Privacy policy - Atelier Despré

Young woman holding a white smartphone illustrating Atelier Despré's privacy policy

Atelier Despré is concerned about the protection of its Users' personal data. This Application collects certain personal data from its Users. Read our privacy policy.

This document can be printed out for viewing using the print command in any browser settings

Owner and Data Controller

https://atelierdespre.com est édité et diffusé par la micro-entreprise de Mme S. Salvi
Siège social : 6 rue d’Armaillé, 75017 Paris
Immatriculée au répertoire des métiers de Paris sous le numéro: 911 682 748
SIRET: 911 682 748 00018
Code APE: 3299Z

Contact the owner:

Online form: https://atelierdespre.com/contact/
Mail: hello@atelierdespre.com
Mail: Atelier Despré, Ms S. Salvi, 6 rue d'Armaillé, 75017 Paris (France)

Types of data collected

The owner does not provide a list of the types of Personal Data collected.

Full details of each type of Personal Data collected are provided in the sections of this Privacy Policy or by specific explanatory texts published prior to the collection of the Data.
Personal Data may be freely provided by the User, or, in the case of Usage Data, collected automatically when you use this Application.

Unless otherwise specified, all Data requested by this Application are mandatory and their absence may make it impossible for this Application to provide the Services. In the event that this Application specifies that certain Data is not mandatory, Users are free not to provide such Data without affecting the availability or operation of the Service.

Users who have any doubts about the mandatory Personal Data are invited to contact the Owner via the contact form or by e-mail at hello@atelierdespre.com.

Any use of Cookies - or other tracking tools - by this Application or by the owners of third party services used by this Application is for the purpose of providing the Service requested by the User, in addition to the other purposes described in this document and in the Cookie Policy, if available.

Users are responsible for any third party Personal Data obtained, published or communicated through this Application and confirm that they obtain the consent of the third party to provide the Data to the Owner.

How and where the Data is processed

Treatment methods

The Owner takes appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of the Data.
The Data is processed using computers or IT tools, following procedures and organisational methods closely related to the purposes indicated. In addition to the Owner, the Data may be accessible, in certain cases, to certain categories of persons in charge of the operation of this Application (administration, sales, marketing, legal department, system administration) or to external parties (such as third party technical service providers, courier services, hosting providers, IT companies, communication agencies) designated, if applicable, as Subcontractors by the Owner. An updated list of these parties may be requested from the Owner at any time.

Legal basis of the processing

The Owner may process Personal Data relating to Users if any of the following conditions apply:

Users have given their consent for one or more specific purposes; Note: Under certain laws, the Owner may be allowed to process Personal Data until the User objects ("opt-out"), without having to rely on consent or any of the following legal bases. However, this condition does not apply where the processing of Personal Data is subject to European data protection law;
the provision of Data is necessary for the performance of an agreement with the User or for any pre-contractual obligation of the User;
processing is necessary to comply with a legal obligation to which the Owner is subject;
the processing is related to a task carried out in the public interest or in the exercise of official authority vested in the Owner;
the processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.

In any case, the Owner will be happy to help you clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a legal or contractual requirement, or a requirement necessary to conclude a contract.

Place of treatment

The Data is processed at the Owner's headquarters and at all other locations where the parties responsible for processing are located.

Depending on the location of the User, data transfers may involve the transfer of the User's Data to a country other than their own. To find out more about where such transferred Data is processed, Users can consult the section containing details on the processing of Personal Data.

Users also have the right to know the legal basis for transfers of Data to a country outside the European Union or to any international organisation governed by public international law or established by two or more countries, such as the United Nations, and the security measures taken by the Owner to safeguard their Data.

If such a transfer takes place, Users can find out more by consulting the relevant sections of this document or by contacting the Owner using the information provided in the contact section.

Storage time

Personal Data is processed and stored for as long as required for the purpose for which it was collected.

Therefore :

Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until the contract is fully performed.
Personal Data collected for the Owner's legitimate interests shall be retained for as long as necessary to achieve those purposes. Users can find specific information about the legitimate interests pursued by the Owner in the relevant sections of this document or by contacting the Owner.

The Owner may be allowed to retain Personal Data for a longer period of time whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period of time whenever this is required for the performance of a legal obligation or by order of an authority.

Once the retention period has expired, the Personal Data will be deleted. Therefore, the right of access, the right of erasure, the right of rectification and the right to data portability cannot be applied after the retention period has expired.

Users' rights

Users may exercise certain rights regarding their Data processed by the Owner.

In particular, Users have the right to do the following:

Withdraw their consent at any time. Users have the right to withdraw their consent if they have already given their consent to the processing of their Personal Data.
To object to the processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent. Details are added in the relevant section below.
Access to their Data. Users have the right to know whether the Data is being processed by the Owner, to obtain information on certain aspects of the processing and to obtain a copy of the Data being processed.
Verify and obtain rectification. Users have the right to verify the accuracy of their Data and to request that it be updated or corrected.
Limit the processing of their Data. Users have the right, under certain conditions, to limit the processing of their Data. In this case, the Owner will only process their Data for storage purposes.
Have their Personal Data deleted or erased. Users have the right, under certain conditions, to obtain the deletion of their Data from the Owner.
To retrieve their Data and transfer it to another controller. Users have the right to retrieve their Data in a structured, commonly used and machine-readable format and, if technically possible, to transfer it to another data controller without any obstacles. This provision applies, provided that the Data is processed by automated means and that the processing is based on the User's consent, on a contract to which the User is a party or on pre-contractual obligations.
Filing a complaint. Users have the right to lodge a complaint with their competent data protection authority.

Information on the right to object to processing

When Personal Data is processed in the public interest, in the exercise of an official authority vested in the Owner or for the purposes of the legitimate interests pursued by the Owner, Users may object to such processing by providing a reason related to their particular situation that should justify such objection.

Users should be aware, however, that if their Personal Data is processed for direct marketing purposes, they may object to such processing at any time without any justification. To find out whether the Owner processes Personal Data for direct marketing purposes, Users can refer to the relevant sections of this document.

How to exercise these rights

Any request to exercise the User's rights can be addressed to the Owner using the contact details provided in this document. These requests can be made free of charge and will be considered by the Owner as soon as possible and always within one month.

Further information on data processing and collection

Legal action

The User's Personal Data may be used for legal purposes by the Owner in court or in steps that may lead to legal action resulting from improper use of this Application or related Services.
The User is aware that the Owner may be required to disclose Personal Data at the request of public authorities.

Additional information about the User's Personal Data

In addition to the information contained in this Privacy Policy, this Application may provide the User with additional information and contextual information regarding particular services or the collection and processing of Personal Data.

System logs and maintenance

For operational and maintenance purposes, this Application and any third party services may collect files that record interactions with this Application (system logs) or use other Personal Data (such as IP address) for this purpose.

Information not included in this policy

Further information regarding the collection or processing of Personal Data may be requested from the Owner at any time. Please refer to the contact information at the beginning of this document.

How "Do Not Track" requests are handled

This Application does not support "Do Not Track" requests.
Please refer to the privacy policy of third party services to determine whether or not they accept "Do Not Track" requests.

Changes to this Privacy Policy

The Owner reserves the right to make changes to this Privacy Policy at any time by notifying its Users on this page and possibly in this Application or - to the extent that it is technically and legally possible - by sending a notice to Users via the contact details available to the Owner. It is strongly recommended to consult this page frequently, referring to the date of the last modification indicated at the bottom.

If the changes affect the processing activities carried out on the basis of the User's consent, the Owner must obtain a new consent from the User where necessary.

Definitions and legal references

Personal data (or Data)

Any information which, directly, indirectly or in combination with other information - including a personal identification number - allows the identification or identifiability of a natural person.

Usage data

Information collected automatically by this Application (or by third party services employed by this Application), which may include the IP addresses or domain names of computers used by Users who use this Application, URI (Uniform Resource Identifier) addresses, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server response (successful, error, etc.), the country of origin, the characteristics of the browser and operating system used by the User, various time details per visit (e.g., time spent on each page in the Application), and details of the time spent by the User on each page in the Application.), the country of origin, the characteristics of the browser and operating system used by the User, the various time details per visit (e.g. time spent on each page in the Application) and path details in the Application with special reference to the sequence of pages visited, and other parameters relating to the User's operating system or computer environment.

User

The person using this Application which, unless otherwise specified, is the Data Subject.

Person concerned

The natural person to whom the Personal Data refers.

Sub-processor (or Data Controller)

The natural or legal person, public authority, institution or other body that processes Personal Data on behalf of the Controller as described in this Privacy Policy.

Data controller (or owner)

The natural or legal person, public authority, institution or any other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including security measures concerning the operation and use of this Application. Unless otherwise stated, the Controller is the Owner of this Application.

This Application

The means by which the User's Personal Data is collected and processed.

Service

The service provided by this Application as described in the relevant terms and conditions (if any) and on this website/application.

European Union (or EU)

Unless otherwise stated, all references in this document to the European Union include all current Member States of the European Union and the European Economic Area.

Legal information

This privacy policy has been prepared in compliance with the provisions of several pieces of legislation, including Article 13/14 of the European Regulation 2016/679 (General Data Protection Regulation).

This privacy policy applies only to this Application, unless otherwise stated in this document.

Last update: 6 April 2022