DATA PROTECTION POLICY - COOKIES
Comptoir des cotonniers is committed to protecting its website users' personal details. This data protection policy ("policy") details how we collect, store and use your personal data whilst you browse or order from our websites i.e. comptoirdescotonniers.com ("website") or when you provide personal data. These rules apply to all types of technology no matter how you visit the website; any device or app providing website access.
This policy details which type of personal data we collect, how we use your personal data and your rights to control how we use it.
Please read the policy carefully and feel free to print a copy for your reference. You must acknowledge the policy to browse the website or use it in any way.
The terms "Comptoir des cotonniers", "we" or "our" in the policy apply to COMPTOIR DES COTONNIERS, a simplified joint stock company registered on the Paris trade register under number 720 802 776, head office at 151 rue Saint Honoré - 75001 Paris.
Comptoir des cotonniers acts as controller for the personal data you provide or we collect on your behalf, in accordance with the French Data Protection Act and General Data Protection Regulation (EU law n°2016/679, hereinafter "GDPR").
What category of personal data do we collect?
We collect personal data either straight from you, usually using forms on our website, or indirectly from your interactions with us.
Personal data enables us to directly or indirectly identify you.
We may collect, use, store and transfer different types of personal data i.e.:
(a) Identification details: first name, surname, date of birth, sizes, customer number
(b) Contact information: email address, phone number
(c) Addresses: billing and delivery addresses
(d) Financial information: card number, payment methods, purchase history
(e) Technical information: related to your digital activities (i.e. IP address, browser, GPS, connection data)
In terms of data collected directly from you, we inform you of which data is compulsory with an asterisk on all our forms. Some data is essential to fulfilling a contract between Comptoir des cotonniers and you, providing a service you have requested of us or complying with a legal obligation.
How long do you keep personal data for?
Personal data is only kept for the period required to fulfil the purpose it was originally collected for or to comply with a legal obligation.
In accordance with our legal obligations, some personal data is kept for longer (also to fulfil our invoicing requirements) and to fulfil some of our rights (i.e. for use in court). Otherwise, personal details are saved for the period set out by law or until the end of the legal action time period.
Who may have access to personal data?
We are committed to processing any personal data confidentially. Our customers' data matters to us and their privacy is vital to us. We do not communicate any of your personal data with third parties except for the specific reasons detailed below. We only share your data with:
● other companies in our Group
● service providers that we work with to process data on our behalf
● Legal or financial bodies, government agencies or public organisations on their request and in accordance with regulations
● any stakeholders in our business in the event of business or share transfer
We share limited personal data with the service providers we use to complete operations on our behalf. These service providers help us manage our internet platform, launch sales campaigns, supply and deliver our products, provide customer service or combat fraud.
They are only allowed to use your data for the services they provide on our behalf and solely to fulfill the aforementioned requirements. We do our utmost to ensure these service providers safeguard your data and privacy.
We only share account information or personal data if we deem it appropriate to comply with legislation, apply or enforce our policy or protect the rights, property or website security for our users and others. This namely involves sharing information with other companies and organisations to combat fraud. This does not include selling renting, sharing or any other way of divulging personal data for commercial reasons in violation of the terms stated in this policy.
Where is your personal data stored?
The data we collect from you may be transferred and stored outside the European Economic Area ("EEA"). However, at all times your data will be stored in accordance with legal requirements in terms of data protection and security.
This data may be processed by third parties potentially outside the EEA i.e. service providers. These third parties may be involved in fulfilling your order, processing your payment information and providing support. We do our utmost to ensure that these third parties apply appropriate safeguards and sign contracts based on data protection clauses adopted by the European Commission as per article 46.2 of the GDPR.
What are your personal data rights?
Subject to legislation applying to your situation, you can exercise the following rights at any time:
● the right to request access to any of your personal data
● the right to request any inaccurate or incomplete personal data be rectified
● the right to request the erasure of your personal data ("right to be forgotten") when it is no longer necessary in relation to the purposes for which it was collected or otherwise processed or in the event you withdraw consent (however we may be required to retain some personal data for legal or compelling reasons)
● the right to the restriction of processing when one of the following applies:
● you contest the accuracy of personal data, for a period enabling the controller to verify the accuracy of the personal data
● the processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead
● the controller no longer needs your personal data for the purposes of the processing, but it is required by the data subject for the establishment, exercise or defence of legal claims
● you have objected to processing pursuant to legitimate grounds pending the verification of whether the legitimate grounds of the controller override those of the data subject
● the right to object to processing your personal data on grounds relating to your particular situation and the right to object at any time to processing personal data for direct marketing purposes (including profiling to the extent that it is related to direct marketing)
● the right to data portability i.e. the right to receive your personal data in a structured, commonly used and machine-readable format and have the right to transmit this data to another controller without hindrance from us, where processing is based on your consent or carried out by automated means You also have the right to have personal data transmitted directly from one controller to another, where technically feasible
● the right to refuse any direct marketing from us by unsubscribing from the emails we send you by clicking the unsubscribe link at the bottom of each message, emailing us direct on service.client@comptoirdescotonniers.com
or:
COMPTOIR DES COTONNIERS,
Customer service
151 rue Saint Honoré 75001 Paris, France;
● the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you (unless this decision is essential to the fulfilment or completion of an agreement between Comptoir des cotonniers and you or if it is based on your explicit consent)
● the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes this regulation.
● the right to set out general or specific instructions related to the storage, erasure and transfer of personal data after your death. These general and specific instructions define how you wish your rights to be exercised after your death. You can amend or revoke these instructions at any time.
We may ask you to provide us with additional information to confirm your identity to exercise your rights.
Why do we collect your personal data?
We apply various legal bases to fulfill the following requirements:
1. Your order management and product delivery
We need the following personal data for us to receive your order, prepare it and deliver it. We use this personal data at several stages including payment management, invoicing and order delivery.
| Personal data category involved | (a)Identification information (b) Contact information (c) Address (d) Financial information (e) Technical information |
| Legal basis | We use your data on the basis of the Terms and Conditions (T&Cs) that you agree to on completion of your order on our website. |
| Data sharing | We work with several service providers/suppliers to provide our brand's services, manage payment, deliver your orders and we share essential data with them. |
| Retention | The criteria used to determine how long your data is kept is based on the strict necessity to fulfil the service/aim before the data is erased. |
| Your personal data rights | You can amend or access this data from your website account or by contacting customer service. You can request the erasure of your account once the requirement has been fulfilled. |
2. Stay up to date with the latest news and information about our products and our brand
We use your data to send you personalised information including special offers, collection launches and information about new products.
| Personal data category involved | (a) Identification information (b) Contact information |
| Legal basis | We use data based on your explicit consent when you subscribe to our newsletter or sign up to our product alerts. |
| Data sharing | Your data is handled on the brand's systems mainly in Europe and Japan and we use service providers to send you our newsletters. |
| Retention | Your personal data is kept for up to 3 years after your last activity or interaction with our services. |
| Your personal data rights | You can change your consent at any time by clicking the link in all our newsletters or contacting customer service. |
3. Customer service query management
We handle some data when you email or call customer service so we can better understand your query and provide the must appropriate answer. We may also request support from other internal departments to better address your complaints.
| Personal data category involved | (a) Identification information (b) Contact information (c) Address (d) Financial information |
| Legal basis | We may handle your personal data to answer your query on the legal basis of legitimate grounds or your explicit consent to help improve our customer service. |
| Data sharing | Our customer service is based in France and your personal data is mainly handled in Europe and Japan. |
| Retention | We keep your data for 3 years after closing your query. We keep the recording of your call for 2 months if you agree during your phone call with customer service. |
| Your personal data rights | You can request access, modification and erasure by contacting customer service direct. |
4. Product and service review management
After purchases or visits, we may ask for your comments and reviews about our products and services to help us improve them. To this end, we may collect information information during your store or website visits using our customer service or by email. We may ask you to provide us with a username or email address so we can contact you for further information.
| Personal data category involved | (a) Identification information (b) Contact information |
| Legal basis | We use the legal basis of legitimate grounds to contact you after your purchase or visit to improve our services and products. When you submit comments or a review, we display specific clauses or our service provider's privacy policy and request your agreement. |
| Data sharing | We may share your review or comments with companies in the group. We may also share reviews and comments with the brand's websites in other countries to assist all our customers. |
| Retention | 12 months |
| Your personal data rights | You can contact customer service to request access, modification or erasure of your personal data. |
5. When you take part in our competitions and promotional offers
We regularly run competitions, product trials and promotions that you can take part in.
| Personal data category involved | (a) Identification information (b) Contact information (c) Addresses (only for some offers/competitions) |
| Legal basis | Your consent is required to take part in our offers and competitions. Some offers and competitions have prizes to win and specific clauses. |
| Data sharing | Your data will mainly be located in France and Europe but may also be hosted by our central systems (subject to offer or competition). Special clauses for the offer or competition will provide full information. |
| Retention | Your data is kept for the duration of the offer or competition. It depends on the offer or competition, please see specific clauses in the terms and conditions. |
| Your personal data rights | You can contact serviceclient@comptoirdescotonniers.com to request access, modification or erasure of your personal data. |
6. To protect our website from hacking and fraud and provide you with a secure experience with us
We use several security technology features to protect our website from unauthorised access and fraud. We use some technical information from your internet browser to provide you with access to our website.
| Personal data category involved | (a) Identification information (b) Contact information (c) Address (d) Financial information (e) Technical information |
| Legal basis | We use the legal basis of legitimate grounds to protect our website from hacking and purchase/payment fraud to handle this data. |
| Data sharing | We use suppliers/partners based in Europe and America as well as our internal teams when investigations are required. |
| Retention | Data is collected and kept for 12 months. |
| Your personal data rights | You can request access to your personal data by writing to our data protection representative dpo_eu@fastretailing.com |
7. Personalised experiences and website ease of use
We use several technology features (included cookies as detailed below) to display ad banners or personalised content.
| Personal data category involved | (a) Identification information (e) Technical information |
| Legal basis | We use your consent and cookies. For further information, please see Cookies section below. |
| Data sharing | We use suppliers/partners based in Europe. |
| Retention | Data is collected and kept for up to 13 months. |
| Your personal data rights | You can amend your consent and access your data (please see Cookies section below) |
8. To take part in our loyalty or refer a friend programme
We handle the following data for you to take part in our loyalty or refer a friend programme:
| Personal data category involved | (a) Identification information (b) Contact information (d) Financial information (including purchases) |
| Legal basis | We use your consent to handle this information to provide you with loyalty or refer a friend programmes and their benefits. |
| Data sharing | We use suppliers/partners based in Europe as well as our internal teams. |
| Retention | Data is collected and kept for the duration of your customer account's existence in-store or online and erased after 3 years of no activity or interaction with our brand. |
| Your personal data rights | You can request access, modification and erasure of your personal data from our customer service |
In accordance with our legal obligations, some personal data is kept for longer (also to fulfil our invoicing requirements) and to fulfil some of our rights (i.e. for use in court). Otherwise, personal details are saved for the period set out by law or until the end of the legal action time period.
Cookies
We receive and store some types of information every time you interact with us. When you visit our website, information about your browsing experience may be saved in "cookie" files installed on your device. We issue cookies to improve your browsing experience on our website. Our partners may also issue them to personalise any marketing directed at you outside our website. Cookies may also feature in different spaces on our website. These spaces may display marketing content from advertisers on your device. Only the source of the cookie can read or update any information it contains.
Cookies we issue
The cookies we install on your device enable us to recognise your browser when you visit our website.You can use our cookie management tool on the cookie banner that displays the first time you visit our website and available at:
Cookie consent link
We issue cookies to:
Measure audience
● Measure content performance
● Design and update products
● Store and/or access information on a device
● Use surveys to produce audience data
Personalise content
● Create a profile to display personalised content
● Select personalised content
● Create a personalised ad profile
● Select standard ads
● Select personalised ads
● Measure ad performance
Technical cookies, cookies that react to your request on the website and enable you to use a service or access content.
Identification and personalisation cookies, cookies that help us get to know you better and identify you when you return to our website.
Analysis and performance cookies, cookies that enable us to measure the audience: visitor numbers, pages visited.
Targeting and advertising cookies, cookies that save data to manage ad displays for different users.
Your consent is not required for so-called "essential" cookies, cookies that are essential for a website to function correctly (technical cookies).
Third-party cookies
When you visit our website, one or several cookies from partner companies (third-party cookies) may be placed on your device via our website pages or content in our ad spaces. The issue and use of cookies by third parties are subject to their third party data protection policies. We have no access or control over third-party cookies. However, we ensure partner companies process data collected on our website exclusively for our requirements and in accordance with current regulations.You can set up your browser to refuse third-party cookies. Any settings may alter your internet browsing experience and your access to some services requires the use of cookies.
You can set up your browser software to save cookies on your device or to refuse them either automatically or based on their source.
You can also set up your browser software to accept or refuse cookies that pop up on an irregular basis, before a cookie is likely to be saved on your device.
If your browser is set up to refuse all cookies, your browser experience will be different and you may not be able to use certain functions on our website i.e. saving items in your basket or receiving personalised suggestions. Each browser is set up differently. It is detailed in your browser's help menu so you can see how to update your cookie settings. You can find out more about how to remove or manage cookies on www.AboutCookies.org.
Profiling
We can display content or send personalised communication using "profiling" techniques (defined by the GDPR as any form of automated processing of personal data used to analyse or predict matters relating to an individual i.e. personal preferences, interests, behaviour, location).
Personalised ad banner
After browsing our website, personalised ad banners may appear when you use other websites. We strive to provide you with relevant offers. So any ad banners that appear will refer to products that have been viewed whilst browsing our website from your device. The service aims to provide personalised ads displaying products or services based on recent behaviour by people visiting the websites or partner apps. Our service provider uses cookies to recognise website users.Targeted information
If you agree to us contacting you for commercial reasons, we can send you emails and newsletters about goods and services that may interest you. We study our customers' browsing and online shopping habits and provide them with information about products they have viewed and any related items. We may contact you about personalised products, sales information or specific dates (newsletter subscription, customer account creation, customer birthday etc.). We also work with a service provider to send targeted information when you put products in your shopping basket without completing the order or when you put something on your wishlist without buying it.Payment security, threats and fraud
To guarantee you the best possible service and safeguard payment and delivery, some data collected on the website may be used to assess the risk of fraud involved in using this website. We work with ADYEN to analyse collected data on a fully automated database.
This data applies to the contract set-up (products, personal and card details) and website use (pages visited and browsing) combined with some anonymous data about the device used for browsing (i.e. screen resolution or operating system version) that can be used to reliably identify your device on future visits and assess the risk of fraud.br/> Based on the assessment results, we can decide whether to take security measures and cancel any orders whose security cannot be guaranteed.
Personal data security
We take every possible measure to protect personal data that you send us. However, it is impossible to guarantee the security of information sent online. We are therefore unable to guarantee the security of any personal data you send us online. If you use a device in a public setting, we recommend you always log off and close your browser at the end of your session for your security. We also recommend taking the following security measures to keep you safe online:
● Keep your passwords secret. Remember that anyone who knows your password can log onto your account.
● When you create a password, use at least 8 characters preferably with a combination of letters and numbers. Don't use your name, email address or other personal details that are easy to obtain. We recommend changing your password on a regular basis. Please visit "My Account" then click on "Change name, email address or password."
● Avoid using the same password on several websites.
Links to third party websites
Some links on the website may direct you to websites managed by third party companies. We never share your personal data with these third parties.
Links to third party websites on our website are provided for reference or information only, we do not manage these websites or their privacy policies which may differ from ours.
We cannot be held responsible for any personal data that third parties may collect, save and use via their website. Please always read the privacy policy for any website you visit.
Minors
We do not knowingly collect information about unmonitored minors. Personal data for minors can only be processed with the consent or authorisation of a parent or guardian. We take every reasonable measure to confirm consent based on the technological resources available.
Spam and official websites
We will never ask you to confirm your account details or card details by email. If you receive an email supposedly from Comptoir des cotonniers or another business in the Group asking for this information, please ignore it and do not reply.
The only official Comptoir des cotonniers websites are listed below. Any other website may be fake.
https://www.comptoirdescotonniers.com/
https://www.comptoirdescotonniers.de/
https://www.comptoirdescotonniers.es/
https://www.comptoirdescotonniers.eu/
Privacy policy updates:
Our business is constantly changing so our privacy policy may be updated to reflect it. Please check it on a regular basis for any changes that may have been made. Any updates to the policy will be published on the website and the date appearing at the bottom of the policy will be updated with the date of the last revision.
Contact
Please email the following address for any questions, information requests about the policy or requests to exercise the aforementioned rights: service.client@comptoirdescotonniers.com
Or by post to:
COMPTOIR DES COTONNIERS
Customer service
151 rue Saint Honoré
75001 Paris, France
You can contact our data protection representative on the following email address: dpo_eu@fastretailing.com
You can also contact the authority in charge of personal data in your country. Contact details for authorities are available on the European Data Protection Board (EDPB) website and this link.
Last update: June 2022
Former data protection policy - cookies (May 2021): here.