Legal notices, privacy policy & T & Cs

1. Legal notices

01 Editor

SAS GUEBERT with capital of € 10000,00

ADDRESS: 302 rue Garibaldi, 69007 Lyon

SIRET 90031843700010 - RCS Lyon under number 900 318 437

Intra-community VAT number FR 23900318437

Contact : contact@byjo.fr

02 Director of publication

Orlane Guétat, President

Julie Lambert, Executive Director

03 Accommodation

This site and its databases are hosted at 2 rue Kellermann - 59100 Roubaix on the servers of OVH SAS.

All the necessary security measures are provided by the hosts.

 

Site created by Mégane MEYER - Contact: meyer.megane@icloud.com

2. Privacy policy

Objective and scope of the Policy

GUEBERT attaches the greatest importance and the greatest care to the protection of privacy and personal data, as well as to compliance with the provisions of applicable law. 

Regulation (EU) 2016/679 of April 27, 2016 on the protection of individuals with regard to the Processing of Personal Data and on the free movement of such Data (hereinafter “GDPR”) states that the Data of a personal nature must be treated in a lawful, fair, and transparent manner. Thus, this privacy policy (hereinafter the "Policy") aims to provide you with simple, clear information on the Processing of Personal Data concerning you, in the context of your browsing and operations carried out on our site. Internet. 

Data Controller

As part of your activity on the site www.byjo.fr, we collect and use Personal Data relating to you, natural persons (hereinafter “Data Subject”). 

For all Processing, GUEBERT, [SAS, n ° 900 318 437 at RCS, with capital of € 10, having its registered office at 000,00 rue Garibaldi, 302 Lyon], determines the means and purposes of the Processing. . Thus, we act as Data Controller, within the meaning of the Regulations on Personal Data, and in particular of Regulation (EU) 69007/2016 on the protection of individuals with regard to the Processing of Personal Data. personal data and the free movement of such Data. 

What Personal Data do we collect and how?

By using our website, you send us a certain amount of information about yourself, some of which may identify you ("Personal data"). This is the case when you browse our site, when you fill out online forms, or when you make a purchase. 

The nature and quality of the Personal Data collected about you vary depending on the relationship you have with GUEBERT, the main ones of which are: 

  • Identification data : this includes all the information that allows us to identify you, such as your last name, first name, telephone number. We are also required to collect your email address, as well as your postal address (in the event of payment, the postal address will be required to generate an invoice). In the event of a subscription, proof of identity may also be requested. 
  • Login details : this is all the information we need to access your personal account, such as the password, and other information needed to authenticate and access an account. We also collect your IP address for maintenance and statistical purposes. 
  • Financial datas : this corresponds to Bank data such as a RIB. 
  • Information about your browsing : by browsing our website, you interact with it. Consequently, certain information relating to your browsing is collected. 
  • Data collected from third parties : Personal Data that you have agreed to share with us or on publicly accessible social networks and / or that we may collect from other publicly accessible databases. 

Why do we collect your Personal Data and how?

We collect your Personal Data for specific purposes and on different legal grounds. 

As part of the execution of the contract or pre-contractual measures, your Data is processed for the following purposes:

  • Management of orders, purchases; 
  • Management of loyalty programs 
  • Management of your customer account; 
  • Management of complaints and after-sales service;
  • Participation in our contests.

Based on your consent, your Data is processed for the following purposes: 

  • Carrying out sales prospecting and marketing operations;
  • Transmission of your Data to our business partners;
  • Newsletter management;
  • Management of cookies requiring your consent.

As part of GUEBERT's legitimate interest, your Data is processed for the following purposes: 

  • Establishment of statistics for the improvement of products and services;
  • Carrying out satisfaction surveys and surveys;
  • Management of pre-litigation and litigation;

Within the framework of the legal and regulatory obligations to which GUEBERT is subject, your Data is processed for the following purposes: 

  • Fight against fraud ;
  • Fight against money laundering and the financing of terrorism; 
  • Keeping of general and auxiliary accounts.

Do we share your Personal Data?

Your Data is intended for authorized GUEBERT employees in charge of the management and execution of contracts and legal obligations, depending on the purposes of the collection and within the limits of their respective attributions.  

They may be transmitted for certain tasks related to the purposes, and within the limits of their respective missions and authorizations, to the following recipients: 

  • Service providers and subcontractors whom we call on to carry out a set of operations and tasks, in our name in particular:
    • Management, execution, processing, payment of your orders
    • Marketing operations: mailing, newsletters
    • Event registration
  • Business partners only when you have expressly consented to it through a checkbox on our Data collection forms;
  • Duly empowered public authorities (judicial, control, etc.), within the framework of our legal and regulatory obligations;
  • Regulated professions (lawyers, bailiffs, etc…) which can intervene within the framework of the implementation of guarantees, recovery or litigation.

When your Data is communicated to our service providers and subcontractors, they are also asked not to use the Data for purposes other than those initially planned. We make every effort to ensure that these Third Parties preserve the confidentiality and security of your Data. 

In all cases, only the necessary Data are provided. We make every effort to ensure secure communication or transmission of your Data. 

We do not sell your Data. 

Are your personal data transferred to third countries?

GUEBERT strives to keep Personal Data in France, or at least within the European Economic Area (EEA). 

However, the Data we collect when you use our platform or as part of our services may be transferred to other countries. This is the case, for example, if some of our service providers are located outside the European Economic Area. 

In the event of a Transfer of this type, we guarantee that it is carried out: 

  • Towards a country ensuring an adequate level of protection, that is to say a level of protection equivalent to what European regulations require; 
  • Within the framework of standard contractual clauses; 
  • Within the framework of internal company rules.

How long do we keep your Personal Data?

We keep your Personal Data only for the time necessary to fulfill the purpose for which we hold the Data, in order to meet your needs or to fulfill our legal obligations. 

The retention periods vary depending on several factors, such as: 

  • The needs of GUEBERT's activities;
  • Contractual requirements;
  • Legal obligations;
  • The recommendations of the supervisory authorities.

The retention periods for your Data are as follows: 

  • 10 years for all accounting data;
  • 3 years for all customer / prospecting data;
  • 13 months for all cookies deposited;
  • 25 months for all data from cookies deposited;
  • 3 years for all after-sales service data with the exception of data related to the legal prescription in matters of defective products and litigation;
  • 5 years for all the data from the competitions.

How do we ensure the security of your Personal Data?

GUEBERT undertakes to protect the Personal Data that we collect, or what we process, against loss, destruction, alteration, access or unauthorized disclosure. 

Thus, we implement all the appropriate technical and organizational measures, depending on the nature of the Data and the risks that their Processing entails. These measures must make it possible to preserve the security and confidentiality of your Personal Data. They may include practices such as limited access to Personal Data by authorized persons, due to their functions, pseudonymization or even encryption. 

In addition, our practices and policies and / or physical and / or logical security measures (secure access, authentication process, backup copy, software, etc.) are regularly checked and updated if necessary.

What are your rights?

The GDPR provides Data Subjects with rights that they can exercise. Thus are provided: 

  • Right to information : the right to have clear, precise and complete information on the use of Personal Data by GUEBERT. 
  • Permission to access : the right to obtain a copy of the Personal Data that the Data Controller holds on the requester.
  • Right of rectification : the right to have Personal Data rectified if they are inaccurate or obsolete and / or to complete them if they are incomplete.
  • Right to erasure / right to be forgotten : the right, under certain conditions, to have the Data erased or deleted, unless GUEBERT has a legitimate interest in keeping them.
  • Right of opposition : the right to oppose the Processing of Personal Data by GUEBERT for reasons relating to the particular situation of the applicant (under conditions). 
  • Right to withdraw consent : the right at any time to withdraw the Consent when the Processing is based on the Consent.
  • Right to restriction of Processing : the right, under certain conditions, to request that the Processing of Personal Data be temporarily suspended.  
  • Right to data portability : the right to request that Personal Data be transmitted in a re-usable format allowing them to be used in another Database.
  • Right not to be the subject of an automated decision : the right for the applicant to refuse fully authorized decision-making and / or to exercise the additional guarantees offered in this matter. 
  • Right to set post-mortem guidelines : the right for the applicant to define guidelines relating to the fate of Personal Data after his death.

Additional rights may be granted by local regulations to Data Subjects. 

To exercise your rights, you can contact the Data Protection Officer: 

When you send us a request to exercise Rights, you are asked to specify as much as possible the scope of the request, the type of right exercised, the Processing of Personal Data concerned, and any other useful element, in order to facilitate the examination of your request. In addition, in the event of reasonable doubt, you may be asked to prove your identity.

You also have the right to contact the National Commission for Computing and Liberties (CNIL), 3 Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07, with any complaint relating to the way in which GUEBERT collects and processes your data.

Updating this Policy

This Policy may be regularly updated to take into account changes in the Regulations relating to Personal Data. 

Date of last update: 24 / 06 / 2021