Privacy Policy
Privacy Policy – POUPOU SHOP
Preamble
This Privacy Policy describes how the company Pejman, operating under the trade name POUPOU SHOP (hereinafter "we", "our", "us") collects, uses, and protects the personal information you provide to us when you visit our website poupou.shop (hereinafter the "Site") or when you make a purchase. We are committed to protecting your privacy and personal data in accordance with current laws, including the General Data Protection Regulation (GDPR) (EU) 2016/679 of April 27, 2016, and the "Informatique et Libertés" law of January 6, 1978, as amended.
1. Identity of the Data Controller
The data controller for your personal data is: Pejman, trade name POUPOU SHOP
Registered office address: 56 Avenue des Dragons de l'Impératrice, 33127 Martignas-sur-Jalle, France
SIRET number: 804 246 916 00022
Contact email address for personal data questions: poupou.shopy@gmail.com
2. What personal data do we collect?
We collect the personal data that you provide to us directly when you:
Create a customer account on our Site.
Place an order.
Subscribe to our newsletter.
Contact us via the contact form or by email. This data may include:
Identification data: Last name, first name, email address, postal address, phone number.
Order data: Details of purchased products, order history, delivery information.
Payment data: Information related to your credit card (processed by our secure payment provider; we do not have access to your full card numbers) or PayPal account.
Communication data: Correspondence and exchanges with our customer service. We also automatically collect data when you browse our Site via cookies and other tracking technologies. This data may include:
IP address.
Browser type and operating system.
Pages visited, duration of the visit, clicks made.
Source of the visit (referring site).
3. Why do we collect your data (Purposes and Legal Bases)?
We process your personal data for the following purposes and on the corresponding legal bases:
| Purpose of processing | Legal basis |
| Order management (processing, payment, delivery, returns) | Execution of a contract |
| Customer account management (creation, access, preference management) | Execution of a contract / Pre-contractual measures |
| Customer service (answering your questions, managing complaints) | Legitimate interest / Execution of a contract |
| Sending newsletters and marketing communications (with your consent) | Your consent |
| Improving the Site and our services (analysis of browsing statistics, personalization) | Legitimate interest / Your consent (for non-essential cookies) |
| Fraud prevention and Site security | Legitimate interest / Legal obligation |
| Compliance with our legal and regulatory obligations | Legal obligation |
4. With whom do we share your data?
We may share your personal data with the following categories of recipients, only to the extent necessary to achieve the purposes mentioned above:
E-commerce platform provider: Shopify (for website hosting and online store management).
Payment service providers: Services such as Stripe for secure credit card transaction processing.
Delivery services: Carriers such as La Poste or Mondial Relay for the shipment of your orders.
Traffic analysis tools: Google Analytics (to understand how our Site is used and to optimize our services).
Marketing and advertising tools: Platforms such as Google Ads or the Meta (Facebook/Instagram) Pixel for the display of targeted ads (with your consent if required by law).
Legal and administrative authorities: In the event of a legal obligation or legitimate request. We require our partners to comply with personal data protection legislation and to ensure the security and confidentiality of your information.
5. Data transfer outside the European Union
Some of our service providers (for example, Shopify, Google, Meta) may be located outside the European Union (EU) or the European Economic Area (EEA). In this case, we ensure that these transfers are governed by appropriate safeguards, such as the European Commission's standard contractual clauses or other mechanisms validated by the GDPR, to ensure a level of data protection equivalent to that of the EU/EEA.
6. Data retention period
We only retain your personal data for the duration necessary to achieve the purposes for which it was collected, and in accordance with applicable legal and regulatory obligations.
Order data: Retained for the legal duration of retention of accounting documents and for the purpose of managing warranties and customer service (generally 10 years from the order).
Customer account data: Retained as long as your account is active. In case of prolonged inactivity (for example, 2 years without a login or order), we may contact you before deleting your account.
Data used for direct marketing purposes: Retained until you withdraw your consent or exercise your right to object.
Technical data (cookies): Retained for a maximum duration of 13 months for non-essential cookies after their first placement on your device.
7. Your rights regarding your personal data
In accordance with the GDPR, you have the following rights regarding your personal data:
Right of access: To obtain confirmation that your data is being processed and, if so, to access it.
Right to rectification: To request the correction of inaccurate or incomplete data.
Right to erasure ("right to be forgotten"): To request the deletion of your data, under certain conditions.
Right to restriction of processing: To request the suspension of the processing of your data, under certain conditions.
Right to data portability: To receive your data in a structured, commonly used, and machine-readable format, and to transmit it to another data controller.
Right to object: To object to the processing of your data for legitimate reasons, or to object to the processing of your data for direct marketing purposes.
Right to withdraw your consent: At any time, for processing based on your consent.
Right to lodge a complaint: With a supervisory authority (in France, the CNIL: www.cnil.fr). To exercise these rights, please contact us by email at poupou.shopy@gmail.com. We may ask you to prove your identity (for example, via an identity document) before responding to your request to ensure the security of your data.
8. Cookies
Our Site uses cookies to ensure its proper functioning, analyze traffic, personalize content, and offer targeted advertisements. A cookie is a small text file stored on your device (computer, tablet, smartphone) when you visit a website. We use different types of cookies:
Necessary cookies: Essential for the proper functioning of the Site (cart management, connection security). They do not require your consent.
Performance and analytics cookies: Help us understand how visitors interact with our Site (most visited pages, traffic sources).
Functional cookies: Remember your preferences (language, currency) for a better user experience.
Advertising cookies: Used, with your consent, to show you relevant ads based on your interests and browsing history. You can manage your cookie preferences at any time via your browser settings or via our cookie consent banner (if you use one on your site). Note that disabling certain cookies may affect the functionality of our Site and degrade your browsing experience. For more information on cookies and how to manage them, you can consult the CNIL website (www.cnil.fr).
9. Changes to the Privacy Policy
We reserve the right to modify this Privacy Policy at any time. Any modification will be published on this page with the "Last updated" date. We encourage you to regularly check this page to be aware of any changes.
10. Contact Us
For any questions regarding this Privacy Policy or the processing of your personal data, please contact us at: Pejman - POUPOU SHOP
Email: poupou.shopy@gmail.com