Date of last update: 01/26/2022
To deliver our service, we collect personal data from visitors to our website https://www.milkyhour.fr (our “Site”).
We are committed to ensuring that the processing of personal data carried out on our Site complies with the General Data Protection Regulations (GDPR) and the Data Protection Act.
1- Who collects personal data?
Your personal data (your "Data") is collected by Milky Hour, a limited liability company with a capital of 1000 Euros, whose head office is located at 29 rue Jules Ferry 41310 SAINT AMAND LONGPRE, registered in the Trade Register Companies of BLOIS under number 901421271, in its capacity as data controller. (" We ").
You can contact us by email at the following address: email@example.com or by post at 29 rue Jules Ferry, 41310 Saint Amand Longpré.
2- What personal data do we collect?
The information collected when creating your account on our Site such as:
Your surname, first name, email, telephone number, date of birth, postal address;
The information necessary for the management and follow-up of your orders such as your order history, your written or telephone exchanges with us;
Information collected during your browsing on our Site such as browsing history (for example date and time of connection and/or browsing, pages visited).
3- For what purposes do we collect personal data?
We collect your Data in the context of your purchases under the execution of a contract in order in particular to deliver your orders and to support you in the context of monitoring our relationship.
We may also collect your Data when you give us your consent.
Your Data may be collected on the basis of our legitimate interest (for example to allow you to access to our Site or to fight against fraud).
Finally, they can be collected under a legal obligation (conservation of invoices for example).
You will find below more detailed examples of the purposes of processing your Data
|Operations carried out on your Data||Justifications/legal basis|
|- Customer account and order management
- Management of payment transactions
- Delivery management
- Customer relationship management, order tracking, product returns, refunds
|Execution of the contract between us|
|- Access to the Site and its use
- Customer satisfaction management
- Recording of exchanges with the customer (email or telephone) in order to improve the service
- Fight against fraud when paying for the order and management of unpaid bills
- Statistics and analysis operations to improve customer knowledge
- Setting up contests and advertising
|Our legitimate interest|
|- Site and mobile applications traffic measurements - Sending targeted commercial offers by email or SMS, on social networks or any other medium.||Your consent|
4- What rights can you exercise regarding your Data?
Each customer can exercise the following rights:
- A right of access to his data
- A right of rectification,
- A right to oppose the processing of his data and to erase his data (subject to the terms set out in point 8)
- A right to object to profiling
- A right to limit processing,
- A right to data portability
- A right to withdraw any consent given
These rights can be exercised by contacting us:
- By email to the following address: firstname.lastname@example.org or
- By mail to 29 rue Jules Ferry, 41310 Saint Amand Longpré
Please make each of your requests by one of the above means, attaching a copy of an identity document.
5- To whom are the Data transmitted
Your Data is mainly intended for our services.
They are processed only for the purposes indicated above.
However, your Data may be transmitted to partners who may process the data on their behalf (these are recipients) or solely on our behalf and according to our instructions (these are subcontractors).
The recipients of the Data are payment institutions (banks).
The subcontractors we use perform the following operations:
- Data hosting
- Secure payment on the site
- Shipping your orders and packages
- Carrying out technical maintenance and development operations for the website, internal applications and the information system.
Your Data may be transmitted to social networks when you accept the deposit of associated cookies and/or you click on the sharing buttons on our Site;
Your Data is never communicated to third parties for commercial purposes.
6- Transfer of Data outside the European Union
In the event that Data is transferred to a country outside the European Union, we undertake to take the technical and organizational measures necessary to guarantee the adequate level of security of your Data as if they remained within the European Union.
We require these recipients of the Data to implement the measures required to ensure the same level of protection as that required by European regulations on personal data, for example by using the standard contractual clauses of the European Commission. .
7- How are your Data secured?
We are committed to protecting your Data processed within the framework of this Site, in compliance with the state of the art. The indications below are the main security measures to protect your Data:
– All the pages of the Site are under the https protocol;
– The deletion of your Data is carried out at your request or at the end of the retention period
– Your Data is stored on a 100% French data server respecting maximum technical security.
– For the security of your transactions, we collaborate with the CIC bank, a credit institution and operator of electronic payment services for online commerce certified PCI DSS. This operator uses the TLS encryption process. Bank details are encrypted and then transmitted securely to authorization servers where the data is checked in order to limit abuse and fraud.
8- How long are the data kept?
We keep your Data for the time strictly necessary to achieve the purposes for which they were collected. Thus, we keep:
Prospect data for 3 years after the last contact;
Your Data as part of the management of the customer file:
For the management of your account: as long as it is active then for 3 years from your last action;
For the management of orders and invoicing: for the entire duration of the commercial relationship and 10 years for accounting obligations.
Once your Data has been deleted from our database, some of your Data may be kept in the form of an archive with restricted and strictly limited access for the purposes of meeting our legal, accounting and tax obligations, but also to manage your possible complaints and requests for warranties within the applicable limitation periods.
If you do not want this Site to place cookies on your computer, you can block them:
– by configuring your browser appropriately or by installing an additional component on your browser, specifically designed to manage cookies;
– by configuring your browser so that it transmits to the Site your wish not to be the subject of “tracing” (“Do not track”). This Site respects your choice.
Finally, we inform you that in the event of a complaint relating to the protection of your Data, you can also contact the French supervisory authority, the Commission Nationale de l'Informatique et des Libertés, whose site is accessible at the following address : https://www.cnil.fr/