Protecting your personal data is our priority. When you use the https://www.bobbies.com/fr/ site (Site), we must collect certain elements of your personal data. The goal of this policy is to inform you about the methods we use to treat this data in conformity with Regulation (UE) 2016/679 of April 27, 2016 related to protecting individuals when their personal data is handled and the free circulation of this data (“GDPR”).
1. Who is responsible for treating your data?
We are responsible for treating your personal data:
- SARL BOLZE & MOOGY
- (Company name: BOBBIES)
- An SAS registered under the Paris trade and company n° 519 441 190
- The main office is at 17, rue Jacques Bingen - 75017 Paris
2. What data do we collect?
Personal data is data that lets us identify an individual, either directly or by cross-referencing his or her data with other data.
We collect data in the following categories:
- Identification data (your last name, first name, email, postal address, telephone number);
- Data related to your orders;
- Connection data (for example IP address, logs OR log-ins);
- Any information you wish to transmit to us when requesting a contact;
- Internet data (for example: IP address, pages visited, date and time of connection, browser used, operating system);
- Location data;
- Data from recorded telephone calls between you and our customer service (for example: call content, call dates)
- Data relative to your debit card.
Obligatory data is indicated when we request it. It is signaled by an asterisk and is needed to create your account and order from the Site.
3. On what legal basis, for what purpose and for how much time do we conserve your personal data?
|Purpose||Legal basis||Length of time conserved|
|Supply the services available on our Site and/or through your Account||Enacting the contract you have concluded with Bobbies by accepting our GSC after your Account has been created||When you have created an account: your data is conserved for as long as you have the account.
If the account has been inactive for 2 years, your personal data will be deleted if we have not received an email from you responding to our email for reactivation.
Also, your data can be archived for probationary reasons for 5 years.
|Treat your order, do operations relative to managing our clients concerning contracts, orders, deliveries, bills and follow-up of the contractual relationship with our clients.||Enacting the contract you have concluded with Bobbies by accepting our GSC when you place an order.||Personal data is conserved for the entire time of the contractual relationship.
Your data can also be archived, for probationary reasons, for 5 years.
Concerning data relative to your debit card, it is conserved by our service provider ADYEN until your order has been delivered to which we add your cancellation period.
Data relative to the visual cryptogram or CVV2 inscribed on your debit card is never stored.
|Improve our services||Our legitimate interest to improve our services||Recording of phone calls: 6 months from when they have been recorded
Documents analyzing the content of telephone calls: 1 year from when they have been collected
|Build a file of clients and prospective clients||Our legitimate interest in developing and promoting our activity||For clients: data is conserved during the entire time of the contractual relationship.
For prospective clients: data is conserved for 3 years counting from your last contact, for reasons of client prospection.
|Send newsletters, solicitations and promotional messages||For clients: our legitimate interest in retaining them as customers and informing them about our latest news
For prospective clients: your consentment OR consentment is needed
|Data is conserved for 3 years counting from our last contact|
|Respond to your requests for information||Our legitimate interest in responding to your requests||Data is conserved during the time needed to treat your request for information and deleted once the request for information has been treated.|
|Conforming to our legal and regulatory obligations||Conforming to our legal and regulatory obligations||Bills are archived for 10 years. Data relative to your transactions (except bank data) is conserved for 5 years.|
|Organize contests and promotional events||Our legitimate interest in retaining them as customers and offering them gifts||Data is conserved for the entire length of the games or promotional operations and can be archived for 5 years for probationary reasons.|
|Develop statistics for browsing, site audience and types of purchases made||Your consent||Data is conserved for 1 year.|
|Diffuse personalized advertising||Your consent||Data is conserved for 1 year.|
|Manage requests to exercise rights OR customer rights OR site visitor rights||Our legitimate interest in answering your requests and conserving a follow-up on them||If we ask for your proof of identity: we conserve it only during the time needed to verify it. Once the verification has been done, the justification is deleted.
If you exercise your right to oppose receiving prospections: we conserve this information for 3 years.
The information that helps us manage your requests to exercise your rights by applying GDPR will be conserved for 2 years from the day of the request.
4. Who will get your data?
Those who will have access to your personal data:
- (i) Employees of our company;
- (ii) Our sub-contractors: host provider, payment service provider, CRM tool, sender of newsletters, delivery service;
- (iii) If appropriate: public and private organizations, but only to meet our legal obligations.
5. Is your data susceptible of being transferred outside the European Union?
Your data is conserved and stored during the entire time of its treatment on the AWS company servers, located in the European Union.
6. What are your rights concerning your data?
You have the following rights concerning your personal data:
- Right to access: you have the right of access at any time to all of your personal data (Article 15 of the GDPR).
- Right to rectification: you have the right to rectify at any time any inaccurate, incomplete or obsolete personal data (Article 16 of the GDPR).
- Right to limitation: you have the right to limit the treatment of your personal data, in some cases defined by article 18 of the GDPR.
- Right of deletion: you have the right to insist that your personal data be deleted and forbid any future collection of data for motifs stated in article 17 of the GDPR.
- Right to introduce a claim with a competent control authority (CNIL in France), if you consider that the treatment of your personal data constitutes a violation of any applicable texts (Article 77 of the GDPR).
- Right to define directives relative to the conservation, deletion and communication of your personal data after your death.
- Right to retract your consentment at any time: for purposes based on consentment, article 7 of the GDPR says that you can retract your consentment at any time. This retraction does not question the legality of the treatment done before retraction.
- Right to portability: based on certain conditions specified in article 20 of the GDPR, you have the right to receive personal data that you have supplied to us in a standard format that can be read by a machine and insist that it be transferred to the recipient of your choice.
- Right of opposition: in virtue of article 21 of the GDPR, you have the right to oppose the treatment of your personal data. However note that we can continue to treat it, despite this opposition, for legitimate motifs or for defending our rights in court.
You can exercise the above rights by writing to us at the contact details below. On this occasion we can request that you supply us with complementary information or documents to prove your identity.
7. What cookies do we use?
8. Delegate for the protection of personal data
Contact email: [email protected]