The personal information collected by E-commerce Nation (including email addresses) remain confidential and are only accessible to the website team. We commit ourselves to strictly respect the confidentiality and the security of your information.
You can unsubscribe from our emails if you wish. The data are treated in accordance with the law of January 6, 1978 “Data processing, Files and Freedoms”.
The database is subject to French legislation and therefore registered with the CNIL.
I. Information you actively provide to us
You provide us with information about yourself through various forms on the website. This includes the pop-up that appears when you first visit the website as well as the various contact forms found on certain pages and articles of the website. The information collected via these forms is limited to the information you enter and validate, which is generally only your email address, unless you provide additional information through these means.
II. Information we collect passively
We automatically collect information about your navigation during the time you spend on the website. This information is stored in small files called “cookies” and allows us to obtain technical information about your browsing behavior. This information allows us to:
- Track the number of visits to the website
- Improve the security of the website
- To have an overall view of the browsing behavior that visitors to the website (including you) adopt on our website (pages visited, time spent on the site, device used, location).
This information is purely technical and anonymous. It does not allow us to collect any information about you.
You tacitly authorize the collection of this information when you browse the website. These “cookies” can be of several types:
- Analytical / performance cookies. These cookies collect information that is used in aggregate form to help us understand how our website is used or to measure the effectiveness of our marketing campaigns, or to help us personalize our websites for you.
- Functionality cookies. These are used to recognize you when you return to the website. This allows us to personalize our content for you, to greet you by name, and to remember your preferences (for example, your choice of language or region).
You can block cookies by activating the setting in your browser that allows you to refuse the setting of some or all cookies. However, please be aware that blocking cookies may limit your use of the website. In particular, you may not be able to access all or part of the website or use all of its features.
III. Use of this information
Any information about you that we collect or receive, whether personal or technical, may be used by us in the following ways:
- To fulfill our obligations under any contract between you and us and to provide you with the information, products and services you request from us;
- To provide you with information about other goods and services that we, or our selected partners, offer that are relevant or similar to those you have already purchased or sought. These contacts will only be made by e-mail or SMS, and you may opt out at any time;
- To inform you of changes to our services;
- To administer the Website and perform internal operations, including troubleshooting, data analysis, testing, research, statistical studies and surveys;
- To improve the Website and ensure that its content is presented in the most effective manner for you and your computer;
- To allow you to use the interactive features of our service, when you choose to do so;
- To maintain the security of the Website:
- To measure or understand the effectiveness of the ads we serve, and to show you relevant ads; and
- To meet our record keeping and information storage obligations and policy.
IV. Disclosure of your information
We may share your information with:
- Business partners, vendors, and contractors for the purpose of performing any contract we enter into with them or with you ;
- Advertisers and ad networks that require data to select and serve ads relevant to you and other users. Such information does not allow advertisers to identify you, but we do provide them with aggregated information about our users (e.g., 500 users live in a given area) to help them reach the type of audience they want to target. We may use the personal data you provide to us to comply with our advertisers’ wishes by showing their ads to the audience they are targeting; and
- Analytics and search engine providers who help us improve and optimize the Website;
We will disclose your personal information to third parties:
- If we sell or buy a business or assets, in which case we will disclose your personal information to the prospective seller or buyer of that business or assets;
- If we, or substantially all of our assets, are acquired by a third party, in which case the personal data we hold about our customers will be one of the transferred assets;
- To protect our rights, property, or safety, or those of our customers or others.
V. Your rights
The law gives you the following rights with respect to your personal information:
- The right to be informed about the collection and use of your personal information;
- The right to access your information to verify the lawfulness of our use of it;
- The right to request that inaccurate or incomplete information about you be corrected;
- The right to request the deletion or removal of your information when there is no longer any reason for us to use it
- The right to restrict the use of your information;
- The right to obtain and reuse for personal use the information we have about you;
- The right to object to certain uses (e.g., for marketing purposes); and
- The right not to be subject to an automatic decision that would have legal consequences for you.
If you wish to obtain the information we hold about you or exercise any of the above rights, please send your request by e-mail, together with proof of identity, to [email protected]; specifying the type of information you wish to receive.
The Site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to one of these websites, please note that they have their own privacy policies for which we cannot be responsible. We advise you to check the rules applied before submitting personal data to these websites
VI. The obligation to notify personal data breaches to the supervisory authority and to data subjects
In accordance with Article 4.12 of the General Data Protection Regulation (GDPR), we define a personal data breach as any breach of security resulting in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to personal data transmitted, stored or otherwise processed.
1 – Notification of data breaches to the supervisory authority
In accordance with Article 33 of the General Data Protection Regulation (GDPR), in the event of a breach of our users’ personal data, the Website manager is obliged to notify the French National Commission for Information Technology and Civil Liberties (CNIL) as soon as possible, i.e. within 72 hours of becoming aware of the breach.
If all the details of the security incident are not available within 72 hours of the personal data breach, the Website manager will inform the supervisory authority (the CNIL) as part of its initial notification, and will communicate all the information relating to the incident in a staggered manner without further undue delay.
In accordance with Article 33.1 of the General Data Protection Regulation (GDPR), when the notification to the supervisory authority does not take place within 72 hours, the Website manager will be obliged to accompany it with reasons for the delay.
In accordance with Article 33.5 of the General Data Protection Regulation (GDPR), the Website manager will document any personal data breach, indicating the facts concerning the personal data breach, its effects and the measures taken to remedy it. This documentation will enable the supervisory authority to verify compliance with Article 33.5 of the General Data Protection Regulation (GDPR).
As stated in Article 33.5 of the General Data Protection Regulation (GDPR), the Website manager will establish a register in which it will specify the information concerning the violation, including the causes, the facts, the personal data concerned as well as the measures taken by the Website manager to remedy the violation.
2 – Notification of data breaches to data subjects and processors
In accordance with Article 34 of the General Data Protection Regulation (GDPR), the Website manager is obliged to communicate the personal data breach to the data subjects as soon as possible, when the data breach is likely to result in a high risk to the rights and freedoms of a natural person.
In accordance with the group of Article 29 of the General Data Protection Regulation (GDPR), the risk assessment will take into account the following criteria: the type of breach, the nature, sensitivity and volume of the personal data, the ease of identification of the data subjects, the severity of the consequences for the data subjects, the particular characteristics of the data subjects, the number of data subjects.
In accordance with Article 34.2 of the General Data Protection Regulation (GDPR), the Website manager will communicate the following to the data subjects:
The name and contact details of the Data Protection Officer or other point of contact from whom further information can be obtained ;
A description of the likely consequences of the personal data breach;
A description of the measures taken or proposed to be taken by the controller to remedy the personal data breach, including, where appropriate, measures to mitigate any negative consequences.
As for subcontractors, or any other partner of the Website processing the personal data of its users, in accordance with Article 28.3 of the General Data Protection Regulation (GDPR), they must assist the Website manager in ensuring compliance with the notification obligation, taking into account the nature of the processing and the information available to the subcontractor.
The Website’s manager is obliged to notify the subcontractors and partners of the personal data breach as soon as possible, i.e. no later than 72 hours after becoming aware of it.