Privacy Policy

Article 1. Data controller

The data controller is Astrid Bergina, a sole proprietorship registered under SIRET number 87800355700013 and domiciled in Alfortville (94140) – France.

Article 2. Personal data collected

Your data is collected by the company NOTCRISPYENOUGH. Personal data refers to any information relating to an identified or identifiable natural person (data subject); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to a name, an identification number or one or more factors specific to their physical, physiological, genetic, mental, economic, cultural, or social identity.

We collect and process the following personal data about you:

– first and last name

– address

– email address

Only personal data that is strictly necessary for the purposes described below is collected.

Article 3. Purposes of data processing

Personal information that may be collected on the Site is mainly used by the Publisher for:

  • Managing our relationship with you, particularly customer relations;

  • Performing or providing the services subscribed to;

  • Downloading files;

  • Managing billing;

  • Statistics, analyses, and audience measurements;

  • Conduct satisfaction surveys on our services;

  • Improve and optimize the quality of our services and our site;

  • Manage rights and requests to exercise individual rights;

  • Access and use of the Platform by the user;

  • Manage the operation and optimization of the Platform;

  • Provide user support;

  • Verification, identification, and authentication of data transmitted by the user;

  • Personalization of services by displaying advertisements based on the user's browsing history, according to their preferences;

  • Prevention and detection of fraud, malware (malicious software), and management of security incidents;

  • Management of any disputes with users;

  • Sending commercial and advertising information, based on user preferences;

  • Organization of the terms and conditions of use of the Payment Services.

Article 4. Legal basis for data processing

Your personal data is collected and processed on the following legal bases:

On the basis of your consent;

In the context of the performance of a contract;

For legitimate interests;

For the purpose of ensuring compliance with our legal and regulatory obligations.

All data is collected on a mandatory basis in order to fulfill the purposes of the processing. No data is collected on an optional basis.

Article 5. Right to access, rectify, and delete your data

In accordance with the regulations applicable to personal data, users have the following rights:

– the right of access: they may exercise their right of access to find out what personal data is held about them by writing to the email address below. In this case, before implementing this right, the Platform may request proof of the user's identity in order to verify its accuracy;

– the right to rectification: if the personal data held by the Platform is inaccurate, they may request that the information be updated; the right to erasure of data: users may request the erasure of their personal data, in accordance with applicable data protection laws;

– the right to restrict processing: users may request that the Platform restrict the processing of personal data in accordance with the provisions of the GDPR;

– the right to object to data processing: users may object to their data being processed in accordance with the provisions of the GDPR;

– the right to data portability: they may request that the Platform provide them with the personal data they have supplied so that they can transfer it to a new Platform.

You can exercise this right by contacting us by email at: hello@notcrispyenough.com.

All requests must be accompanied by a photocopy of a valid, signed identity document and must include the address at which the publisher can contact the applicant. A response will be sent within one month of receipt of the request. This one-month period may be extended by two months if the complexity of the request and/or the number of requests so require.

In addition, since the enactment of Law No. 2016-1321 of October 7, 2016, individuals who so wish have the option of organizing the fate of their data after their death. For more information on this subject, please visit the CNIL website: https://www.cnil.fr/.

Users may also lodge a complaint with the CNIL on the CNIL website: https://www.cnil.fr.

We recommend that you contact us first before lodging a complaint with the CNIL, as we are at your disposal to resolve your problem.

If you are dissatisfied, you have the right to lodge a complaint with the competent authority: Commission Nationale de l'Informatique et des Libertés (CNIL) 3 Place de Fontenoy TSA 80715 75334 PARIS CEDEX 07 Tel: +33153732222

Article 6. Data retention policy

Your personal data is only kept for the period strictly necessary to fulfill the purposes for which it is collected and processed.

By default:

The customer account accessible via the customer area is not kept for more than three (3) years from the last login;

Your credit card details, when requested, are only kept for the time necessary to complete the transaction;

Connection, browsing, and traffic data are not kept for more than one (1) year.

Your email address is only kept for 10 minutes after you log in or register on the website to access the forum.

Your email address, last name, first name, and phone number are kept for the entire duration of your relationship with the data controller.

Your billing data is kept for 10 years from the date of issue of the invoice.

However, personal data is kept for a longer period in the form of archives when legal and regulatory obligations require us to do so or if this is necessary in view of the applicable statute of limitations, in order to assert our rights, when it is not possible to provide this evidence by other means.

Once your Personal Data is no longer necessary for the purposes or for archiving purposes to meet our legal obligations or for the purposes of the applicable statute of limitations, we will ensure that it is completely destroyed or anonymized.

Article 7. Sharing personal data with third parties

Personal data may be shared with third-party companies exclusively within the European Union, in the following cases:

  • when the user uses payment services, for the implementation of these services, the Platform is in contact with third-party banking and financial companies with which it has entered into contracts; when the user publishes information accessible to the public in the free comment areas of the Platform;

  • when the user authorizes a third-party website to access their data;

  • when the Platform uses the services of providers to provide user support, advertising, and payment services. These providers have limited access to user data in the context of performing these services and are contractually obligated to use it in accordance with the provisions of applicable regulations on the protection of personal data;

  • if required by law, the Platform may transmit data in order to respond to complaints made against the Platform and to comply with administrative and judicial procedures.

The aforementioned data will not be transferred to any country outside the European Union. However, should this be necessary, we undertake to ensure that such transfers are carried out in accordance with the applicable regulations or with regulations offering an adequate and equivalent level of protection.

Article 8. Commercial offers

You may receive commercial offers from the Publisher. If you do not wish to receive them, you can leave the list and unsubscribe by clicking on this link. If, while browsing the Site, you access personal data, you must refrain from collecting, unauthorized use, or any action that may constitute an invasion of privacy or damage to the reputation of individuals. The Publisher declines all responsibility in this regard. Data is stored and used for a period of time in accordance with current legislation.

Article 9. Cookies

What is a “cookie”?

A “cookie” or tracker is an electronic file stored on a device (computer, tablet, smartphone, etc.) and read, for example, when visiting a website, reading an email, installing or using software or a mobile application, regardless of the type of device used (source: https:// www.cnil.fr/fr/cookies-traceurs-quedit-la-loi).

The site may automatically collect standard information. All information collected indirectly will only be used to track the volume, type, and configuration of traffic using this site, to develop its design and layout, for other administrative and planning purposes, and more generally to improve the service we offer you.

Where applicable, cookies from the site publisher and/or third-party companies may be placed on your device, with your consent. In this case, when you first visit this site, a banner explaining the use of cookies will appear. Before continuing to browse the site, the customer and/or prospect must accept or refuse the use of these cookies. The consent given will be valid for a period of thirteen months. The user has the option to disable cookies at any time.

In accordance with the recommendations of the CNIL, the maximum retention period for cookies is thirteen (13) months after they are first placed on the User's device, as is the period of validity of the User's consent to the use of these cookies. The lifetime of cookies is not extended with each visit. The User's consent must therefore be renewed at the end of this period.

Article 10. Photographs and representation of products

The photographs of products accompanying their descriptions are not contractual and do not bind the publisher.

The portrait photographs featured on the website were taken by Astrid Bergina.

These terms and conditions of use of the website are governed by French law and subject to the jurisdiction of the courts of the publisher's registered office, subject to any specific jurisdiction arising from a particular law or regulation.

Article 11. Security measures implemented

As data controller, we take all necessary measures to preserve the security and confidentiality of data and, in particular, to prevent it from being damaged or accessed by unauthorized third parties.

To this end, we implement all technical and organizational measures to ensure an adequate level of security appropriate to the risks. In addition, we ensure that our subcontractors comply with the rules on the protection of personal data.

Article 12. Changes to this policy

This policy is subject to change and may therefore be amended. In the event of minor changes, the new policy will be posted on the website in the dedicated section. In the event of substantial changes, for example concerning the purposes of the policy or the exercise of your rights, you will be notified.

Article 13. Contact us

If you have any questions or would like information about the products presented on the website or about the website itself, you can send a message to the following address: hello@notcrispyenough.com