Privacy Policy and GDPR
ARTICLE 6: USER RIGHTS REGARDING DATA COLLECTION AND PROCESSING
ARTICLE 1 – PREAMBLE
The purpose of this privacy policy is to inform users of the site:
– On how your personal data is collected. Personal data is considered to be any information that allows a natural person to be identified. As such, this may include: your name, first name, address, email address, telephone number, as well as marketing-related information such as your communication preferences. We also collect profile data such as your usernames, passwords, preferences and responses to questionnaires. The technical data we collect includes your IP address, the type of browser you use, your operating system, and other information about the devices you use to access our website. Finally, we record data about your use of our site to improve your user experience. (Non-exhaustive list);- On the rights they have regarding this data;
– On the person responsible for processing the personal data collected and processed;
– On the recipients of this personal data;
– On the site’s cookie policy.
This policy is supplemented by the legal notices and General Conditions of Use
We use the personal information you provide to us to understand your needs and interests. If you have requested information, purchased services, participated in a survey or consented to receive marketing communications, you may receive messages from us.
You can opt out of these communications at any time by following the unsubscribe instructions in our messages. Please note, however, that this will not delete any other information we have about you.
We only collect information that you provide directly to us for actions you request, such as subscribing to a newsletter.
Our site is not intended for children and we do not intentionally collect data from children. If you are under 15 and believe that we have collected information about you, please contact us at infos@vanille-labelle.com. We do not collect any sensitive information about you through our site, except services related to Google tools.
ARTICLE 2: PRINCIPLES RELATING TO THE COLLECTION AND PROCESSING OF PERSONAL DATA
In accordance with article 5 of European Regulation 2016/679, your data is:
– Treated in a fair and transparent manner towards you.
– They are collected for specific and legitimate reasons, and cannot be used otherwise.
– The data is adequate, relevant and limited to what is necessary for the purposes for which it is processed and updated if necessary.
– They are kept for the time necessary for their initial processing.
– Security measures are in place to protect your data against unauthorized access or loss.
– The processing of your data is only permitted if it meets certain conditions, such as your consent, the performance of a contract, compliance with a legal obligation or the protection of vital interests.
Your personal data is collected:
Direct exchanges:
– You have the possibility to provide us with your personal information (identity, contact details and your preferences in terms of solicitation for prospecting and communications. By including filling out the “Contact Us” form available online on our site, or by contacting us by mail, e-mail, telephone or any other means of communication.
Please note that we do not collect any data about you through cookies, logs from our servers or any other equivalent process or technology. Only services associated with Google tools can potentially generate them.
ARTICLE 3: DATA PROCESSING RESPONSIBLE AND DATA PROTECTION DELEGATE
The data controller:
Personal data is collected by VANILLE LABELLE, a limited liability company (SARL) with capital of €30,000, whose registration number is 539 283 135
VANILLE LABELLE can be contacted as follows:
By post to the address : 150 South 1300 East 200, Salt Lake City, UT 84106;
By telephone : +1877-453-3430;
By email : prislin@vanille-labelle.com.
ARTICLE 4: USE OF PERSONAL DATA COLLECTED AND PROCESSING IN THE CONTEXT OF BROWSING THE SITE
4.1 Data collected and method of collection
The collection and processing of your data serves the following purposes:
– Use of your personal data only when the GDPR authorizes us to do so
– To execute the contract that we are going to sign or that we have signed with you.
– To serve our legitimate interests (or those of a third party), unless your interests or fundamental rights require superior personal data protection.
– To comply with our legal or regulatory obligations.
In general, we do not use your consent as a legal basis to process your personal data, except for email or SMS solicitations from third parties for prospecting purposes. Here is a list of all the ways we use your personal data and the legal bases we rely on. We have also indicated our legitimate interests where relevant.
Please note that we may process your personal data on different legal bases, depending on the purpose of the processing:
– To register you in our databases as a new customer, candidate, supplier, partner, etc.
Categories of data: Identity, Contact Information Base legal: Performance of a contract with you
– To manage our relationship with you, which includes informing you of changes to our data protection policy and soliciting your opinion or response to a survey…
Data categories: Identity, Contact details, Profile , Marketing and communications
Legal basis: Performance of a contract with you, to comply with legal obligations, Our legitimate interest in keeping our databases up to date and analyzing the use of our products and services by our customers
– To provide you relevant content on our site and measure its real impact on recipients
Categories of data: Identity, Contact Data, Profile, Marketing and communications, Usage, Quality, Technical
Legal basis: Our legitimate interest to analyze the use of our products and services by our customers, develop our business and our marketing strategy.
4.2 Communication of personal data
Your personal data may be shared with our partners for the purposes described in the table of our confidentiality policy. We require all third parties to secure your data and process it legally. We do not allow our partners to use your data for their own purposes. They may only use them for specific purposes and in accordance with our instructions.
4.3 International transfer of personal data
As a global company operating in multiple countries, we have established privacy practices that comply with various data protection laws. Data transfer between countries where we operate is carried out according to the standards and conditions of local data protection laws, including security standards.
If you reside outside the European Economic Area (EEA) and provide us with your personal data, you consent to its sharing and any cross-border transfers as described above.
The transfer of data between our companies or partners may involve a transfer of your data outside the EEA. When this happens, we ensure that your data has an adequate level of protection, either by ensuring that the recipient country guarantees adequate protection, or by using contractual clauses when we use certain service providers.
more information please refer:
– European Commission – Rules on international data transfers ( https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/rules-international -data-transfers_en )
– European Commission – Standard Contractual Clauses (SCC): https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses- scc_en
– European Commission – Adequacy decision: ( https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en )
ARTICLE 5: SECURITY OF YOUR DATA, CONSERVATION
5.1 Data security
We have implemented appropriate security measures to prevent any loss, misuse, unauthorized access, alteration or accidental disclosure of your personal data. Access to your personal data is strictly limited to employees, agents and contractual partners who need it to process your file, and only on instructions from us, and they are bound by strict confidentiality.
Procedures have been put in place to manage any potential personal data breach, and we are committed to informing you and the relevant authorities if necessary in accordance with legal obligations.
Despite our efforts to secure your data, it is important to note that the transmission of information over the Internet is never completely secure, and no method of electronic storage is completely foolproof. Therefore, although we do everything we can to protect your data, we cannot guarantee its absolute security.
In the event of a data breach, we undertake to inform you promptly and take all necessary measures to remedy it, in accordance with the requirements of the GDPR.
5.2 Data retention
Your personal data is only kept for as long as necessary to achieve the purposes for which it was collected, including to comply with legal, accounting or reporting obligations. When determining the appropriate retention period for personal data, we consider several of the following factors:
– The nature and sensitivity of the data,
– The risk of harm from unauthorized use or disclosure,
– Legal requirements or applicable regulations.
ARTICLE 6: USER RIGHTS REGARDING DATA COLLECTION AND PROCESSING
In accordance with the regulations in force of the Data Protection Act (Law 78-17 of January 6, 1978) and also the European regulation in application n°2016/679/EU of April 27, 2016 (applicable from May 25, 2018), you have the following rights if you are located in the European Union:
– The right to request access to your personal data
– The right to request rectification
– The right to request erasure
– The right to object to the processing of your personal data
– The right to request limitation of processing of your personal data
– The right to request portability of your personal data
– The right to withdraw the consent that you may have given to the processing of personal data
– Right to determine the fate of the data after death (specific to France)
To exercise your rights, please send your letter to VANILLE LABELLE. In order for the data controller to respond to your request, the user may be required to provide certain information such as their first and last name, email address, as well as their account number, personal space or subscriber.
We also invite you to consult the cnil.fr website to obtain more information on your rights.
The exercise of the rights set out above is free. However, if your request is clearly unfounded, repetitive or excessive, we may charge you a reasonable fee. In such circumstances, we may also decide not to comply with your request. If your requests are considered unfounded or excessive, in particular because of their repetitive nature, we may:
– Ask you to pay a reasonable fee to cover the administrative costs of providing the information, communications or measures requested; Or
– Refuse to comply with these requests.
As a security measure and to prevent unauthorized disclosure of your personal data, we may ask you for specific information to confirm your identity and ensure your right to access your personal data or exercise any other rights. We may also contact you for more details about your request to expedite our response.
We aim to respond to all legitimate requests within one month. However, in certain special circumstances, notably if your request is complex or if several requests have been made, it may take longer. If this is the case, we will notify you and keep you informed of the progress of your request.
ARTICLE 7: UPDATE OF THE DATA PROTECTION POLICY
This policy is periodically updated in order to remain in compliance with laws, regulations and case law concerning the protection of personal data. As well as To describe new features of our website, the products or services we offer, and how this may impact our use of your personal data.
Date of last update of this personal data protection policy: 03/26/2024.