Facebook can link the information collected during your visit to our site with your Facebook account and can use it for targeted activation of Facebook Ads.

 

We have no influence over the data that Facebook processes and for which it is responsible in accordance with its terms of use. For more information, consult Facebook’s data confidentiality policy on this topic. You can view and change the privacy settings for your Facebook profile at any time.

 

6.2. b. Google technologies

 

Our website uses multiple technologies from Google LLC, of 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”): Google Analytics, Google AdWords-Conversion Tracking, Google Remarketing and Google Signals.

 

Google Analytics uses cookies and other similar technology to analyse and improve our site on the basis of your habits as a user. Google processes the information collected via Google Analytics through cookies to assess your use of the website, to create reports on the site’s activities for its operator, and to provide other services linked to the use of the site and of the internet. The information collected in this context may be sent to and stored on a Google server in the United States. If personal data is transferred to the United States, Google is subject to the EU-US Privacy Shield. However, your IP address is shortened by Google Analytics before processing so that it is impossible to determine your identity from it.

 

Google AdWords Conversion-Tracking and Google Remarketing also use cookies and similar technologies to measure the performance of displayed advertising (AdWords campaigns) and to display personalised advertising messages on websites that work in partnership with Google.

 

Google Signals sums up data on our behalf in reports for all devices belonging to Google users who have enabled personalised advertising on their Google account.

 

For more detailed information on how Google processes your data, consult Google’s data confidentiality policy.

 

6.2. c. Third-party services and content

 

Our site may contain third-party content, for example YouTube videos, maps from Google Maps, RSS feeds, or graphics from other websites. This means that the providers of this content (“third-party providers”) know your IP address. Without an IP address, you cannot send content to your browser. An IP address is essential in order to view this content. The legal basis for this data processing is article 6(1)(b) and 6(1)(f) of the GDPR.

 

We strive to use content exclusively from providers that undertake to use your IP address exclusively for the purposes of distributing this content. However, we have no influence over whether third-party providers record your IP address, for example, for statistical purposes.

 

7. Contact

 

You have a wide range of options through which to contact us (for example by email or phone). In this context, we use your contact details exclusively to communicate with you. Communication is impossible without this information. The legal basis for this data processing is article 6(1)(b) of the GDPR.

 

8. Newsletter and advertising mailings

 

You have the opportunity to subscribe to our newsletter in which we regularly share information about our new products. We record your email address, the time of connection and the IP address used, and we store this information until you cancel your subscription to the newsletter. We store this information solely so we can send you the newsletter and to allow you to log in. The legal basis for this data processing is article 6(1)(a) of the GDPR.

 

At any time and free of charge, you can cancel your subscription to the newsletter or object to receiving it. An unsubscribe link can be found on each newsletter and advertising email. You can also contact us at any time via the “Contact us” page on our website.

 

9. Data transmission

 

The data that we collect is transmitted only when necessary to fulfil the contract or to provide the technical features of the website or the online shop, or if an external legal basis applies to the transmission of data (for example if we are legally obliged to share the data (providing information to judicial authorities and courts, or to public services that obtain the information due to legal provisions, for example social security bodies, tax authorities, etc.) or when we must make use of third parties who are bound by professional confidentiality in order to pursue our claims).

 

Some data processing is conducted by service providers. These include datacentres that store our website and our database, IT service providers that maintain our system, logistics and shipping service providers, and marketing and customer service providers, as well as consultancy firms. When we transmit information to these providers, they can use it solely for the performance of their functions. We have chosen and hired our service providers with the greatest of care. They are bound by professional confidentiality and they have appropriate organisational and technical measures in place to protect the rights of the individuals in question.

 

10. Data retention

 

In principle, we store your personal information solely for as long as is necessary in order to fulfil the contractual or legal obligations for which we collected it. We then immediately delete the information, except if we continue to require it until the expiry of the statutory retention period for the purposes of evidence for civil law claims or as a result of legal archiving obligations.

 

We must, for example, retain contractual information for three years from the end of the year in which our business relationship with you comes to an end for evidence purposes. All claims lapse after the statutory retention period at the earliest from this time.

 

We must also retain some of your data after the statutory retention period. We are required to do this under legal obligations relating to documentation, which may come from the French Code of Commerce, tax legislation, banking legislation and money laundering legislation. Current document archiving requirements range from two (2) to ten (10) years.

 

11. Your rights

 

You have the right to request information from us at any time on how your personal data is processed. If you make such a request, we will explain how we process your data and will give you an overview of the stored data we have about you.

 

If the data we have stored is incorrect or is no longer up to date, you have the right to correct that data.

 

You also have the right to require us to delete your data. If, due to other legal regulations, it is impossible in a particular case to delete this data, the data will be cordoned off in such a way that it will only be available for legal purposes.

 

You can also request that the processing of your personal data be limited if, for example, you contest the accuracy of the data.

 

You also have the right to data portability, which means that at your request, we can send you a digital copy of the personal information you have made available to us.

 

In addition, you have the right to contest the processing of your data, whose legal basis is given in article 6(1)(f) of the GDPR, if a particular personal situation justifies it or if you have expressed your opposition to receiving advertising mail. In the latter case, you have a general right to object, which can be exercised without having to give a reason. In addition, you have the right at any time to revoke the consent you gave to us. This means that we will not continue to process your data based on this authorisation in the future. Revoking your consent does not affect the legality of data processing conducted on the basis of your consent before your revocation.

 

You can contact us on hello@koosh.co to exercise your rights described here.

 

12. Data security

 

We implement up-to-date technical measures to ensure data security, including to protect your personal data against risks when transferring data and against disclosure to third parties. These measures are in line with the current state of technology. To protect the personal information you enter via the website, we use the Secure Sockets Layer (SSL) standard, which encrypts the information you enter.

 

13. Changes to the data protection charter

From time to time we update this data protection policy, for example when we make changes to our website or in the event of changes to legal requirements.

 

 

Fill 1

Bienvenue !

You appear to be located in France and speak English.
If not, feel free to change
these settings in the menu above.