Last Updated: August 2024
At MYSTIIC (hereinafter "we", "us", or "our"), we are committed to protecting the privacy and security of our users' and customers' personal data. This privacy policy describes how we collect, use, store, and protect your personal information when you use our website http://mystiic.com (hereinafter "the Site") and our services. We comply with applicable laws and regulations on personal data protection, including Regulation (EU) 2016/679 (General Data Protection Regulation - GDPR), the amended French Data Protection Act, and the California Consumer Privacy Act (CCPA).
1. Collection and Use of Personal Data
1.1. Data Collected
The information we collect may include, but is not limited to:
- Name, first name, postal address, email address, phone number.
- Payment information (necessary for processing your orders, such as your banking details).
- Order history and product preferences.
- IP address and browsing data (for site improvement and security).
This information is collected when:
- You place an order on our Site.
- You create a customer account.
- You subscribe to our newsletter.
- You browse our Site.
1.2. Use of Data
We use your personal data to:
- Process and fulfill your orders.
- Communicate with you regarding your orders and deliveries.
- Personalize your experience on our Site.
- Send you marketing communications with your consent.
- Improve our services and our Site.
1.3. Legal Basis for Processing
We process your data based on the following legal grounds:
- Contract Performance: to process your orders.
- Consent: to send you newsletters or promotional offers.
- Legitimate Interest: to improve our services and protect our business interests.
- Legal Obligations: to comply with tax and accounting obligations.
2. User Rights
In accordance with the GDPR, the amended French Data Protection Act, and the CCPA, you have the following rights regarding your personal data:
- Right of Access: You have the right to request access to the personal data we hold about you.
- Right of Rectification: You can request the correction of inaccurate or incomplete personal data.
- Right to Erasure: You have the right to request the deletion of your personal data under certain conditions (e.g., if it is no longer necessary for the purposes for which it was collected).
- Right to Restrict Processing: You can request that we restrict the processing of your data in certain cases.
- Right to Data Portability: You have the right to request that we transmit the personal data you have provided to us in a structured, commonly used, and machine-readable format.
- Right to Object: You can object to the processing of your personal data for direct marketing purposes.
- Right to Withdraw Consent: You can withdraw your consent at any time, particularly for marketing communications.
- Right to Lodge a Complaint: If you believe that your rights are not being respected, you can file a complaint with the competent data protection authority (in France, the CNIL).
To exercise your rights, you can contact us at the following address: hello@mystiic.com.
3. Data Transfers Outside the European Union
Your personal data may be transferred outside the European Union, particularly to service providers located in the United States, to process your orders or improve our services. We ensure that these transfers are governed by adequate safeguards, such as the Standard Contractual Clauses approved by the European Commission.
4. Data Collected from Minors
Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors without parental consent. If we discover that we have collected personal data from a minor without this consent, we will take steps to delete this information.
5. Data Retention Period
We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, particularly for contract execution and compliance with legal obligations. Data related to commercial transactions is retained for the legally required retention period (generally 10 years for tax and accounting purposes).
6. Cookie Policy
When browsing our Site, cookies may be installed on your device. Cookies allow us to collect information about your browsing activity (pages viewed, visit duration, etc.) and are used to:
- Ensure the proper functioning of the Site.
- Analyze the audience and improve the user experience.
- Personalize offers and communications.
- Provide targeted advertising, including through third-party partners.
6.1. Cookie Management
When you first visit, a banner informs you of the use of cookies and allows you to accept or reject certain types of cookies. You can manage your cookie preferences at any time through your browser settings.
6.2. Cookie Refusal
You can configure your browser to refuse cookies. However, refusing certain cookies may affect your experience on the Site.
For more information on cookie management, you can visit the CNIL website: https://www.cnil.fr/en/cookies-the-tools-to-control-them.
7. Data Security
We implement technical and organizational security measures to protect your personal data from loss, destruction, unauthorized access, or disclosure. We use the SSL (Secure Socket Layer) protocol to encrypt sensitive information transmitted via our Site.
8. Specific Obligations for California (CCPA)
In accordance with the California Consumer Privacy Act (CCPA), California residents have additional rights, including:
- Right to Know what categories of personal data are collected, the sources of the data, and the purposes for which they are used.
- Right to Request Deletion of personal information.
- Right to Non-Discrimination: We will not discriminate against California residents for exercising their rights under the CCPA.
Contact
If you have any questions about our privacy policy or wish to exercise your rights, please contact us at the following address: hello@mystiic.com.