Mon panier
Aucun article dans votre panier.
Delivery from €2.99
Free delivery on orders over €100
ROSTAING - Privacy policy
applicable from (04/17/2023)
In order to respect your privacy and protect the personal data you provide, we comply with current legislation on the protection of privacy and personal data.
We have established this privacy policy (hereinafter referred to as the "Policy") in order to (i) enable you to communicate your personal information in complete confidence and confidentiality, (ii) inform you of how your personal data is processed by our company and (iii) guide you in your rights with regard to personal data.
1. Who are we?
The www.rostaing.com website (hereinafter referred to as "the Site") is managed by ETABLISSEMENTS J ROSTAING, a public limited company, registered in the Bourg en Bresse Trade and Companies Register under number 729 200 405, with its registered office at 17 avenue Charles de Gaulle 01800 Villieu-Loyes-Mollon, and share capital of 192,550 euros (hereinafter referred to as "ROSTAING").
2. When do we collect personal data?
You will be asked to provide personal data in order to :
- Navigating the Site ;
- Create your account and log in;
- Ordering or returning products ;
- Subscribe to our newsletter to receive information and promotions;
- Contact us via our contact form, by e-mail, by telephone, or by any other electronic means;
- To report a problem or request assistance, contact customer service.
Some of the personal data you may be asked to provide is mandatory. The mandatory nature of the data collected is indicated by an asterisk; other data is optional. Failure to provide mandatory personal data may result in the impossibility of accessing the Site's services.
3. What types of personal data do we collect?
Where appropriate and necessary for the purposes described in this Policy, ROSTAING collects the following personal data from you:
Identification data
- Civility/Last name/First name,
- Email address,
- Phone number,
- Postal address,
- Password associated with your user account.
Connection data
- IP address,
- Navigation history,
- Order history,
- Tour itinerary,
- Operating system,
- Information about the devices from which you visit the Site.
4. For what purposes do we collect personal data? How long do we keep your data?
| Purposes of processing | Legal basis for processing | Personal data processed | Shelf life |
| Create your account | Contract | Identification data | In active base until registration is cancelled. |
| Management and traceability of orders and customer files |
Contract Legal and regulatory obligations |
Identification data, Connection data |
In active storage until registration is terminated, and in intermediate storage for 5 years after registration is terminated, except for contracts costing more than 120 euros (incl. VAT), when the period is extended to 10 years. |
| Manage customer payments, invoicing and refunds |
Contract Legal and regulatory obligations |
Identification data | 10 years or after all disputes have been settled |
|
Communicate with you,
Conducting satisfaction surveys Conduct communication campaigns (sms, email), |
Consent | Identification data | Active until consent withdrawn or 3 years from last contact |
|
Develop and improve services, Improve Site navigation, Ensure the technical operation of the Site |
Legitimate interests |
Identification data, Connection data |
In active base until registration is cancelled. |
|
Site security Prevent and combat computer fraud (spamming, hacking, etc.) |
Legitimate interests |
Identification data, Connection data |
1 year |
| Managing the rights of data subjects | Legal and regulatory obligations | Identification data | 5 years from exercise of right |
Once the purposes for which personal data were collected have been fulfilled, they will be deleted.
5. To whom do we send your personal data?
Information collected by ROSTAING is not sold to third parties.
We may share personal data collected with other entities, namely :
- The authorized members of ROSTAING in the context of carrying out the missions resulting from the purposes identified above;
- Service providers and subcontractors who perform certain support functions on our behalf (hosting, maintenance, communication dispatch).
- Our counsel, legal auxiliaries, ministerial officers, administrations, jurisdictions, administrative authorities when necessary for the establishment, exercise and defense of a legal action.
We reserve the right to disclose your personal data to other parties if required or permitted to do so by law, regulation, court order or regulation, or if such disclosure is necessary in connection with an investigation or proceeding at home or abroad.
We may share your data with third parties when you consent to or request such sharing.
Finally, your data may be communicated to persons involved in any takeover, acquisition, merger, absorption or transfer of ROSTAING to third parties.
6. Is my data transferred outside the European Union?
As a matter of principle, the personal data collected will not be transferred outside the European Union. Personal data is hosted on a server located in the European Union.
If, exceptionally, personal data should be transferred outside the European Union, such transfers will be subject to appropriate safeguards designed to ensure an adequate level of data protection (standard contractual clauses, BCR, etc.).
7. How is my personal data protected?
ROSTAING is committed to ensuring the security of the data you provide. In order to prevent any unauthorized access, use, modification, destruction, loss, damage or disclosure, appropriate technical and organizational measures have been taken to protect the data collected. In particular, the security of your data is ensured by limiting access to your data to authorized persons only (for example, only ROSTAING members or their employees who need access for the purposes indicated above will have access).
The transmission of information via the Internet is not completely secure. Although ROSTAING undertakes to do its utmost to protect your personal data, ROSTAING cannot fully guarantee the security of the data you transmit.
In the event of a breach of your personal data presenting a risk to the rights and freedoms of the persons concerned, please be aware that ROSTAING is obliged to notify the competent supervisory authority and to inform you, as soon as possible, of any breach of personal data likely to give rise to a high risk to your rights and freedoms, to enable you to take the appropriate measures.
8. What are your rights?
You have the right to access your personal data, to modify them, to delete them, to be forgotten by ROSTAING, to limit the processing of your data, to receive your personal data, provided to ROSTAING, in a structured, frequently used and machine-readable format. Where processing is based on your consent, you also have the right to withdraw it.
You also have the right to object, for reasons relating to your particular situation, to the processing of your data and to request that the processing of your data be restricted.
You also have the right to lodge a complaint with the CNIL or a data protection authority in a member state of the European Union, and to define post-mortem directives.
These rights may be exercised at any time by sending an e-mail to the following address: rgpd@rostaing.fr
To enable ROSTAING to respond quickly, please provide your full name, e-mail and address. A reply will then be sent to you, except in special cases, within one month of receipt of the request.
9. Modification of the Policy
We may revise or supplement this Policy in particular to take into account new purposes or changes in legislation. Any such changes will take effect as soon as they are published. To keep informed of any changes, please check this page regularly.
10. Contact ROSTAING
If you have any comments or questions about this document, please write to us at: rgpd@rostaing.fr.
