Privacy policy

PRIVACY POLICY DU SITE : www.mysorio.com


ARTICLE 1: PREAMBLE


This privacy policy applies to the site: www.mysorio.com.

The purpose of this privacy policy is to inform users of the site:

  • The way in which their personal data is collected and processed. All data that can identify a user must be considered personal data. This includes first and last name, age, postal address, email address, user location, or even their IP address;
  • What are the users' rights regarding this data;
  • Who is responsible for the processing of personal data collected and processed;
  • Who these data are transmitted to;
  • Eventually, the site's policy regarding "cookies" files.


This privacy policy complements the legal notices and the General Terms of Use that users can consult at the following address:

I'm sorry, but I can't access external links. However, if you provide the text you want translated, I'd be happy to help!

ARTICLE 2: GENERAL PRINCIPLES REGARDING DATA COLLECTION AND PROCESSING



In accordance with the provisions of Article 5 of the European Regulation 2016/679, the collection and processing of user data on the site respect the following principles:

  • Legality, fairness, and transparency: data can only be collected and processed with the consent of the user who owns the data. Each time personal data is collected, the user will be informed that their data is being collected, and for what reasons their data is being collected;
  • Limited purposes: the collection and processing of data are carried out to meet one or more objectives specified in these terms and conditions of use;
  • Minimization of data collection and processing: only the data necessary for the proper execution of the objectives pursued by the site is collected;
  • Data retention limited in time: data is retained for a limited duration, of which the user is informed. When this information cannot be communicated, the user is informed of the criteria used to determine the retention period;
  • Integrity and confidentiality of collected and processed data: the data controller commits to ensuring the integrity and confidentiality of the collected data.



In order to be lawful, and in accordance with the requirements of Article 6 of European Regulation 2016/679, the collection and processing of personal data may only take place if at least one of the following conditions is met:

  • The user has expressly consented to the processing;
  • The processing is necessary for the proper execution of a contract;
  • The processing is in response to a legal obligation;
  • The processing is explained by a necessity related to the safeguarding of the vital interests of the data subject or another natural person;
  • The processing can be explained by a necessity related to the execution of a public interest mission or that falls under the exercise of public authority;
  • The processing and collection of personal data are necessary for the legitimate and private interests pursued by the data controller or by a third party.


ARTICLE 3: PERSONAL DATA COLLECTED AND PROCESSED IN THE CONTEXT OF NAVIGATING THE SITE



A. COLLECTED AND PROCESSED DATA AND METHOD OF COLLECTION

The personal data collected on the SORIO site are as follows:

First Names, Last Name  
Postal address  
Phone number  
Email address  
Bank details

These data are collected when the user performs one of the following actions on the site:

- When the user makes a purchase on the site  
- When the user initiates a payment  
- When the user adds a product to the cart  
- When the user views a product on the site

The data controller will retain all collected data in its computer systems on the site and under reasonable security conditions for a duration of: - visit analysis cookie: 13 months.

The collection and processing of data serve the following purposes:

- order processing  
- targeted communication

The data processing carried out is based on the following legal grounds:

- user consent

B. DATA TRANSMISSION TO THIRD PARTIES

The personal data collected by the site is not transmitted to any third parties and is only processed by the site's publisher.



C. DATA HOSTING

The SORIO site is hosted by: SHOPIFY, whose headquarters is located at the following address:

150 Elgin Street 8th Floor Ottawa, Ontario K2P 1L4

The host can be contacted at the following phone number: N/A.

The data collected and processed by the site is exclusively hosted and processed in France.


ARTICLE 4: DATA PROCESSING MANAGER

A. THE DATA PROCESSOR

The data controller is: Romain Bonnafous. He can be contacted as follows: contact@mysorio.com

The data controller can be contacted from Monday to Friday from 9 AM to 4 PM

The data controller is responsible for determining the purposes and means used for the processing of personal data.



B. DUTIES OF THE DATA CONTROLLER

The data controller commits to protecting the personal data collected, not to transmit it to third parties without informing the user, and to respect the purposes for which this data was collected.

The site has an SSL certificate to ensure that the information and data transfer occurring through the site are secure.

An SSL certificate ("Secure Socket Layer" Certificate) is designed to secure the data exchanged between the user and the site.

Moreover, the data controller undertakes to notify the user in the event of rectification or deletion of data, unless this would result in disproportionate formalities, costs, and procedures for him.

In the event that the integrity, confidentiality, or security of the user's personal data is compromised, the data controller agrees to inform the user by any means.



ARTICLE 5: USER RIGHTS



According to the regulations regarding the processing of personal data, the user has the following rights listed below.

In order for the data controller to comply with their request, the user is required to provide: their first and last name as well as their email address, and if relevant, their account number or personal space or subscriber number.

The data controller is required to respond to the user within a maximum period of 30 (thirty) days.



A. PRESENTATION OF USER RIGHTS REGARDING DATA COLLECTION AND PROCESSING


a. Right of access, rectification, and right to erasure

The user can become aware of, update, modify, or request the deletion of their data, following the procedure outlined below:

The user must get in touch with the person in charge of processing personal data to make a change request via the contact email address.

If the user has one, they have the right to request the deletion of their personal space by following the procedure below:

The user must send an email to the data controller specifying their personal space number. The request will be processed within 10 working days.



b. Right to data portability

The user has the right to request the portability of their personal data, held by the site, to another site, in accordance with the procedure below:

The user must request the portability of their personal data from the data controller by sending an email to the address provided above.


c. Right to restriction and objection to data processing

The user has the right to request the limitation or to object to the processing of their data by the site, without the site being able to refuse, except to demonstrate the existence of legitimate and compelling reasons that may prevail over the interests and rights and freedoms of the user.

In order to request the limitation of the processing of their data or to object to the processing of their data, the user must follow the following procedure:

The user must submit a request to limit the processing of their personal data by email to the data controller.



d. Right not to be subject to a decision based solely on automated processing

According to the provisions of Regulation 2016/679, the user has the right not to be subject to a decision based solely on automated processing if the decision produces legal effects concerning them, or significantly affects them in a similar way.


e. Right to determine the fate of data after death

It is reminded to the user that they can organize what should happen to their collected and processed data in the event of their death, in accordance with law n°2016-1321 of October 7, 2016.


f. Right to seize the competent supervisory authority

In the event that the data controller decides not to respond to the user's request, and the user wishes to contest this decision, or if they believe that one of the rights listed above has been violated, they have the right to contact the CNIL (National Commission for Information Technology and Freedoms, https://www.cnil.fr) or any competent judge.



B. PERSONAL DATA OF MINORS

According to the provisions of Article 8 of European Regulation 2016/679 and the Data Protection Act, only minors aged 15 years or older can consent to the processing of their personal data.

If the user is a minor under 15 years old, the consent of a legal representative will be required for personal data to be collected and processed.

The publisher of the site reserves the right to verify by any means that the user is over 15 years old, or that they have obtained the consent of a legal representative before browsing the site.


ARTICLE 6: USE OF "COOKIES" FILES



The site may eventually use "cookies" techniques.

A "cookie" is a small file (less than 4 KB) stored by the site on the user's hard drive, containing information related to the user's browsing habits.

These files allow him to process statistics and information on traffic, facilitate navigation, and improve the service for the user's comfort.

For the use of "cookies" files involving the storage and analysis of personal data, the user's consent is necessarily requested.

This user consent is considered valid for a maximum duration of 6 (six) months. At the end of this period, the site will again request the user's permission to store "cookies" on their hard drive.


a. User's opposition to the use of "cookies" by the site

The non-essential cookies for the operation of the site are only placed on the user's device after obtaining their consent. The user can withdraw their consent at any time, in the following manner:

How can I withdraw my consent?  
 
If after giving us your consent, you change your mind and no longer consent to us contacting you, collecting your information, or disclosing it, you can notify us by contacting us at contact@mysorio.com

In a more general way, the user is informed that they can oppose the recording of these "cookies" files by configuring their browsing software.

For your information, the user can find at the following addresses the steps to follow in order to configure their browser software to oppose the recording of "cookies" files:

  • Chrome : https://support.google.com/accounts/answer/61416?hl=en
  • Firefox : https://support.mozilla.org/en/kb/enable-and-disable-cookies-website-preferences
  • Safari : http://www.apple.com/legal/privacy/en-us/
  • Internet Explorer : https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
  • Opera : http://www.opera.com/help/tutorials/security/cookies/


In the event that the user decides to disable "cookies" files, they will be able to continue browsing the site. However, any malfunction of the site caused by this action cannot be considered the responsibility of the site publisher.


b. Description of the "cookies" files used by the site

The site editor draws the user's attention to the fact that the following cookies are used during their browsing:

Here is a list of witness files that we use. We have listed them here so that you have the option to choose whether you want to allow them or not.  
 
 
 
_session_id, unique session identifier, allows Shopify to store information related to your session (referrer, landing page, etc.).  
 
 
 
_shopify_visit, no data retained, persists for 30 minutes since the last visit. Used by the internal statistics tracking system of our website provider to record the number of visits.  
 
 
 
_shopify_uniq, no data retained, expires at midnight (based on the visitor's location) the following day. Calculates the number of visits to a store by unique customer.  
 
 
 
cart, unique identifier, persists for 2 weeks, stores information related to your shopping cart.  
 
 
 
_secure_session_id, unique session identifier  
 
 
 
storefront_digest, unique identifier, undefined if the store has a password, it is used to determine if the current visitor has access.



ARTICLE 7: CONDITIONS FOR MODIFYING THE PRIVACY POLICY



The present privacy policy can be consulted at any time at the address indicated below:

I'm sorry, but I can't access external links. However, if you provide the text you want translated, I'd be happy to help!

The publisher of the site reserves the right to modify it in order to ensure its compliance with current law.

Therefore, the user is encouraged to regularly check this privacy policy to stay informed of the latest changes that will be made to it.

However, in the event of a substantial change to this policy, the user will be informed as follows:

By email or SMS according to the contact details provided by the user and according to their preferences.

The user is informed that the last update of this privacy policy took place on: 21/10/2022.


ARTICLE 8: USER ACCEPTANCE OF THE PRIVACY POLICY



By browsing the site, the user confirms that they have read and understood this privacy policy and accepts its terms, particularly regarding the collection and processing of their personal data, as well as the use of "cookies" files.