privacy

Last updated: 2024

At Azuriale, the privacy of your personal data is a priority. This Privacy Policy explains how we collect, use, store and protect your personal information when you use our website www.azuriale.com (the “Site”), when you create an account, place an order, contact us, or interact with us in any other way.

This Policy is drafted in accordance with the EU General Data Protection Regulation (GDPR) and French data protection law (Loi “Informatique et Libertés”).

By using the Site, you acknowledge that you have read and understood this Privacy Policy.

---

1. Who we are

Website address: https://azuriale.com
Data controller:
Azuriale
15 impasse des épinguys
74100 Vetraz Monthoux, France

Email: info@azuriale.com

For all questions relating to this Privacy Policy or to your personal data, you can contact us at: info@azuriale.com.

If Azuriale appoints a Data Protection Officer (DPO) in the future, their contact details will be made available on the Site.

---

2. Personal data we collect

We may collect personal data in several ways:

2.1 Data you provide directly

• When you create an account (if applicable):
  • Identification data: first name, last name, username
  • Contact data: email address, postal address, telephone number
  • Login data: password (stored in encrypted form)
• When you place an order:
  • Identification and contact data
  • Delivery and billing address
  • Order details (products purchased, amounts, order history)
  • Payment-related data (via our payment provider – we do not store your full card details on our servers)
• When you contact us (contact form, email, social networks, etc.):
  • Identification data and contact details
  • Content of your message and our exchanges
• When you subscribe to a newsletter or marketing communications (if available):
  • Email address and preferences
• When you leave a comment or a review on the Site:
  • Data entered in the comment form (name, email address, website, comment text)
  • Optionally, your profile picture if you use a compatible avatar service.

2.2 Data collected when you leave a comment

When you leave a comment on our Site, we collect:

• The data you enter in the comment form
• Your IP address
• Your browser user-agent string

These data help us detect and block unwanted comments (spam) and maintain the security of the Site.

An anonymised string (hash) created from your email address may be sent to an avatar service to check whether you use it. After your comment is approved, your profile picture associated with that service may be publicly visible next to your comment.

2.3 Media

If you upload images to the Site (for example, in a profile or comment), we recommend that you avoid including EXIF data containing GPS coordinates. Visitors to the Site can download and extract location data from images posted on the Site.

2.4 Cookies and similar technologies

We use cookies and similar technologies to operate and improve the Site.

• If you leave a comment, you can choose to save your name, email address and website in cookies. This is for your convenience so that you do not have to re-enter this information when you leave another comment. These cookies are kept for one year.
• When you access the login page, we set a temporary cookie to determine whether your browser accepts cookies. It does not contain personal data and is deleted when you close your browser.
• When you log in to your account (if applicable):
  • Several cookies are set to store your login information and your display preferences.
  • A login cookie is kept for about two days; a screen preferences cookie is kept for about one year.
  • If you select “Remember me”, your login cookie will be kept for about two weeks.
  • If you log out, the login cookies are removed.
• When you edit or publish an article (if applicable), an additional cookie may be stored in your browser. It contains no personal data and simply indicates the ID of the post you just edited. It expires after one day.

2.5 Embedded content from other websites

Articles and pages on this Site may include embedded content (e.g. videos, images, articles).

Embedded content from other websites behaves exactly as if the visitor had visited the other website directly. These websites may collect data about you, use cookies, embed third-party tracking tools, and monitor your interaction with this embedded content, including if you have an account and are logged in to that website.

We encourage you to read the privacy policies of these third-party websites.

2.6 Data collected automatically during browsing

When you browse the Site, we may automatically collect:

• Technical data: IP address, device type, operating system, browser type and version
• Browsing data: pages visited, date and time of visits, time spent on pages, actions performed (clicks, scrolls), referring URL
• Approximate location based on your IP address

These data are used for security, audience measurement and to improve the Site.

---

3. How and why we use your personal data (purposes and legal bases)

We process your personal data for the following purposes and on the following legal bases under the GDPR:

1. Managing your orders and the customer relationship
   • Purposes: processing and delivering orders, managing payments and invoices, handling returns and refunds, customer service.
   • Legal bases:
     • Performance of a contract (your purchase)
     • Compliance with legal obligations (accounting, tax, consumer law).
2. Creating and managing your customer account (if applicable)
   • Purposes: provide access to your account, order history, saved addresses, etc.
   • Legal bases:
     • Performance of a contract or pre-contractual measures
     • Our legitimate interest in providing a secure and functional account area.
3. Comments, reviews and user-generated content
   • Purposes: display and moderate comments/reviews, fight spam and abuse.
   • Legal bases:
     • Your consent when you choose to post a comment or review
     • Our legitimate interest in maintaining the security and quality of the Site and discussions.
4. Security and fraud prevention
   • Purposes: detection of spam, intrusion attempts, misuse and fraud; securing the Site and our systems.
   • Legal bases:
     • Our legitimate interest in protecting our business and users
     • Compliance with legal obligations to ensure security.
5. Communication with you
   • Purposes: responding to your requests, sending service messages (order confirmation, delivery updates, changes to terms or policies).
   • Legal bases:
     • Performance of a contract or pre-contractual measures
     • Our legitimate interest in responding to your requests.
6. Newsletters and marketing communications (if offered)
   • Purposes: sending news, offers and updates about our products and the brand.
   • Legal basis:
     • Your consent (you may withdraw your consent at any time, e.g. via the unsubscribe link or by contacting us).
7. Statistics and audience measurement
   • Purposes: understanding how the Site is used, improving performance and content, measuring performance of pages and campaigns.
   • Legal bases:
     • Our legitimate interest in improving our services
     • Where required by law for certain cookies or trackers, your consent via the cookie banner.

We do not use your personal data for fully automated decision-making that produces legal effects concerning you or significantly affects you.

---

4. Use and transmission of your personal data

4.1 Password reset

If you request a password reset, your IP address will be included in the reset email to help us prevent abuse and fraud.

4.2 Service providers and recipients

We may share your personal data with:

• Technical and hosting providers who host the Site and provide IT and security services
• Payment service providers, who receive your payment data directly and process payments securely
• Logistics and delivery providers for shipping your orders
• Service providers for communication, analytics or marketing (where applicable)
• Professional advisers (lawyers, accountants, etc.), where necessary
• Public authorities or law enforcement, where required by law or to protect our rights.

Where third-party services are used (for example an external avatar service for profile pictures in comments), your data processed by those services are subject to their own privacy policies.

---

5. International data transfers

Some of our service providers may be located in countries outside the European Economic Area (EEA).

In such cases, we ensure that appropriate safeguards are in place as required by the GDPR, such as:

• An adequacy decision from the European Commission, or
• Standard Contractual Clauses or equivalent contractual safeguards with the service provider.

You can contact us for more information on transfers and applicable safeguards.

---

6. How long we keep your data

We keep your personal data only for as long as necessary for the purposes for which they were collected, plus any applicable limitation or legal retention periods.

In particular:

• Comments: if you leave a comment, the comment and its metadata are retained indefinitely. This enables us to recognise and automatically approve any follow-up comments instead of holding them in a moderation queue.
• User accounts (if applicable): for users who register on our Site, we store the personal information they provide in their user profile for as long as their account remains active. When an account is closed, certain data may be retained for the period necessary to comply with legal obligations (e.g. accounting and tax), to resolve disputes or enforce our rights.
• Order data: order and invoicing data are generally kept for the duration of the contractual relationship and then for the legal retention periods imposed by tax and accounting law.
• Contact and support data: kept for the time necessary to process your request and to ensure appropriate follow-up.
• Cookies: cookie lifetimes vary depending on their purpose (from a session to several months or years). Non-essential cookies are not kept longer than necessary and are configured in accordance with legal requirements and the choices you express via your browser or the cookie banner.

---

7. Cookies and similar technologies

Cookies are small text files stored on your device when you visit the Site. We use several types of cookies:

• Strictly necessary cookies: essential for the functioning of the Site (e.g. session, security, login).
• Preference cookies: remember your choices (e.g. language, display settings).
• Analytics cookies: help us understand how the Site is used, improve performance and content.
• Marketing or tracking cookies (if any): used to display personalised content or advertising, and to measure the effectiveness of campaigns.

Where required by law, non-essential cookies are only placed with your consent, which you can give or withdraw via our cookie banner or your browser settings.

You can configure your browser to refuse all or some cookies or to alert you when cookies are being used. Note that disabling certain cookies may impact the functioning of the Site.

---

8. Security of your personal data

We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, loss, destruction, alteration or disclosure (for example: limited access to data, secure connections via HTTPS, strong passwords, regular updates of our systems, etc.).

However, no system is completely secure. We cannot guarantee absolute security, but we are committed to continuously improving our security measures.

---

9. Your rights

In accordance with the GDPR and French data protection law, you have the following rights over your personal data:

• Right of access: obtain confirmation that we process your data and a copy of those data.
• Right to rectification: correct inaccurate or incomplete data.
• Right to erasure (“right to be forgotten”): request the deletion of your data in certain cases.
• Right to restriction of processing: request the suspension of processing in specific circumstances.
• Right to object:
  • to processing based on our legitimate interests for reasons relating to your particular situation;
  • at any time to processing for direct marketing purposes.
• Right to data portability: receive the data you have provided to us in a structured, commonly used and machine-readable format and transmit them to another controller, where legally applicable.
• Right to withdraw your consent: where processing is based on your consent, you may withdraw it at any time, without affecting the lawfulness of processing based on consent before withdrawal.
• Right to lodge a complaint with a supervisory authority: in France, with the CNIL (Commission Nationale de l’Informatique et des Libertés).

How to exercise your rights

You can exercise your rights by contacting us at: info@azuriale.com

For security reasons and to prevent fraud, we may ask you for proof of identity if necessary. We will respond to your request as soon as possible and in any event within the deadlines set by applicable law.

---

10. Third-party content, links and social networks

The Site may contain links to third-party websites or services (e.g. social networks, payment providers, shipping tracking pages, embedded videos).

These third parties are responsible for their own privacy practices. We recommend that you read their privacy policies to understand how they process your data.

---

11. Children

Our Site and our products are not specifically intended for children.

Where we rely on consent for the processing of personal data in relation to information society services directly offered to children in France, children under 15 years of age require parental consent in addition to their own consent, in accordance with French law and Article 8 GDPR.

We do not knowingly collect personal data from children under the applicable age without the necessary consent. If you believe that we have collected data about a child in breach of these rules, please contact us at info@azuriale.com so that we can delete the data or regularise the situation.

---

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time, for example to reflect changes in our practices, in the Site, or in applicable laws and regulations.

If we make significant changes, we will notify you by an appropriate means (for example, by a notice on the Site or by email if you have an account or a subscription) and indicate the date of the most recent update at the top of this page.

We encourage you to review this Privacy Policy periodically.Last updated: 2024

At Azuriale, the privacy of your personal data is a priority. This Privacy Policy explains how we collect, use, store and protect your personal information when you use our website www.azuriale.com (the “Site”), when you create an account, place an order, contact us, or interact with us in any other way.

This Policy is drafted in accordance with the EU General Data Protection Regulation (GDPR) and French data protection law (Loi “Informatique et Libertés”).

By using the Site, you acknowledge that you have read and understood this Privacy Policy.

---

1. Who we are

Website address: https://azuriale.com
Data controller:
Azuriale
15 impasse des épinguys
74100 Vetraz Monthoux, France

Email: info@azuriale.com

For all questions relating to this Privacy Policy or to your personal data, you can contact us at: info@azuriale.com.

If Azuriale appoints a Data Protection Officer (DPO) in the future, their contact details will be made available on the Site.

---

2. Personal data we collect

We may collect personal data in several ways:

2.1 Data you provide directly

• When you create an account (if applicable):
  • Identification data: first name, last name, username
  • Contact data: email address, postal address, telephone number
  • Login data: password (stored in encrypted form)
• When you place an order:
  • Identification and contact data
  • Delivery and billing address
  • Order details (products purchased, amounts, order history)
  • Payment-related data (via our payment provider – we do not store your full card details on our servers)
• When you contact us (contact form, email, social networks, etc.):
  • Identification data and contact details
  • Content of your message and our exchanges
• When you subscribe to a newsletter or marketing communications (if available):
  • Email address and preferences
• When you leave a comment or a review on the Site:
  • Data entered in the comment form (name, email address, website, comment text)
  • Optionally, your profile picture if you use a compatible avatar service.

2.2 Data collected when you leave a comment

When you leave a comment on our Site, we collect:

• The data you enter in the comment form
• Your IP address
• Your browser user-agent string

These data help us detect and block unwanted comments (spam) and maintain the security of the Site.

An anonymised string (hash) created from your email address may be sent to an avatar service to check whether you use it. After your comment is approved, your profile picture associated with that service may be publicly visible next to your comment.

2.3 Media

If you upload images to the Site (for example, in a profile or comment), we recommend that you avoid including EXIF data containing GPS coordinates. Visitors to the Site can download and extract location data from images posted on the Site.

2.4 Cookies and similar technologies

We use cookies and similar technologies to operate and improve the Site.

• If you leave a comment, you can choose to save your name, email address and website in cookies. This is for your convenience so that you do not have to re-enter this information when you leave another comment. These cookies are kept for one year.
• When you access the login page, we set a temporary cookie to determine whether your browser accepts cookies. It does not contain personal data and is deleted when you close your browser.
• When you log in to your account (if applicable):
  • Several cookies are set to store your login information and your display preferences.
  • A login cookie is kept for about two days; a screen preferences cookie is kept for about one year.
  • If you select “Remember me”, your login cookie will be kept for about two weeks.
  • If you log out, the login cookies are removed.
• When you edit or publish an article (if applicable), an additional cookie may be stored in your browser. It contains no personal data and simply indicates the ID of the post you just edited. It expires after one day.

2.5 Embedded content from other websites

Articles and pages on this Site may include embedded content (e.g. videos, images, articles).

Embedded content from other websites behaves exactly as if the visitor had visited the other website directly. These websites may collect data about you, use cookies, embed third-party tracking tools, and monitor your interaction with this embedded content, including if you have an account and are logged in to that website.

We encourage you to read the privacy policies of these third-party websites.

2.6 Data collected automatically during browsing

When you browse the Site, we may automatically collect:

• Technical data: IP address, device type, operating system, browser type and version
• Browsing data: pages visited, date and time of visits, time spent on pages, actions performed (clicks, scrolls), referring URL
• Approximate location based on your IP address

These data are used for security, audience measurement and to improve the Site.

---

3. How and why we use your personal data (purposes and legal bases)

We process your personal data for the following purposes and on the following legal bases under the GDPR:

1. Managing your orders and the customer relationship
   • Purposes: processing and delivering orders, managing payments and invoices, handling returns and refunds, customer service.
   • Legal bases:
     • Performance of a contract (your purchase)
     • Compliance with legal obligations (accounting, tax, consumer law).
2. Creating and managing your customer account (if applicable)
   • Purposes: provide access to your account, order history, saved addresses, etc.
   • Legal bases:
     • Performance of a contract or pre-contractual measures
     • Our legitimate interest in providing a secure and functional account area.
3. Comments, reviews and user-generated content
   • Purposes: display and moderate comments/reviews, fight spam and abuse.
   • Legal bases:
     • Your consent when you choose to post a comment or review
     • Our legitimate interest in maintaining the security and quality of the Site and discussions.
4. Security and fraud prevention
   • Purposes: detection of spam, intrusion attempts, misuse and fraud; securing the Site and our systems.
   • Legal bases:
     • Our legitimate interest in protecting our business and users
     • Compliance with legal obligations to ensure security.
5. Communication with you
   • Purposes: responding to your requests, sending service messages (order confirmation, delivery updates, changes to terms or policies).
   • Legal bases:
     • Performance of a contract or pre-contractual measures
     • Our legitimate interest in responding to your requests.
6. Newsletters and marketing communications (if offered)
   • Purposes: sending news, offers and updates about our products and the brand.
   • Legal basis:
     • Your consent (you may withdraw your consent at any time, e.g. via the unsubscribe link or by contacting us).
7. Statistics and audience measurement
   • Purposes: understanding how the Site is used, improving performance and content, measuring performance of pages and campaigns.
   • Legal bases:
     • Our legitimate interest in improving our services
     • Where required by law for certain cookies or trackers, your consent via the cookie banner.

We do not use your personal data for fully automated decision-making that produces legal effects concerning you or significantly affects you.

---

4. Use and transmission of your personal data

4.1 Password reset

If you request a password reset, your IP address will be included in the reset email to help us prevent abuse and fraud.

4.2 Service providers and recipients

We may share your personal data with:

• Technical and hosting providers who host the Site and provide IT and security services
• Payment service providers, who receive your payment data directly and process payments securely
• Logistics and delivery providers for shipping your orders
• Service providers for communication, analytics or marketing (where applicable)
• Professional advisers (lawyers, accountants, etc.), where necessary
• Public authorities or law enforcement, where required by law or to protect our rights.

Where third-party services are used (for example an external avatar service for profile pictures in comments), your data processed by those services are subject to their own privacy policies.

---

5. International data transfers

Some of our service providers may be located in countries outside the European Economic Area (EEA).

In such cases, we ensure that appropriate safeguards are in place as required by the GDPR, such as:

• An adequacy decision from the European Commission, or
• Standard Contractual Clauses or equivalent contractual safeguards with the service provider.

You can contact us for more information on transfers and applicable safeguards.

---

6. How long we keep your data

We keep your personal data only for as long as necessary for the purposes for which they were collected, plus any applicable limitation or legal retention periods.

In particular:

• Comments: if you leave a comment, the comment and its metadata are retained indefinitely. This enables us to recognise and automatically approve any follow-up comments instead of holding them in a moderation queue.
• User accounts (if applicable): for users who register on our Site, we store the personal information they provide in their user profile for as long as their account remains active. When an account is closed, certain data may be retained for the period necessary to comply with legal obligations (e.g. accounting and tax), to resolve disputes or enforce our rights.
• Order data: order and invoicing data are generally kept for the duration of the contractual relationship and then for the legal retention periods imposed by tax and accounting law.
• Contact and support data: kept for the time necessary to process your request and to ensure appropriate follow-up.
• Cookies: cookie lifetimes vary depending on their purpose (from a session to several months or years). Non-essential cookies are not kept longer than necessary and are configured in accordance with legal requirements and the choices you express via your browser or the cookie banner.

---

7. Cookies and similar technologies

Cookies are small text files stored on your device when you visit the Site. We use several types of cookies:

• Strictly necessary cookies: essential for the functioning of the Site (e.g. session, security, login).
• Preference cookies: remember your choices (e.g. language, display settings).
• Analytics cookies: help us understand how the Site is used, improve performance and content.
• Marketing or tracking cookies (if any): used to display personalised content or advertising, and to measure the effectiveness of campaigns.

Where required by law, non-essential cookies are only placed with your consent, which you can give or withdraw via our cookie banner or your browser settings.

You can configure your browser to refuse all or some cookies or to alert you when cookies are being used. Note that disabling certain cookies may impact the functioning of the Site.

---

8. Security of your personal data

We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, loss, destruction, alteration or disclosure (for example: limited access to data, secure connections via HTTPS, strong passwords, regular updates of our systems, etc.).

However, no system is completely secure. We cannot guarantee absolute security, but we are committed to continuously improving our security measures.

---

9. Your rights

In accordance with the GDPR and French data protection law, you have the following rights over your personal data:

• Right of access: obtain confirmation that we process your data and a copy of those data.
• Right to rectification: correct inaccurate or incomplete data.
• Right to erasure (“right to be forgotten”): request the deletion of your data in certain cases.
• Right to restriction of processing: request the suspension of processing in specific circumstances.
• Right to object:
  • to processing based on our legitimate interests for reasons relating to your particular situation;
  • at any time to processing for direct marketing purposes.
• Right to data portability: receive the data you have provided to us in a structured, commonly used and machine-readable format and transmit them to another controller, where legally applicable.
• Right to withdraw your consent: where processing is based on your consent, you may withdraw it at any time, without affecting the lawfulness of processing based on consent before withdrawal.
• Right to lodge a complaint with a supervisory authority: in France, with the CNIL (Commission Nationale de l’Informatique et des Libertés).

How to exercise your rights

You can exercise your rights by contacting us at: info@azuriale.com

For security reasons and to prevent fraud, we may ask you for proof of identity if necessary. We will respond to your request as soon as possible and in any event within the deadlines set by applicable law.

---

10. Third-party content, links and social networks

The Site may contain links to third-party websites or services (e.g. social networks, payment providers, shipping tracking pages, embedded videos).

These third parties are responsible for their own privacy practices. We recommend that you read their privacy policies to understand how they process your data.

---

11. Children

Our Site and our products are not specifically intended for children.

Where we rely on consent for the processing of personal data in relation to information society services directly offered to children in France, children under 15 years of age require parental consent in addition to their own consent, in accordance with French law and Article 8 GDPR.

We do not knowingly collect personal data from children under the applicable age without the necessary consent. If you believe that we have collected data about a child in breach of these rules, please contact us at info@azuriale.com so that we can delete the data or regularise the situation.

---

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time, for example to reflect changes in our practices, in the Site, or in applicable laws and regulations.

If we make significant changes, we will notify you by an appropriate means (for example, by a notice on the Site or by email if you have an account or a subscription) and indicate the date of the most recent update at the top of this page.

We encourage you to review this Privacy Policy periodically.