Effective Date: [10th September 2018]
1. Who are we?
1.1 We are Colart International Holdings Limited trading as “Conté à Paris”. We own and operate this website (the “Site’). Our contact details are on the Site. Please contact us if you have any questions or feedback about this policy.
2. What’s the point of this policy?
2.1 This policy tells you how we deal with your “personal data” (that is, information about any identified or identifiable living persons). For the purposes of the General Data Protection Regulation, we are the data controller in relation to personal data collected by us. Please read on to find out what kinds of personal data we collect, how we use and protect it, to whom we disclose it and how you can access and rectify it or request that we stop processing it.
3. Might the policy change?
3.1 It may well do and so you should check it whenever you visit the Site. If you use the Site after the effective date shown at the top of the revised policy, you accept this policy, our Cookies Policy and the terms and conditions.
4. What personal or other data do we collect?
Information you give us
4.1 We collect and store the information which you give us through forms you fill in on the Site – such as your name, address, email address, phone number, artist type, art media preferences – or when communicating with us by phone, email or in some other way. You can choose what information to give to us through these forms, but some of this information may be required to provide you with certain services or goods (for example, the billing or delivery address if you order from us). If you choose not to provide such information we will not be able to provide you with such services or goods.
Information we collect about you
4.2 We receive and store certain information automatically when you interact with us. Examples include connection information such as country and city, browser type and version, your operating system and platform, a unique reference number linked to the data you enter on our system, login details, the full URL clickstream to, through and from our site (including date and time), cookie number, activity on the Site including the pages you visited, searches you made, products purchased, likes, comments and uploads.
Information we receive from other sources
4.3 We may receive information about you if you use any of the other websites we operate or the other services we provide. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.
5. What about cookies?
6. What is our legal basis for processing personal data?
6.1 In line with the General Data Protection regulation, we have several legal bases for processing your personal data:
(a) Performance of a contract with you: for data which is needed in order to provide you with goods or services (which you will see as mandatory fields in any order or sign up process), we process the data in order to provide you with those goods and services:
(b) Consent: where you have provided consent (for example, by agreeing that we can contact you with offers and events you might be interested in), we will process the data on the basis of that consent;
(c) Legitimate interests: for the remaining data we collect, we process it in the legitimate interests of operating our business.
7. How do we use your personal data?
7.1 We use your personal data to provide our services arising from any contracts entered into between you and us and to provide you with the information, products and further services that you may request from us. These include send service / transactional messages, process payments and/or fulfil orders.
7.2 We use your personal data to help us communicate with you effectively should you try to contact us through the Site.
7.3 We only want to send you marketing-related communications (including by email, post, phone or SMS) that we feel may interest you and if you have given permission on the Site. You can change your privacy settings and preferences within ‘Your Account’. Please note: even if you choose not to receive marketing emails from us, you will still receive our transactional emails, such as messages related to your orders, updates on products and services you have purchased from us, or information about your account. You will also continue to receive emails about other programmes you have enrolled in such as The Fine Art Collective and Artists Outreach Programmes.
7.6 If you supply us with a third party email address to refer someone to us, we will use that email address only to transmit the referral message and we will then immediately delete it. You must get the consent of the person whose details you provide before you give us those details.
7.7 We retain personal data from closed accounts in order to comply with legal obligations, enforce our terms and conditions, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigations and take other actions as permitted by law.
7.8 We may access, remove, alter, store or otherwise use any personal data if we have reason to believe that it breaches our terms and conditions, or that such steps are necessary to protect us or others, or that a criminal act has been committed, or if we are required to do so by law or appropriate authority.
8. How do we protect personal data?
8.1 Security is a high priority. We take all relevant precautions to protect personal data.
8.2 Email and other electronic communications are not secure if they have not been encrypted. Your communications may pass through servers in a number of countries, including countries outside the European Economic Area (EEA) before they reach us. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Site; any transmission is at your own risk. We do not accept responsibility for any unauthorised access to or loss of personal data that stems from a cause beyond our control. Nor can we be held responsible for the actions or omissions of other users or third parties who may misuse your personal data which they collect from the Site.
9. To whom do we disclose personal data?
9.1 Payment details including credit card numbers are supplied direct to our banking partner. We do not receive such information. To ensure your details are not being used without consent, your personal data may be supplied to relevant third parties including credit reference and fraud prevention agencies, who may keep a record of that information.
9.2 We may allow access to your personal data by third parties who supply us with a service. Examples include e-commerce platform providers, couriers (to enable delivery of goods), website hosts and businesses which assist us in undertaking communications or monitoring our site.
9.3 If you have given permission on our site, we may provide your personal data to our other group companies, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006 or selected third parties so that they can send you emails (or other communications) with details of goods or services which may be of interest to you including information about special offers or promotions.
9.4 We may disclose personal data so far as reasonably necessary:
a) If we have reason to believe you have breached our terms and conditions, or that such steps are necessary to protect us or others, or that a criminal act has been committed, or if we are required to do so by law or appropriate authority; or
b) In the case of an actual or proposed sale or merger or business combination involving all or the relevant part of our business.
c) If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions and other agreements; or to protect the rights, property, or safety of us, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
9.5 We may store or transfer personal data outside the EEA for the purposes stated in this policy. If so, we will, of course, comply with the applicable laws relating to data transfer outside the EU
9.6 Except as otherwise specifically included in this policy, this document addresses only the use and disclosure of information we collect from you. If you disclose your information to third parties, whether they are other users of our site or other websites, different rules may apply to their use or disclosure of your information.
10. What are your rights in relation to your personal data?
10.1 You can contact us using the ‘Contact Us to:
(a) request access to, or a copy of, the personal data we hold about you either to review for yourself or to provide to another data controller;
(b) request the deletion or correction of personal data we hold about you;
(c) object to our use of your personal data and/or request that we restrict or stop our use of that data;
(b) withdraw your consent to processing of your personal data, where we process data on the basis of consent.
10.2 If you wish, you can permanently delete your account with us by the means explained above.
10.3 For information about your rights under data protection laws in the European Union, see https://ec.europa.eu/info/law/law-topic/data-protection_en.