Personal Data Protection
The website www.patou.com (the"Website") is published byJean Patou, French SAS, which has its registered office at 24-32 rue Jean Goujon, 75008 Paris, and is registered with the Paris Trade and Companies Register under number 831242359 (hereinafter "PATOU", "We" or “Us”).
PATOU places the highest priority and takes the utmost care to protect the privacy and Personal Data of its Website users.
For more information about how We handle your product orders placed through the Website (the "Orders"), please refer to the PATOU General Terms and Conditions of Sale.
1. What is a "personal data"?
Personal Data refers to any information or pieces of information that could identify You either directly (e.g. your name, surname) or indirectly (e.g. through pseudonymised data, such as a unique ID number). This means that Personal Data includes information such as: email, home address, purchase history, personal preferences and shopping habits. It may also include unique identifiers like order reference, client number, your computer’s IP address or your device’s MAC address or data regarding your navigation on our Website.
2. Who is the Data Controller responsible of the protection of your Personal Data?
The Data Controller is the entity that determines the purposes and means of the processing of your Personal Data and is responsible to You for compliance with data protection regulations.
As regards tothe Website management, PATOU (whose contact information is provided below) acts as the Controller.
PATOU has appointed a Data Protection Officer (DPO) who is your designated contact person for any issues related to PATOU's processing of your Personal Data. The Data Protection Officer may be reached:
In the specific context ofhandling your Orders, please be aware that certain PATOU’s service providers that receive your Personal Data may act as Data Controllers: this is specifically the case for parcel delivery services (DHL, C-log) and service providers that handle payment and fraud management (Adyen, PayPal, Flow.Io, Forter).
3. Why and how do We use the Personal Data that We collect?
3.1 How do We collect your Personal Data?
We collect your Personal Data as follows:
3.2 What data do we collect?
PATOU collects several types of Personal Data about You:
Personal Data that We collect directly from You
We collect Personal Data that You provide directly when You use our Website and our services.
This is specifically the case when You:
The categories of Personal Data that We collect include:
The Data that We request from You, which is essential to respond to your requests, are identified with an asterisk or an equivalent method on the data collection form. If You do not complete the mandatory fields or fail to provide the information marked as mandatory, We will not be able to respond to your requests or process your Orders.
Personal Data that We collect automatically
We automatically collect certain Data about You when You access or use the Website, specifically:
Personal Data that We collect indirectly from third parties
We may also obtain Personal Data about You from other sources and combine it with the Data We already have about You, such as
Personal Data about other data subjects
In some cases, We may also collect Personal Data that You supply about other persons, when You decide to purchase and send products to someone. We only use this Personal Data to respond to your requests, and do not send marketing communications to your contacts unless they elect to receive communications from Us.
3.3On what legal grounds and for which purposes do We use the Data that We collect?
In accordance with current personal data protection regulations, We only collect Personal Data when We have a legal basis to do so.
Personal Data is collected either:
(i) based on your consent,
(ii) as part of the performance of a contract,
(iii) in our legitimate interest, or
(iv) to meet our legal obligations.
(i) We collect Personal Data based on your consent, for the following purposes:
(ii)We collect Personal Databased ontheperformance of a contract,for the following purposes:
(iii) Wecollect Personal Databased on our legitimate interest,for the following purposes:
(iv)We collect Personal Databased on legal obligations, for the purpose of complying with applicable laws:
In this respect, We store transactions history and any other commercial documents for legal and administrative reasons (accountability, tax, legal or commercial warranties, insurance, audit, etc.).
3.4Who has access to your Data?
Your Data is processed by PATOU for the purposes described above and are only accessible to PATOU personnel who need to know it to perform their duties.
Certain third parties may also have access to your Data, specifically:
(i) our subcontractors and service providersacting for technical and logistical reasons (logistics specialists, carriers, Website hosting and maintenance providers, payment and fraud management service providers, technical service providers responsible for sending e-mails and newsletters, customer service center, etc.);
(iii) any third-party company in the event of PATOU’s restructuring, which may acquire all or part of PATOU or merge with our company;
(iv) any authority, court or other third partywhen disclosure is required by law, regulations or a judicial decision, or if such disclosure is necessary to protect and defend our rights.
3.5 Is any Personal Data transferred outside of the European Economic Area?
Although our company is located in France, We rely on certain service providers, which are located abroad or which themselves rely on processors located abroad, including outside of the European Economic Area (EEA) in countries where personal data protection laws differ from those that apply in the EEA. Any transfer of your Data outside of the EEA takes place with appropriate contractual safeguards in place that comply with applicable personal data protection regulations.
3.6How long do We store your Data?
Data is stored as long as required for the purpose for which it was collected and, in any case, will be destroyed at the end of such period.
In general, your Data is stored for the entireterm of our relationship, then for a 3-year period following termination of our relationship(which typically corresponds to the date of your last Order via the Website, the date your customer account is closed or the date of our last contact with You). The Data is then either (i) archived when necessary for accounting or documentation purposes for the applicable statutory limitation period (generally up to 10 years) then destroyed or anonymized once the limitation periods have expired or (ii) if there is no archive, immediately deleted or anonymized.
By way of exception, We may store your Data for shorter or longer periods.
Please see the table below for additional details about these periods.
|Purpose||Applicable data categories||Period of storage before erasure|
Customer Orders management
Identification and payment data
Identification and order data: duration of the processing of the Order until delivery + warranty period, then purchase-related data is archived for up to 10 years for accounting or documentation purposes
Payment data: duration of transaction and any necessary verifications.
In the event of a payment irregularity: for the duration of the payment irregularity, then for a 3 to 5-year period depending on the seriousness of the irregularity
Customer relationship management
Purchase history, communications between You and Us, opinions posted on the Website, customer account
Duration of relationship + 3 years
Then Purchase history Data is archived for up to 10 years for accounting or documentation purposes; other Data is either deleted or anonymized.
Sending our newsletter/commercial solicitation
Information concerning your e-mail address and your options regarding electronic solicitation
3 years from the most recent Order or from last contact with You, or earlier if You wish to unsubscribe before the end of this period.
Then, the Data will be destroyed or anonymized, unless You reiterate your desire to receive our offers and newsletters
Customization of the Website
Data collected using customization cookies category (information about your browsing)
13 months and then the Data is anonymized
Measure and enhance performance of the Website
Data collected using performance cookies category (count visits and traffic sources, various indicators to measure effectiveness of campaigns, etc.)
13 months and then the Data is anonymized
Data collected using targeting and tracking cookies category and other trackers (information about your habits and preferences, social media interactions)
13 months and then the Data is anonymized.
Duration of the sweepstake (or longer if provided by the applicable T&Cs)
Security of the Website and services
Technical information of your device (IP address, device type, browser ID, etc.)
6 months then the Data is either deleted or anonymized.
Data concerning the dispute/complaint
If no court action is filed, based on the applicable statutory limitation period: up to 5 years from the event
In the event of a court action: duration of proceedings through full enforcement of the legal decision or settlement agreement
Identification data, professional data, CV
2 years after the last contact
4. What are your data protection rights?
Access, rectification and portability
In accordance with current regulations, You have the right to access your Personal Data and request correction of Your Personal Data should they be inaccurate. You also have the right to request that the Personal Data in our possession be completed.
To respond to your request, We may ask You to provide Us with a proof of identity. We may also need to ask You for additional information or supporting documents to respond to your request. We will make every effort to respond to your request as soon as possible.
You may, to the extent provided for by law, exercise yourright to Data portabilitywhich allows You to retrieve, in an interoperable format, the Personal Data that You provided to Us.
Right to erasure of your Data and to limitation of the processing of your Data
You may request erasure of your Personal Data if:
Alternatively, to the extent provided for by law, You may request limitation of the processing of your Data.
Please note that despite the exercise of your right to erasure or processing limitation, We will store some of Your Personal Data when the law requires or authorizes Us to do so, when We have a legitimate reason to do so (for example, to prove performance of a contract) or to exercise or defend our rights in court. For example, if We consider that You have violated our General Terms and Conditions of Use or our General Terms and Conditions of Sale.
Right to establish instructions for the management of your Personal Data after your death
For France and when mandatory local provisions so provide, You may determine how You want Us to handle your Personal Data upon your death.
Procedure to exercise your Data protection rights
If You already have a customer account, You may exercise your right to access, rectification and/or erasure of your Data by accessing your account.
In all other cases, You may contact Us directly at email@example.com.
For any questions related to your rights and the processing of your Data, please contact Us at firstname.lastname@example.org.
5.How is your Personal Data secured?
PATOU uses technical and organizational measures that comply with French and EU legal and regulatory requirements, to keep your Data secure and confidential.
Under written agreements, PATOU requires its service providers and processors to provide safeguards and implement sufficient security measures to protect the Personal Data they have agreed to process, in accordance with applicable requirements under personal data protection laws.
However, PATOU does not control all risks related to the operation of the Internet and draws your attention to the inherent risks of using any website.
6. Protection of minors
Our Website is not intended for children. We do not knowingly collect information about children, unless it is permitted by law.
You must be at least 13 years of age to share your Data with Us. If We are notified that a minor under 13 years of age has submitted Data to Us, We reserve the right to immediately delete such Data and any associated account.
If You are more than 13 but less than the legal age of consent in your country, You hereby recognize and warrant that You have your parents’ or legal guardian’s consent to use this Website and provide your Data to Us.
7. Cookies, Advertising and Tracking
Cookies. A "cookie" is a text file that may be stored in a dedicated location on the hard drive of your device (computer, tablet, smartphone, etc.) when You visit the Website. A cookie enables the originator (Us or our service providers – specifically Google Analytics) to identify and recognize the terminal in which it is stored, throughout the cookie's validity or storage period, each time You will re connect to the Website
Disabling Cookies.You can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell You how to prevent your computer from accepting new cookies, how to have the browser notify You when You receive a new cookie, or how to disable cookies altogether. Our cookie management tool
also allow You to manage the categories of cookies you may accept or not depending on the specific purposes of each type of cookies. Some cookies are absolutely necessary to the operation of the Website and cannot be deactivated.
Clear GIFs, pixel tags and other technologies.Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs (also referred to as webbeacons, web bugs or pixel tags), in connection with our Website.
Log files.Most browsers collect certain information, such as your IP address, device type, screen resolution, operating system version and internet browser type and version for security of the Website purposes. This information is gathered automatically and stored in log files in our systems.
Cookies and other tracking mechanisms (collectively “Cookies”) gather information about You, your preferences or your device.
- help Us understand use of, and to improve, our Website, performance, ad campaigns
- to customize the content of our Website based on your profile and identified interests
- to display, directly or through business partners, more relevant advertising based on your profile and identified interests.
More Info and Choices.For more information about the type of Cookies present on our Website, please refer to our cookie management tool policy.
You may also obtain more information about targeted or “interest-based advertising” at the industry websites below:
Interest based advertising, Custom Audience and matching
We may disclose certain information (such as your email address) to third parties – such as Facebook, Instagram, etc. – so that we can better target our ads and content on these third parties’ platforms or networks to others persons with whom You share similar interests.
8. Third party websites
9.How can You contact Us if You have queries or complaints?
If You have a complaint about the way We collect and process your Data, You also have the right to contact theCommission Nationale de l’Informatique et des Libertés(French data protection authority) (CNIL), 3 Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07, Tel: 01 53 73 22 22, or if You live within the European Economic Area, your local data protection authority.
The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.
This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
You can at any time change or withdraw your consent using the Cookie Settings button below.
Your consent applies to the following domains: www.patou.com