This Privacy Policy (the “Privacy Policy”) sets forth the manner in which Rainbow K Jewelry processes personal data, as well as the various rights that data subjects have with respect to such data. This Privacy Policy may be subject to modifications, which will take effect on the date of publication of their update on the Rainbow K Jewelry website, without prejudice to the rights acquired prior to such modification.
ARTICLE 1 – PERSON RESPONSIBLE FOR PROCESSING
The data controller is the person who determines the purposes and means of processing personal data, i.e. the person who defines the purposes for which the data is processed.
All texts, illustrations and images reproduced on rainbowkjewelry.com are reserved under copyright and intellectual property for the entire world. In accordance with the French Intellectual Property Code, any total or partial reproduction of the rainbowkjewelry.com website is strictly prohibited.
Rainbow K Jewelry is a société par actions simplifiée (simplified joint stock company) whose registered office is located at 17 Rue Cernuschi in the 17th arrondissement of Paris, France, and which is registered with the Paris Trade and Companies Registry under number 411 687 239. cernushi
If you have any questions or requests relating to personal data, please contact us by e-mail at :contact@rainbowkjewelry.com.
ARTICLE 2 – NATURE OF PERSONAL DATA
Personal data is any information relating to an identified or indirectly identifiable natural person (in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity).
ARTICLE 3 – COLLECTION OF PERSONAL DATA
As part of the provision of our services, we collect personal data directly from you when you fill in personal data collection forms and use the functionalities made available to you on the Sites. We may also collect personal data from third parties who act in connection with the provision of our services (in particular for the payment of our services). We may also collect and obtain personal data directly or indirectly as a result of the analysis of your behavior when you interact with our site, in compliance with the rules applicable to cookies. The personal data we collect may include, in particular, your surname, first name, pseudonym, gender, e-mail address, signature, photograph, postal address, details of your professional life, your exchanges and comments on our site, our web pages, your IP address, and the type and language of your browser. We do not collect personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, nor do we process genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning sex life or sexual orientation. If you provide us with personal data relating to a third party, it is your responsibility to ensure that all such data has been collected lawfully, fairly and transparently, and that the third party does not object to such transmission.
ARTICLE 4 – TREATMENTS IMPLEMENTED
In addition to the personal data processed in connection with your requests to exercise your rights, in connection with the publication of our Site, we process data for the following purposes:
4.1 Managing your inquiries
In order to manage our responses to your inquiries, we process the personal data you provide to us in this context. Data: identity, personal data relating to requests for information. Duration: requests and responses are kept for two years from the last contact. Legal basis: consent (your willingness to provide us with this data for processing and response).
4.2 Managing our relations with customers and prospects
In order to manage our relations with our customers and prospects, we collect personal data relevant to customer management, the management of unpaid invoices, sales statistics, canvassing and information operations with a view to canvassing, and the management of rights of access, rectification and opposition. Data: identity, address, e-mail, telephone, fax, internal processing code, data relating to the follow-up of commercial relations (orders, contracts, customer exchanges and comments), data relating to loyalty-building, prospecting, prospect selection, customer opinions and notes on services, data relating to transactions, data relating to means of payment, invoices, transactional data. Duration: customer data is kept for the duration of the contractual relationship, and for five years after its expiry (prescription). Prospective customers’ data is kept for a period of three years from the end of the commercial relationship or the last contact from the prospective customer. Legal basis (customers): such processing is necessary for the performance of a contract or pre-contractual measures. Legal basis (prospecting): such processing is necessary for our legitimate interests in making our products and services known on the market.
4.3 Website management
We collect and process personal data relevant to the management of our Website and the protection of its cyber-security. Data: identity, functions, contact details, data relating to browsing (IP address, timestamp, cookies) and on digital platforms via share and media buttons, user contact management data, data relating to the management of technical service providers and audience and usage data for online services offered by Rainbow K Jewelry. Duration: log data is kept for six months, data required to produce statistics on the audience and use of online services is kept for thirteen months, data relating to exchanges with service providers is kept for five years after the end of the contract concerned. Legal basis: such processing is necessary for our legitimate interests in monitoring the operation and use of our Sites. Legal basis for non-technical cookies: consent.
4.4 Litigation management
We collect and process personal data relevant to the preparation, exercise and follow-up of disciplinary actions or legal proceedings and, where applicable, to the enforcement of the decision rendered. Data: identification data of defendants, victims, witnesses and court officers (surnames, first names, gender, date and place of birth, nationality, address, telephone, e-mail), data relating to offences, convictions or security measures (facts in dispute, information, documents and exhibits collected to establish the facts likely to be reproached, characteristics of the litigation (statements, testimonies, attestations, pleadings, procedural documents), characteristics of the litigation, convictions, follow-up of proceedings. Duration: during litigation and after appeals have been exhausted, then archived on a separate, secure medium if of historical interest. Legal basis: such processing is necessary for the performance of a contract or pre-contractual measures, in the event of contract-related litigation. Legal basis: such processing is necessary for our legitimate interests to implement our rights of defense, in the event of litigation not related to a contract.
4.5 Partnership management
We collect and process personal data relevant to the monitoring of partnership agreements, the realization of joint projects, internal and external communication and the production of statistics. Data: identity, contact details, projects monitored, exchanges linked to project implementation, statistics. Duration: partner data is kept for the duration of the contractual relationship and for five years after the end of the contract (statute of limitations). Legal basis: such processing is necessary for the performance of a contract or pre-contractual measures.
4.6 Communication and event management
We collect and process personal data relevant to the management of our marketing and communication events (registration, logistical organization, evaluation, statistics) and the sending of our commercial communications. Data: identity, contact details, project-related exchanges, statistics. Duration: data used to send out newsletters is kept for as long as the person concerned has not unsubscribed; press relations data is kept for five years; data relating to events is kept for five years after the event in question has taken place; data relating to social networking pages is kept for as long as the relevant social network account exists (unless the person has the right to erase or oppose it). Legal basis: such processing is necessary for our legitimate interests in implementing communication actions to publicize our creative services. Legal basis: your consent (which may be withdrawn at any time) for the sending of newsletters.
ARTICLE 5 – MANDATORY OR OPTIONAL TRANSMISSION OF PERSONAL DATA
In the personal data collection forms, we specify the personal data that must be provided for the purpose of the processing in question. If these fields are not filled in, Rainbow K Jewelry will not be able to carry out the actions necessary for the processing purpose in question (for example, creating an account without an identity that can be attached to it).
ARTICLE 6 – TRANSMISSION OF PERSONAL DATA
We do not generally pass on your personal data to third parties, but we may pass on your personal data to our subcontractors (who process such data on our behalf, such as our hosting provider), to our partners who are involved in the proper performance of our services, to our partners in charge of controlling Rainbow K Jewelry’s commercial activities (auditors, departments in charge of internal control procedures, lawyers, bailiffs) and to organizations, legal auxiliaries and ministerial officers as part of their debt collection or litigation management mission.
Rainbow K Jewelry may also be required to disclose your personal data if ordered to do so by public authorities, in particular to comply with requirements relating to the protection of personal data, national security or, more generally, law enforcement.
Rainbow K Jewelry implements organizational and technical security measures appropriate to the sensitivity of your personal data to protect it against malicious intrusion, loss, alteration or disclosure to unauthorized third parties.
Your personal data is hosted and processed in the European Union. Rainbow K Jewelry may, however, use the services of service providers located abroad or subcontractors located abroad, including outside the European Economic Area (EEA). In such a case, the transfer of your personal data outside the EEA will be carried out subject to the implementation of appropriate safeguards, in application of the applicable legislation on the protection of personal data, in particular through the signing, on a case-by-case basis, of contractual clauses based on the European Commission’s model or any other mechanism that complies with the RGPD.
ARTICLE 7 – RIGHTS YOU HAVE OVER YOUR PERSONAL DATA
Within the limits defined by law, you have the following rights
Right of access: you can obtain information about the processing of your personal data and a copy of this data;
Right of rectification: you can request the correction of your personal data that you consider incomplete or inaccurate;
Right to erasure: you may request the erasure of your personal data;
Right to restrict processing: you may request that the processing of your personal data be restricted;
Right to the portability of your personal data: you have the right to have the personal data you have provided us with returned to you or, where technically possible, transferred to a third party, in machine-readable form;
Right to withdraw consent at any time if processing is carried out on the legal basis of your consent (e.g. for the sending of newsletters or for non-technical cookies);
The right to complain to the Commission Nationale de l’Informatique et des Libertés (cnil.fr);
The right to set up instructions for the storage, deletion or communication of your personal data after your death;
Right to object: the right to object to the processing of your personal data on grounds relating to your particular situation.
ARTICLE 8 – HOW TO EXERCISE YOUR RIGHTS
If you have a question or comment about the content or implementation of our Privacy Policy, we invite you to contact us for any clarification or additional information.
To exercise your rights, please contact us, enclosing a copy of proof of your identity, at one of the following addresses: by post to Rainbow K Jewelry, 1 rue de la grange, 91230 MONTGERON, FRANCE
A reply will be sent to you within one (1) month of receipt of your request. However, this deadline may be extended by two (2) months in view of the complexity and/or number of requests.
ARTICLE 9 – COOKIES
A “cookie” is a piece of information, generally small in size and identified by a name, which may be sent to your browser by a web site you visit. Your web browser will store it for a certain period of time and send it back to the web server each time you reconnect.
When a cookie is purely functional (storing information entered in forms, managing and securing access to reserved areas), its use does not require your prior consent. If it is not purely functional, its use requires your prior consent. When you first visit the www.rainbowkjewelry.com website, Rainbow K Jewelry asks for your consent to the installation of cookies that are not purely functional, by means of a banner explaining the purposes of these cookies and a system for managing your preferences. You are free to configure, at any time, your consent or the withdrawal of your consent to the installation of cookies not purely functional on your terminal.
Personal data generated by cookies is stored on your terminal for a maximum of 13 months.