OUR PRIVACY AND DATA PROTECTION POLICY

At My Little Day, we are very concerned about protecting the privacy of our users.

It is essential for us to ensure complete confidentiality and security of all personal information collected.

The purpose of this section is to explain in complete transparency the processing we do of your personal data and the various information that we process.

The company My Little Day, as data controller, undertakes to comply with the provisions of law n ° 78-17 of January 6, 1978 as amended relating to data processing, files and freedoms as well as the regulation (EU ) No. 2016/679 of April 27, 2016 in force from 25 may 2018.

1 – WHY WE COLLECT PERSONAL DATA?

During your visits to our site, when you subscribe to our newsletter, order product(s) or when you interact with us on our social networks, by email or by telephone, we collect data about you.

Those data allowstent My Little Day to get to know its customers and thus best meet their needs and continuously improve our services.

We can, for example, send you personalized content, small surprises, or it prevents you from seeing the same advertising over and over again on social networks.

Most important: we only collect your data on behalf of My Little Day, and we undertake not to disclose this information à third-party service providers and subcontractors only if strictly necessarye. These third parties undertake to respect the same level of confidentiality and security as ours.

We will never resell, transfer or assign this data to third parties for commercial purposes without your prior written consent (for example during a partnership for a contest).

2 – WHAT ARE THE PERSONAL DATA COLLECTED AND WHAT IS THEIR PURPOSE?

Personal data includes any information that directly or indirectly identifies a natural person, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or several specific elements specific to its physical, physiological, genetic, psychic, economic, cultural or social identity.

When you create an account with My Little Day or when you place an order, personal information is requested.

Mandatory information is what we need to communicate with you and deliver your products to you in the best conditions. This is the information necessary for the execution of the contract or the execution of pre-contractual measures.

Other optional information can be provided (birthday of your entourage, date of your event, etc.). We collect and process this information exclusively on our behalf and will not communicate it to third parties (except for the technologies and solutions used for sending emails such as Mailchimp). This data is used to send you personalized content, to help you organize your event, or to thank you for your loyalty.

2.1 – Types of data collected:

  • Mandatory customer identification data (surname, first name, address, email, telephone, etc.)

  • Optional data on personal characteristics (age, date of birth, gender, type of party, birthdays of relatives, etc.).

  • Electronic identification data (IP address, cookies, etc.).
  • Data relating to orders (delivery method, delivery and billing address, people to whom purchases must be sent, order history, purchase orders, invoices, etc.)
  • Data relating to after-sales service (complaints, exchanges by email or telephone, etc.)
  • Customer reviews left through our partner Avis Vérifiés.
  • Data relating to our emailing campaigns (email address, opening, clicks to our site, etc.).
  • Data relating to traffic on our site (pages viewed, time spent on the page, items viewed, added to the basket or purchased, exit page, etc.)

Personal data relating to payment by credit card is not recorded by My Little Day.

My Little Day uses a secure method of payment SSL (Secure Socket Layer).

Bank details are encrypted (made illegible) at the time of transmission over the network. The encryption is made visible by the appearance of a padlock symbol in the browser.

The transaction is carried out through a payment service provider. Only the latter saves the banking information provided in its secure server.

No intermediary collects this data.

2.2 – Usefulness of this data and legal basis:

Purpose of processing

Legal basis(s) of processing

Management of the customer account, the basket before purchase and the orders placed

This processing is necessary for the execution of the contract or the execution of pre-contractual measures

Delivery management and order tracking

This processing is necessary for the performance of the contract

Management of customer service, by telephone or email Exchanges between customer service and the customer are likely to be retained

This processing is necessary for the performance of the contract, for the purposes of the legitimate interests we pursue (to improve the quality of our products and services) and/or is based on your consent

Sending targeted offers and advice on different channels: directly on our site, by email, on social networks or any other medium to come

This processing is based on your consent and is necessary for the purposes of the legitimate interests we pursue (providing you with relevant content)

Collection and management of customer opinions on our products and services

This processing is based on your willingness to share an opinion, and is necessary for the purposes of the legitimate interests we pursue (to improve the quality of our products and services)

Display of targeted advertisements on social networks

This processing is necessary for the purposes of the legitimate interests we pursue (providing you with relevant content)

Possibility of personalizing the contents of the site according to the preferences of the user

This processing is necessary for the purposes of the legitimate interests we pursue (providing you with relevant content) and/or is based on your consent

Sharing content from the site to social networks

This processing is based on your consent and/or is necessary for the purposes of the legitimate interests we pursue (providing you with relevant content)

Measurement of site traffic, performance of on and off-site marketing actions

This processing is necessary for the purposes of the legitimate interests that we pursue (measure and improve our marketing actions and optimize the presentation and structure of our website)

Implementation of targeted contests

This processing is based on your consent and is necessary for the purposes of the legitimate interests we pursue (providing you with relevant content)

 

2.3 – Cookies, what are they exactly?

A cookie is a summary of information sent to an internet server by an internet user's computer. The purpose is to facilitate user navigation or the development of statistics. Cookies allow the server of the site visited or a third party server (advertising agency, web analytics service) to recognize the visitor's machine (by its IP address) and not the user. Thus, thanks to cookies, it is possible to automatically access a personalized page without identifying yourself.

Cookies therefore allow My Little Day:

- to measure the audience and the performance of specific content on our site, 
- to adapt our site according to the technology used (support, browser), and the affinities of our users,
- to memorize information previously filled in (form, connection, basket, etc.) and facilitate user navigation,
- allow sharing on social networks.

2.4 – How not to disclose information relating to cookies and tracers?

In accordance with the GDPR, the data collected through the use of cookies by My Little Day is subject to prior consent. 

For each Internet browser, it is possible to configure the acceptance or not of cookies on all the sites consulted or by a specific sorting. To learn more, go to the Help menu of your preferred browser. 

Here is the list of help pages for the main browsers used by our customers:

- For Chromium: https://support.google.com/chrome/answer/95647?hl=fr&hlrm=en

- For Internet Explorer: https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies

- For Safari: https://support.apple.com/kb/PH21411?viewlocale=en_US&locale=en_US

- For Firefox: https://support.mozilla.org/fr/kb/activer-desactiver-cookies-preferences?redirectlocale=fr&redirectslug=Activer+et+d%C3%A9sactiver+les+cookies

 

3 – WHO HAS ACCESS TO THE DATA COLLECTED BY MY LITTLE DAY?

Most of the data collected is processed internally by the various departments of My Little Day, in particular the webmarketing, communication, after-sales service and accounting departments.

They are also communicated to the subcontractors with whom we collaborate in order to allow the execution of the contract (payment services and delivery services for example) or to improve the quality of our products, services, our marketing actions and the presentation of our website (marketing assistance).

We only communicate to them the personal data essential to the performance of their service, it being recalled that our subcontractors are subject to the same obligations as My Little Day concerning the protection of personal data.

In addition, we work with external agencies (collection of statistical data, remarketing operations, free and paid referencing of our site, etc.) which have access to certain traffic data. These agencies only collect secondary data through statistical tools (Google Analytics, Facebook Business, AdRoll, etc.).

The secondary data is information on the frequentation and the course of the users on the site. These data do not in any way identify a specific person and therefore cannot be traced back to a specific individual.

With your consent, the opinions that you issue on our products and services are published on our website and, therefore, accessible to all visitors to our website. Only your first name and the first letter of your last name are visible.

Your personal data is also transmitted when we have a legal obligation to do so or if we believe, in good faith, that it is necessary to:

  • Respond to any claim against My Little Day;
  • Comply with any legal request
  • Enforce any contract entered into with our members;
  • In the event of an emergency involving public health or the physical integrity of a person;
  • In the context of inquiries and investigations;
  • In order to guarantee the rights, property and safety of My Little Day, its members and more generally any third party.

Finally, if My Little Day was acquired by a third party, the data in our possession will be transferred to the new owner.

4 – WHAT ARE YOUR RIGHTS REGARDING PERSONAL DATA?

Pursuant to Regulation 2016/679 of April 27, 2016, any natural person may exercise their rights relating to data protection on simple request, namely:

  • right of access to all the data collected,
  • right of rectification and portability of this data,
  • right of opposition and erasure of this data (also called "right to be forgotten").

These rights must be exercised directly with My Little Day:

  • or by post to the address:

My Little Day 
Data protection
40, rue de Clery
75002 Paris - France

We undertake to respond to any request within 15 days of receipt of the email or post. If the response provided does not seem satisfactory, the holder of the data collected has the right to contact the CNIL.

5 – HOW LONG ARE THE DATA RETAINED BY MY LITTLE DAY?

The personal data collected by My Little Day cannot be kept beyond the period strictly necessary for the purposes for which they are processed, in compliance with the legal and regulatory provisions in force.

With the exception of certain categories of personal data, the retention period of which is likely to vary depending on the legal or regulatory provisions in force, we process the data we collect for a period of 3 years from the end of the business relationship. Thus, when there is no longer any interaction with My Little Day for 3 years, this data is no longer used in accordance with the simplified standard NS-048.

Data relating to the management of orders, deliveries, invoicing and customer accounts must be kept for a period of 10 years in accordance with Article L. 123-22 paragraph 2 of the Commercial Code and the simplified standard NS -048.

Concerning the data relating to the payment by credit card recorded by our service provider, they may be kept, in intermediate archives, for the purpose of proof in the event of any dispute of the transaction, for a period of 13 months in accordance with the article L. 133-24 of the monetary and financial code. This period may be extended to 15 months in order to take into account the possibility of using deferred debit payment cards in accordance with the simplified standard NS-048.

Finally, the information stored in your terminal (example: cookies) or any other element used to identify users and allowing their traceability will not be kept beyond a period of 13 months.

6 – WHAT ARE THE SECURITY MEASURES TO PROTECT DATA?

The personal data collected by My Little Day is secure and will never be transmitted to partners who do not guarantee the same level of security as that which we require.

The main measures taken for the security of your data are:

  • The use of encrypted passwords (to which we do not have access) comprising at least one uppercase letter, one lowercase letter and one special character.
  • Strict limitation of access to personal data to only people using them in the context of their missions, using a strictly personal username and password.
  • The definition of authorization profiles in order to limit user access to only the data strictly necessary for the accomplishment of their missions.
  • The use of internal and external secure servers for data backup.
  • The use of secure payment systems by our partners: Paypal (for more information: https://www.paypal.com/fr/webapps/mpp/paypal-safety-and-security) and Stripe (for more information: https://stripe.com/docs/security/stripe)

 

NB: The CNIL recommends that users never:

  • Communicate your password to others.
  • Store passwords in a clear file, on paper or in a place easily accessible by other people.
  • Save your passwords in your browser without a master password.
  • Use passwords related to you (name, date of birth, etc.).
  • Use the same password for different accesses.
  • Keep default passwords.
  • Email each other their own passwords. »

7 – WHO TO CONTACT FOR QUESTIONS RELATING TO DATA PROTECTION?

The person responsible for processing the personal data mentioned in this data protection policy is Laia Guardia-Morin, webmarketing manager. Its representative is Dorothée Monestier, President.

They can be contacted at contact@mylittleday.fr, or by post to the address My Little Day - Protection of personal data - 40 rue de Cléry - 75002 PARIS.

We are committed to answering all your questions within 15 working days.

For any additional information relating to data protection law, we invite you to visit the website of the CNIL.

8 – REVISION OF THE DATA PROTECTION POLICY

The data protection policy may be subject to updates. In order to be aware of it, we invite you to consult this document regularly.