PROTECTION OF PERSONAL DATA

The Customer is informed and accepts that his personal data may be collected on the Site and used by SOHA SAS which acts as data controller within the meaning of law 78-17 of January 6, 1978 relating to IT, Files and Freedoms as amended on January 20, 2017 and as it will be amended by the General Regulation (EU) on data protection 2016/679 dated April 27, 2016 (hereinafter the “Informatics and Freedoms Law”).

SOHA SAS undertakes to protect and ensure the security and confidentiality of the personal data of its Customers in accordance with the Data Protection Act, in particular by taking all necessary precautions to prevent this data from being distorted, damaged or from unauthorized third parties. have access to it. It is specified that the Site is hosted by Shopify, which provides SOHA SAS with an online e-commerce platform allowing the sale of products and services and that the Customer's personal data is kept via data storage on a secure server protected by a firewall.

In the event of a personal data violation, SOHA SAS notifies the violation in question to the CNIL as soon as possible. If the violation of personal data is likely to create a high risk for the rights and freedoms of a Customer, SOHA SAS informs the person concerned of the violation of personal data as soon as possible.

Customers' personal data may be transmitted to service providers and contractual partners who, as subcontractors within the meaning of the Data Protection Act, intervene and contribute directly to the management of Orders and for whom it is absolutely necessary to access the data. personal data provided by the Customer when creating and using their Account (identity, postal address, telephone number, email address). Subcontractors can only act on instructions from SOHA SAS.

Personal data is also kept for security purposes, in order to comply with legal and regulatory obligations and to allow SOHA SAS to improve and personalize the services offered to Customers and to inform them of related offers and commercial information. with the brand.

The Customer's personal data is only kept for the duration strictly necessary for the purposes previously stated. In particular, the Customer's personal data which is collected:

• for the purposes of managing Orders and relations with Customers and providing information to Customers cannot be kept beyond the period strictly necessary for the management of the commercial relationship with the Customer;
• for commercial prospecting purposes may be kept for a period of three years from the end of the commercial relationship with the Client.

The personal data of the non-customer prospect may be kept for a period of three years from their collection by SOHA SAS or from the last contact from the prospect.

If the Customer chooses a direct payment gateway to complete their Order, IONOS 1&1 stores their credit card data, which is encrypted using the PCI-DSS (Payment Card Industry Data Security Standard) data protection standard. The data relating to the purchase transaction is only kept for the time necessary to complete the purchase transaction and is deleted as soon as the transaction is completed.

All direct payment gateways follow the standards set by PCI-DSS, as managed by the PCI Security Standards Council, which is a collective effort between brands such as Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure management of credit card information by SOHA SAS and its service providers. For more information, the Customer is invited to read the IONOS 1&1 terms of use or its privacy policy.

In accordance with the Data Protection Act, the Customer has a right of access, rectification and opposition to personal data concerning him and the right to lodge a complaint with a supervisory authority, the right to limitation of processing, the right to erasure of data as well as the right to data portability (hereinafter the “Computer Rights and Freedoms”).

To exercise one or more of the Data Protection Rights and Freedoms, the Customer must send a request by e-mail or by post to the contact details below, indicating their last name, first name, e-mail address and customer references:

SOHA SAS

Customer service: sav@soha-collection.com

Each request must be signed and accompanied by a photocopy of an identity document bearing the Client's signature and specify the response address.

The response to the request made on the basis of one or more Computer Rights and Freedoms will be sent within 1 month following receipt of the request. SOHA SAS may retain data relating to identity documents, from receipt of these documents, for one year for the exercise of the right of access and for three years for the exercise of the right of opposition.

The Customer can also access information concerning him and possibly make the necessary corrections directly on the Site by going to his account.

The Customer may communicate to SOHA SAS specific directives in which he or she defines the manner in which he or she intends for the Computer Rights and Freedoms to be exercised, after his or her death, in accordance with the Data Protection Act.

COMMERCIAL OFFERS AND NEWSLETTERS

SOHA SAS may send Customers information relating to the Items and commercial offers by mail, e-mail, SMS, telephone or via all web spaces run by SOHA SAS on social networks, subject to acceptance. prior.

The Customer has the right at any time to oppose these commercial prospecting mailings free of charge.

• if by mail or by telephone, by expressing your request by means of an unambiguous declaration to the e-mail address contact@soha-collection.com
• if by email, by clicking on the “unsubscribe” link at the bottom of each email; And
• if via all web spaces run by SOHA SAS on social networks, by unsubscribing from the SOHA page.

COOKIES

When consulting the Site, information relating to Customer browsing may be recorded in “cookie” files installed on their terminal (computer, tablet, smartphone).

These cookies are issued in order to facilitate navigation on the Site and make it possible to recognize Customers' browsers when they are connected to the Site.

Cookies are only installed after acceptance by the Customer, continued navigation on the Site constitutes acceptance.

Most browsers accept cookies automatically, but the Customer can at any time choose whether or not to accept cookies from their browser settings, often located in the “Tools” or “Preferences” menu of their browser.

Any settings implemented by the Customer may negatively affect their user experience and parts of the Site may no longer be accessible in their entirety.

The Site uses computer applications from third parties, which allow the Customer to share content from the Site with other people or to let these other people know their opinion regarding content on the Site (social networks such as Facebook, Instagram, etc.). Google+”, “Twitter”, etc.). When the Customer consults a page of the Site containing a “Share” or “Like” button, his browser establishes a direct connection with the servers of the social network concerned. If he is connected to the social network while browsing, the application buttons allow you to link the pages consulted to his account. If he interacts using the plug-ins, for example by clicking the "Like" button or leaving a comment, the corresponding information will be transmitted to the respective social network and published on his account. If the Customer does not want social networks to link the information collected through the Site to his account, he must disconnect from the social network concerned before visiting the Site.

SOHA SAS is in no way responsible in any capacity whatsoever for the content or operation of any social networks, including those which may be linked to the Site. To understand how social networking sites use information about Customer's activities on our website and on the internet, Customer is encouraged to read their respective terms of use and privacy policies.