Privacy Policy

1. Avant propos

The protection of your personal data is part of the company values of Jasper Peto France. By using our website (the “Website”) or visiting one of our stores you acknowledge that you have read this privacy policy (“Privacy Policy”) which regulates the protection of your personal data collected while using our website, meaning any information identifying you either directly or indirectly (“Data” or “Personal Data”), such as your surname, first name, postal address, e-mail, Customer number etc.

2. Who are the Data Controller and the Data Protection Officer?

Within the context of the protection of your Data, the regulations define two key roles:

The Data Controller, who determines the purposes for which your Data is collected. The company in question is Jasper Peto France, whose registered office is located at 56 rue Tiquetonne 75002 Paris, France, registered on the Trade and Companies Register of Paris under the number 345303697, which can be contacted by telephone at +33140266068 or by e-mail by completing the contact form on the Contact page of the Website.

The Data Protection Officer, who advises and supports our company with the compliance of our procedures with personal data regulations. The Data Protection Officer may be contacted for any questions relating to your Personal Data by e-mail by completing the contact form on the Contact page of the website, or by post to DPO - GDPR, Jasper Peto France, 56 rue Tiquetonne, 75002 Paris, France.

3. Which Personal Data do we collect?

Your Personal Data is collected, for example, when you enter it in the dedicated forms on the Website or when you create your Customer account in store, when you place an Order on the Website, when you correspond with Customer Services, and more generally when you browse our Website. The following Personal Data is involved.

The information collected when you create your account in our stores, such as your surname, first name, postal address, e-mail, date of birth, telephone number and your contact preferences in relation to subscription to newsletters.

The information collected when you create your account on the Website such as your surname, first name, email address, password, your contact preferences in relation to subscription to newsletters, your telephone number and date of birth.

The information required for managing and processing your orders such as your bank card details used in the transaction, your order history (for example purchase amount, references of products ordered etc) and your written or telephone correspondence with our customer services.

The information collected when you browse the Website such as your browsing history (for example the date, time of connection and/or browsing, the pages visited etc) the type of terminal and browser, your location, the browser language, the internet provider and IP address.

4. Why do we use your personal Data?

We use your personal Data for several reasons.

Our primary objective is of course to satisfy you as a customer. For this reason we collect most of your Data within the context of your purchases, particularly to deliver your orders and to give you any support you may request.

On the other hand, we may collect your Data when you give us your consent for purposes that will enhance your experience with our brand.

Finally, other Data is collected because it arises from a need based on a legitimate interest (for example to facilitate the access to our Website and its use).

You will find further examples below of the purposes for which Data is collected.

LEGAL BASIS - Your purchasing PROCESSING PURPOSES - Ensure the delivery of the products you have ordered. Manage the customer relationship and any complaints you might have. Manage any requests relating to the exercise of your rights in relation to personal data.

LEGAL BASIS - Your consent PROCESSING PURPOSES - Receive our newsletters and customised offers. Benefit from a browsing experience customised according to your purchasing history and your browsing on the Website. Benefit from our customised advertising promotions on third party media.

LEGAL BASIS - Our legitimate interest PROCESSING PURPOSES - Access to the Website and its usage. Analyse and improve the quality and the performance of services. Monitor use of the Website and improve your experience. Preserve our rights. Manage transactions and combat fraud. Generate statistics and segment information, investigations and analyses in order to improve our knowledge of our customers.

5. What are your rights regarding your Data?

In accordance with the relevant regulations relating to personal Data you hold and may exercise the following rights with us.

Rights of access. You have the right to access the personal Data processed by us.

Right to rectification. You have the right to request that we rectify your Data if it is inaccurate or incomplete.

Right to erasure. You have the right to request that we erase your Data (subject to the conditions set out in Article 8 below).

Right to object. You have the right to request not to receive any further communications from us by using our online forms, the links at the bottom of our e-mails or by replying “STOP” by text message.

Right to portability. You have the right to request the transfer of your Data if the conditions for exercising this right are met.

Right to be informed. You have the right to obtain information regarding the way in which we process your Data.

In order to exercise your right you may send us an email via a completed contact form, or send us a latter to the following address. DPO - GDPR, Jasper Peto France, 56 rue Tiquetonne, 75002 Paris, France. We may ask you to provide us with proof of identity.

We commit to replying as quickly as possible, once our services have received your request. If you no longer wish to receive our newsletters you may click on the unsubscribe link located at the bottom of our e-mails, or reply “STOP” by text message or configure the newsletter settings in your account, if you have created one.

6. Who are the recipients of your personal Data?

Your Data is intended principally to be used by our services. It may sometimes be sent to external recipients for the reasons described below. In any event we select the recipients of your Data on the basis of their competence in data security and privacy. We conclude contracts with these recipients allowing us to ensure the high level of security of their systems. These include our service providers responsible for improving the function of our Websites, implementing your transactions and payment security; those service providers responsible for logistics (delivery of your products); and those responsible for our customer services such as marketing, commercial services or advertising agencies.

Your Data may also be transferred to third parties: 1. subject to your prior consent for processing in accordance with the purposes for which your Data has been collected, or 2. in the event that we are obliged to do so by the law as part of legal proceedings or if an imperative request has been made by a public body or 3. if we are involved in a merger or acquisition operation or asset sale.

7. Transfer of your personal Data outside the European Union.

In the event that the personal Data is transferred to a country outside the European Union we commit ourselves to taking the technical and organisational measures required in order to guarantee an adequate level of security for your Data as if it had remained within the European Union.

Indeed we demand of these Data recipients that they implement the measures required to ensure the same level of protection as demanded by the European regulations relating to personal data, for example by using the standard contractual clauses of the European Commission or the Binding Corporate Rules (BCR).

8. Security and privacy of your personal Data.

We implement technical and organisational mesures to ensure the security, integrity, authenticity and privacy of the personal Data. We ensure that our partners maintain a level of protection comparable to ours in relation to your personal Data. We also ensure that your transactions are secure by implementing adequate measures as well as measures to combat fraud.

9. For how long do we store your personal Data?

We store your personal Data only for the period that is strictly required for the purposes for which they were collected. Hence we store:

your personal Data, with the exception of your bank details, which are collected and processed by the intermediary among our service providers responsible for processing payments, for 3 years from the date of the last interaction between us (ie from your last purchase, from the last contact with our customer services, from the opening of our newsletters or otherwise from the date on which the Customer’s profile was created).

the connection logs that are collected, provided that you consent to this, with the help of cookies and other trackers used within the context of this service, for a period no longer than thirteen (13) months. For more details please see the “Cookies Policy”.

Your bank details are stored by our payment partner, Stripe. When you make purchases online you are required to enter your bank details in the fields provided for that purpose. If you provide your consent and in order to facilitate your payments you may prefer that our payment service provider stores your bank details in a secure manner so they can be used for your next purchases. If this is the case you can tick the “Save your payment details” option when you pay for your order. You may, at any moment, ask us to delete the registered bank card by consulting your account under the heading “My payment options” or by writing to us via our Contact form.

Once your Data has been deleted from our database, some of your Data may be stored in an archived form with limited access, strictly limited to the objectives of satisfying our legal, accounting and fiscal obligations, but also for the purposes of managing any complaints or guarantee claims you might have within the applicable limits of any limitation periods.

Once your personal Data is no longer required for these purposes or for archiving purposes in order to comply with our legal obligations or for the purposes of the applicable limitation, your Data will be irreversibly anonymised.

You may at any time request that we erase all or part of your Data, object to its processing or request that it is restricted, in compliance with Article 4 above. In the event that you request that your Data be erased, it will be erased from our database and stored in an archived form as described above.

10. Miscellaneous

In the event of any changes to these terms for the processing of your Data we will update our Privacy Policy and keep you informed of them. Finally, we inform you that if you have any complaints relating to the protection of your personal Data you may also contact your local supervisory authority.