Privacy policy

1. Data Controller & Contact
CamisaVenta SAS
25 Rue de Rome, 75008 Paris, France
Email: info@camisaventa.com | Phone: +33 702518664

2. Data We Collect
a. Personal Information

  • Order Data: Full name, billing/shipping address, email, phone number.

  • Payment Details: Card type, last four digits, expiration date (processed via Stripe; full card numbers are not stored).

  • Account Data: Password (hashed), size preferences, wishlist items (if registered).

b. Technical & Usage Data

  • Device Information: IP address, browser type, operating system, device ID.

  • Behavioral Data: Pages visited, time spent, cart abandonment rates (via Google Analytics with anonymized IPs).

  • Cookies:

    • Essential: Session cookies (cart functionality, login persistence).

    • Analytical: Google Tag Manager (aggregate traffic analysis).

    • Marketing: Meta Pixel (track ad performance with user consent).

3. Legal Basis for Processing (GDPR)

Purpose Data Type Legal Basis
Order fulfillment Identity, Payment Contractual necessity (Art. 6(1)(b))
Fraud prevention IP, Device ID Legitimate interest (Art. 6(1)(f))
Newsletter subscriptions Email Consent (Art. 6(1)(a))
Site optimization Behavioral data Legitimate interest

4. Data Sharing & International Transfers

  • Third Parties:

    • Payment Processors: Stripe (PCI-DSS compliant, EU data centers).

    • Shipping Partners: DHL, FedEx (limited to delivery details).

    • Analytics Providers: Google Analytics (IP anonymization enabled).

  • Safeguards:

    • Non-EU data transfers use Standard Contractual Clauses (SCCs) or Adequacy Decisions.

5. Data Retention

  • Order Records: 6 years (to comply with French tax law Article L102 B du Livre des Procédures Fiscales).

  • Marketing Data: Retained until consent withdrawal or 3 years of inactivity.

  • Cookies: Session cookies expire upon browser closure; persistent cookies up to 24 months.

6. Your Rights Under GDPR

  • Access & Portability: Request a copy of your data in CSV/PDF format.

  • Rectification & Erasure: Correct inaccuracies or delete non-essential data.

  • Restriction & Objection: Limit processing or opt out of marketing.

  • Withdraw Consent: Click "Unsubscribe" in emails or email us directly.

To Exercise Rights:
Email info@camisaventa.com with the subject line "Data Request - [Your Name]". We respond within 30 days.

7. Security Measures

  • Encryption: TLS 1.3 for data in transit; AES-256 for stored data.

  • Access Controls: Role-based permissions; quarterly staff training.

  • Incident Response: 72-hour breach notification to authorities (CNIL) and affected users.

8. Children’s Privacy

  • We do not knowingly collect data from users under 16. Parents/guardians may request deletion of minors’ data.

9. Policy Updates

  • Changes are published on this page. Significant updates (e.g., new data uses) trigger email notifications.