We attach great importance to the protection of your personal data. As such, when collecting and processing it we are guided by these four principles:
These principles are the foundations on which we wish to grow: in an increasingly connected world, we choose to give our users the widest possible control of their data and to protect the data that is entrusted to us. Our aim is to offer you the best services.
2. PROCESSING DATA COLLECTED BY KYTATOO. 2
3. DATA RETENTION AND DELETION.. 4
4. SHARING PERSONAL DATA WITH THIRD PARTIES. 4
5. TRANSFER OF DATA OUTSIDE THE EUROPEAN UNION.. 5
6. CONTROLLING PERSONAL INFORMATION SHARED WITH KYTATOO. 5
8. PROCEDURES FOR SECURITY AND PROTECTION OF PERSONAL DATA.. 7
9. MANAGEMENT OF PERSONAL DATA OF MINORS. 7
10. INFORMATION ON BANKING DATA.. 7
12. AMENDMENT OF OUR POLICY. 11
APPENDIX 1 - LIST OF PROCESSES UNDERTAKEN BY KYTATOO. 12
The Regulations on Personal Data (hereinafter the "Regulations") encompass the regulation (EU) 2016/679 of 27 April 2016 on the protection of personal data (regulation known as "GDPR") and any text that might apply these.
Personal data (hereinafter "Personal data") refers to any information relating to an identified or identifiable natural person who may be identified personally, directly or indirectly, in particular by means of an identifier, such as a surname, first name, an identification number, location data or an online username. The data we collect may therefore include your strictly personal data, insofar as it allows you to be identified as a particular person. Conversely, some data does not allow us to identify you directly, such as your profession or your browsing data (the type of browser, terminal and operating system, the path followed on the website, etc.) but is nevertheless considered as Personal Data because it is attached and/or attributable to the former.
This Policy is an integral part of the terms and conditions of sale on the Website and the conditions of use of the Apps. By accepting the general conditions of sale of the Website and the conditions of use of the Apps you expressly accept the provisions of this Policy.
Please read this document carefully in order to be aware of and understand the practices regarding the processing of your Personal Data that we implement and the rights that you are entitled to.
When you use our Website and/or our Apps, your consent will be required prior to any collection of your Personal Data. Kytatoo and its affiliates may exchange such Personal Data and use it in accordance with this Policy. You do not have to give us all of the Personal Data that we ask for. However, if you choose not to share it, access to certain services implemented by our Website and/or our Apps may be limited.
Any information that you may have provided to Kytatoo during your visits to our Website or when using our Apps is strictly confidential. Among other things, this information is necessary for processing orders on the Website or implementing the services offered by the Apps.
For more information, please consult the table that appears in Appendix 1, summarising how Kytatoo processes Personal Data through its Website and Apps.
In accordance with the Regulations, most of the processing referred to in this Policy has received your prior consent.
The primary purpose of this processing is to carry out our contractual obligations in relation to the services offered on the Website and/or our Apps. Some of the processing that we carry out can also be dictated by a legal obligation incumbent upon us or based on a legitimate interest such as combating fraud.
When you use the Website and/or the Apps, you may be required to voluntarily share your Personal Data with us. Most particularly, this Personal Data is transmitted to Kytatoo when:
These Personal Data includes the following elements: your surname, first name(s), password, email address, date of birth, telephone number. The optional nature of the data is communicated to you when it is collected.
By browsing our Website and/or using our Apps, we may automatically collect certain data, cookie data, your login details, your browsing data, the type of Terminal you use to access or connect to the Website and/or Apps. You will find more details about the technical data that we process in Article 11 "Cookie Information".
If you download an app through an app download platform and make in-app purchases, if you connect to our Website and/or our Apps via social media, we will have access to certain Personal Data in accordance with the general conditions of use of the platforms and the social network concerned (for more details on social media, please refer to article 7 "Using social media").
Our Apps use a tablet, smartphone, phone, etc. (hereinafter the "Terminal"). A request to access the geolocation services or storage of the Terminal may be required for the proper functioning of our Apps. We invite you to read the instructions on your Terminal to learn how to modify the authorisation settings granted to an app and to control the sharing of personal details or access to the storage of the Terminal. Under no circumstances will Kytatoo collect Personal Data relating to these authorisations. Any collection and processing of your Personal Data will result in the prior collection of your consent, as mentioned in this Article 2.
We keep your Personal Data as long as necessary, particularly to fulfil our contractual obligations, comply with our legal obligations or resolve disputes. We retain some of your Personal Data for as long as you have a kytatoo account.
Upon your request, we will delete or anonymize your Personal Data so that you can no longer be identified, unless the law authorises or compels us to retain certain Personal Data, particularly in the following situations:
In all other circumstances, we will retain your Personal Data for a period that we deem reasonable.
For more information, please consult the table that appears in Appendix 1, summarising how long Kytatoo retains your Personal Data for processing it via its Website and Apps.
We will not transmit your Personal Data to third parties who may use it for commercial purposes without your express consent.
We may share Personal Data with other entities of the Kytatoo Group within the scope of this Policy. Entities of our group refers to any company owned or controlled directly or indirectly by Kytatoo.
In accordance with applicable law and with your consent when required, we may aggregate the Personal Data that we receive or send to our business partners, including any or all of your Data collected via cookies.
We rely on trusted third parties to carry out various operations on our behalf. We can provide them with the information they need to carry out a given service and request that they do not use your Personal Data for any other purposes. We may be required to transfer certain Personal Data to them if it is required for (i) the operation, management, maintenance of our Website and/or our Apps; (ii) ensuring that the tasks necessary for the fulfilment of your order on the Website (technical services, payment services, verification of identity) are completed or ensuring the fulfilment of the services offered by the Apps; (iii) implementing certain elements of the after-sales service; (iv) combating fraud; (v) responding to requests from the authorities.
Your Personal Data may therefore be transferred to a third party when we have a legal obligation to do so or if we believe in good faith that this is necessary to (a) comply with any legal request; (b) comply with any requests from the authorities; (c) in an emergency involving public health or the physical integrity of a person; (d) in the course of enquiries and investigations; or (e) to secure the rights, property and safety of Kytatoo and more generally any third party.
We store your Personal Data in servers located in the European Union. However, it is possible that the Personal Data we collect when you use our Website and/or our Apps are transferred to other countries, some of which may have less protective personal data protection legislation than the one in force in the country where you reside. We undertake to take all the measures required to ensure that contractual commitments with these third parties are in accordance with the Regulations. These measures may include checking the standards applied by these third parties for the protection of personal data and security and/or the signing of appropriate contracts (based on the model adopted by the European Commission).
We can use the services of subcontractors located outside the European Union, particularly for managing your order on the Website, responding to your requests for after-sales services, providing online payment tools and providing us with commercial and advertising services. This is also the case for Kytatoo affiliates located outside the European Union to whom we may transfer some of your Personal Data for the purposes of providing our services in those countries.
For more details on the transfer of your Personal Data outside the European Union, please contact us at the following address: email@example.com.
In accordance with the Regulations in force, you have a set of rights relating to the Personal Data relevant to you, including:
You also have the right to lodge a complaint with the French supervisory authority or that of the country in which your habitual residence is located if you consider that the processing carried out by Kytatoo violates the provisions of the European Regulation on the protection of personal data. As an example, in France, the supervisory authority in charge of compliance with personal data obligations is the Commission Nationale de l'Informatique et des Libertés (CNIL).
To exercise your rights over your Personal Data, you can email your request to the address privacy@Kytatoo.com giving your surname, first name, email address and if possible your customer reference. In accordance with the regulations in force, your application must be signed and accompanied by a photocopy of an identity card bearing your signature and provide the address to which we must send you our response.
You have the option of connecting to your Kytatoo account through a social media site, which makes it easier to register or connect to our Website and/or our Apps. A first connection via a social media site means that you will always be able to connect to your Kytatoo account this way. You can unlink these accounts at any time if you wish.
We draw your attention to the fact that if you decide to let us access some of your information, including your Personal Data, through connection services provided by our business partners, their privacy policies can also legally bind you. We have no control over the collection or processing of your Personal Data carried out by our business partners on their own platform.
When you choose to connect to your Kytatoo account via a social media site, the social media site may ask you to share information with Kytatoo. If you choose to share information, the social media site will usually ask you to specify what information you want to share. This information may include but is not limited to your email address, first and last name, age, and any profile photos saved to your social media account.
Social media plug-ins may be present on the Website and Apps. By clicking on one of these buttons (for example Facebook's "Share" button), information is exchanged with the social media site concerned. If you are connected to the social media site at the same time, information may be relayed to your account by the social media site. This social media site can also display it on your profile and share it with other members of your network.
In order to ensure the protection and confidentiality of the Personal Data communicated to us, we use the technical, physical and procedural control measures that are implemented during the collection, processing and transfer of your Personal Data. As such, we have put in place various measures, including pseudonymisation, encryption, access and retention policies.
We also apply security procedures limiting the use and access to your Personal Data on our servers. Only authorised personnel are permitted, in the course of their work, to access your Personal Data.
In accordance with the European Regulation on Personal Data, the collection of Personal Data of a child under 16 is permitted only with the valid consent of the person who has parental authority. If you are under the age of 16 and do not have the consent of your parent or legal guardian, please do not provide any Personal Data. If we learn that we have collected the Personal Data of a child under the age of 16 without the valid consent of the parent or legal guardian, we will remove them unless otherwise agreed by the parent or legal guardian.
For the purposes of paying for orders, bank details are collected and kept by our service providers in terms of payment. These comply with the PCI-DSS requirements, an international security standard whose objectives are to ensure the confidentiality and integrity of cardholder data, and thus secure the protection of card and transaction data.
This section allows you to better understand how cookies work and how to use current tools to configure them.
A cookie is a small text file placed on your Terminal when visiting a website or looking at an advertisement. Their purpose is to collect information about your browsing or to ensure the consistency of browsing from one page to another on the websites and also to send you personalised services.
On your Terminal, cookies are managed by your internet browser.
These are cookies deposited by Kytatoo on your Terminal to meet requirements for browsing, optimisation and customisation of the services on our Website.
These are cookies deposited by Kytatoo partner companies, but may also be deposited when you click on banner ads on our Website.
These are cookies deposited by third-party companies (for example advertising agencies or partners) to identify your interests through the apps you look at on our Website and customise the advertising offer provided to you on our Website or outside our Website. They can be deposited while you are browsing our Website or when you click in the advertising spaces of our Website. The data transmitted by these cookies is anonymous and no personalised data is transferred. We do not control the cookies placed outside the Kytatoo website by the advertising agencies that act on their own behalf.
In the context of advertising partnerships, we may send partners who act on our behalf data concerning the apps consulted on our Website. We make sure that the partner companies (i) agree to treat the information collected on our Website exclusively for the purposes of Kytatoo and in accordance with our instructions, in accordance with the Regulations in force; and (ii) undertake to implement appropriate measures to secure and protect the confidentiality of Personal Data.
These are mainly cookies deposited by Kytatoo.
These cookies provide us with information about the use and performance of our Website and improve its operation (for example, finding out the most frequently viewed pages of our Website).
These are mainly cookies deposited by Kytatoo.
These cookies allow us to personalise your experience on our Website. They also allow you to benefit from our personalised advice and promotional offers according to the origin of your browsing (for example if you come from our partner websites). They can also be used to provide you with features that you have requested (for example, my favourite store or my personalised advice).
These are cookies used to present advertisements to you or to send you information adapted to your interests on our Website or outside our Website when browsing the Internet. They are used to limit the number of times you see an advertisement and help measure the effectiveness of an advertising campaign.
The refusal of these advertising cookies has no impact on the use of our Website. However, refusing advertising cookies will not stop advertising on our Website or on the Internet.
It will only result in an ad that does not reflect your interests or preferences being displayed.
These cookies are mainly third-party cookies.
These social media cookies are intended to allow users to share pages and content via third-party social media sites. They also make it possible to target the advertising offer on social media sites.
Our Website also uses social media plug-ins or buttons.
Social media plug-ins make it easier to share the pages and contents of our Website on various social media platforms. They allow you for example to like and share information from our Website with your friends on social media sites.
Please ensure you read the privacy policies of the various social media sites to understand the purpose of using the browsing information they can collect through the social media buttons on our Website. These protection policies must enable you to exercise your choices with these social media sites, in particular by setting up your usage accounts for each of these sites.
We inform you that during your order, Kytatoo or the service providers acting on its behalf, may deposit cookies or collect information about your terminal including information (technical attributes) required for recognising the type of Terminal to identify your equipment and make transactions secure (prevention of fraud risks). Cookies or "imprint" type machine identifiers are used for this purpose. You are informed of this collection of information relating to your terminal to constitute a machine identifier by a banner as soon as you arrive on the Website. By continuing your visit on our Website without setting up the collection of your machine identifiers, you agree to the collection of this information and the creation of the identifier.
You have different ways available to you to manage cookies.
If your browser is configured to refuse all cookies, you will not be able to make purchases or take advantage of essential features of our Website, such as storing items in your cart or receiving personalised recommendations. In order to manage cookies as close as possible to your expectations, we invite you to configure your browser, taking into account the purpose of the kytatoo's cookies.
You can manage your cookies by visiting cookie management platforms offered by advertising professionals.
For more information about cookies, please consult the website of the supervisory authority in your country (for France, it is the CNIL).
It may be the case that we have to make changes to this Policy. When this is required, we will notify you in an appropriate manner, for example, by posting a message on the Website and/or the Apps. We advise you to regularly consult the page dedicated to the collection and processing of Personal Data on the Website to be aware of any changes or updates to our Policy.
If you have any questions relating to this Policy or any requests relating to your Personal Data and/or you wish to exercise your rights, you can contact us via the following address: privacy@Kytatoo.com. In accordance with the regulations in force, your application must be signed and accompanied by a photocopy of an identity card bearing your signature and provide the address to which we must send you our response.
Period of retention
Surname, first name, date of birth, email, billing address
5 years from the last action of the Existing/Prospective Customer (either most recent order, confirmation of renewed interest, or most recent access to an article in the newsletter)
Communication with Customer Services
7 years from the closing of the file