Privacy Policy

Privacy Policy
Last Updated: January 15, 2025

PROTECTION OF PERSONAL DATA

The use of information and communication technologies requires special attention to privacy protection.

Shyffa, as the data controller, places great importance on the confidentiality of the personal information it collects and is committed to complying with applicable regulations regarding the processing of personal data, including Regulation (EU) No. 2016/679 on the Protection of Personal Data (GDPR).

This policy (along with our General Terms and Conditions of Sale, General Terms and Conditions of Use of the Website) aims to inform you about our practices regarding the collection, use, and sharing of the information you may actively or passively provide through our website www.shyffa.com (hereinafter referred to as the “Website”).

We encourage you to read this policy carefully before using our services.

1. WHAT TYPES OF INFORMATION DO WE COLLECT?

When you use our Website, you may provide us with information that can directly or indirectly identify you (the “Personal Data”). This information includes:

  • Data required to create a customer account: name, surname, email address, postal address, gender, phone number, and password. Mandatory fields are marked with an asterisk (*) in the account creation form.
  • Data related to purchases made on our Website: name, surname, billing and delivery addresses, phone number, credit card number (XX), CVV (XX), and expiration date (XX). This information is necessary to process orders and ensure delivery.
  • Data related to inquiries or requests for advice: information identifying you (name, surname, email address, or phone number) and details of your request.
  • Data related to your navigation on the Website: IP address, browser type, operating system, pages visited, time spent on each page, etc. This data is collected to ensure the proper functioning of the Website and analyze its traffic.

2. HOW DO WE COLLECT YOUR DATA?

Your personal data is collected both passively and actively:

  • Passive collection: through cookies placed on your device (computer, smartphone, tablet) while you browse the Website. 
  • Active collection: directly from you via contact forms, account creation forms, or through your interactions with our services.

If certain information is required to use our services and you choose not to provide it, we will not be able to offer the related products or services.

3. WHY DO WE PROCESS YOUR DATA?

We collect and process your personal data for the following purposes:

  • Providing products and services: processing orders, tracking deliveries, managing customer accounts, etc.
  • Sending commercial communications: newsletters, promotions, abandoned cart reminders (with your consent).
  • Responding to your inquiries: personalized advice, assistance, and follow-up on claims.
  • Optimizing our Website: ensuring proper display and secure navigation.
  • Measuring audience and targeted advertising: analyzing Website traffic and displaying personalized ads (with your consent).

4. HOW LONG DO WE KEEP YOUR DATA?

Your personal data is retained only for the time necessary to achieve the defined purposes:

Type of Data Retention Period
Customer account data Until account deletion or after 2 years of inactivity
Navigation data (cookies) Refer to the Cookie Policy
Order-related data 5 years for legal purposes
Payment data Securely retained for up to 13 months (15 months for deferred payments)

5. WHO DO WE SHARE YOUR DATA WITH?

Your personal data is shared only:

  • With Shyffa’s internal departments (customer service, IT, sales administration, etc.).
  • With our subcontractors: hosting providers, delivery companies, payment solutions, etc.

Your data is not transferred outside the European Union, except for third-party cookies placed by certain platforms (social networks, audience measurement). For more details, refer to the Cookie Policy.

6. WHAT SECURITY MEASURES DO WE IMPLEMENT?

We protect your personal data using technical and organizational measures:

  • SSL protocol for secure exchanges.
  • Regular backups.
  • Access management and permissions control.

In case of a data breach posing a high risk to your privacy, we will inform you promptly so that you can take necessary precautions.

7. YOUR RIGHTS REGARDING YOUR DATA

Under the GDPR, you have the following rights:

  • Access, rectify, or delete your data.
  • Object to or restrict the processing of your data.
  • Request data portability.
  • Define instructions for the handling of your data after your death.

To exercise your rights, contact us at:
Shyffa
[Complete address in France]
Or by email: rgpd@shyffa.com

If you are not satisfied with our response, you may file a complaint with the CNIL.

8. CHANGES TO THIS POLICY

We reserve the right to amend this Privacy Policy at any time. In case of significant changes, registered users will be notified via email. We encourage you to review this page regularly to stay informed.

Last updated: January 15, 2025

Terms & Conditions
Privacy Policy
Shipping & Returns
Facebook-f X-twitter Instagram
Copyright © 2024 Shyffa. All rights reserved.
  • Boutique