Policies management personal data
DIVABOX, SAS DIVABOX, a simplified joint stock company with a capital of 40,000 Euros, registered with the RCS of AJACCIO under the number 301 242 772 001 37, whose registered office is located at 20090 AJACCIO is responsible for processing the personal data collected on the Site within the meaning of the applicable regulations on personal data and in particular Law No. 78-17 of 6 January 1978 known as "Informatique et Libertés" and EU Regulation 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter "GDPR").
I. Purpose of the Processing :
DIVABOX collects and processes your data in order to:
DIVABOX informs you that you may at any time modify your choices in terms of communications on the Site, via the NEWSLETTER section of your account.
II. Collection of data
We may collect your personal data during :
III. Categories of data collected
In the course of our business we may collect certain data directly from you for the purposes detailed in Section II of this Policy.
The information we may collect from you is as follows :
IV. Legal basis for the processing
Order management: the legal basis of the processing is the performance of a contract (see Article 6.1.b) of the European Data Protection Regulation).
Sending newsletters, commercial solicitations by e-mail on products similar to those ordered by customers: the legal basis of the processing is the legitimate interest of the company (Cf. article 6.1.f) of the European Data Protection Regulation), i.e. to promote our products to our customers.
Sending newsletters, commercial solicitations by e-mail about other products offered by DIVABOX to customers: the legal basis of the processing is consent (Cf. article 6.1.a) of the European Data Protection Regulation), as required by article L. 34-5 of the French Postal and Electronic Communications Code.
Sending newsletters, commercial solicitations by email to non-customers: the legal basis of the processing is consent (Cf. article 6.1.a) of the European Data Protection Regulation), as required by article L. 34-5 of the French Post and Electronic Communications Code.
V. Who are the recipients of your personal data ?
Your personal data is processed by DIVABOX staff. We ensure that only authorised persons within DIVABOX can access your personal data when this is necessary for the purposes of managing our business relationship or our legal obligations.
We may also disclose your personal data to subcontractors such as:
DIVABOX may also communicate your data to third parties to comply with legal, regulatory or contractual obligations, or to respond to requests from the legally authorised authorities.
VI. Duration of data retention
Data required for order management and invoicing: for the entire duration of the business relationship and ten (10) years for accounting purposes.
Data required for customer loyalty actions and prospecting: for the entire duration of the commercial relationship and three (3) years from the last purchase.
Data relating to means of payment: this data is not kept by DIVABOX; it is collected during the transaction and is immediately deleted as soon as the purchase is paid for.
Data necessary for the implementation of loyalty actions and canvassing for non-customers: three (3) years from the date of subscription to the newsletter.
Data concerning opposition lists to be received from prospecting: three (3) years.
VII. Your rights
If you no longer wish to receive advertising from DIVABOX (exercise of the right of opposition or withdrawal of consent already given), please contact us Contact form.
You can access, rectify or have data concerning you deleted. You also have a right to portability and a right to limit the processing of your data (Consult the cnil.fr website for more information on your rights).
To exercise these rights or if you have any questions about the processing of your data in this system, you can contact our DPO.
Contact our Data Protection Officer by e-mail : [email protected]
Contact our Data Protection Officer by post :
A l’attention du Délégué à la protection des données
20700 AJACCIO CEDEX 9
If, after contacting DIVABOX, you feel that your "Information Technology and Freedom" rights have not been respected, you can make a complaint online to the CNIL.