Privacy policy - WAW Components

Advance notification

We take your privacy very seriously and are committed to protecting it.

We believe that you should be able to easily understand what personal data we collect and use, why we collect it, and your rights in relation to it.

This privacy policy (the ‘Privacy Policy’) explains how we collect, use and disclose the personal data we collect on our Digital Platforms, in our stores or during our events.

We recommend that you read this Privacy Policy carefully as it contains important information about your personal data.

This Privacy Policy is designed so that you can easily access the section that interests you.

Please do not hesitate to contact us if you have any questions or comments about this Privacy Policy (see the ‘How to contact us’ section below).

Who are we?

The terms ‘WAW’, ‘WAW Components’, ‘we’, “us” and ‘our’ refer to SERIOUS as the controller of your personal data, unless otherwise specified in this Privacy Policy.

– LEGAL INFORMATION

WAW Components is located at 25 Rue de la Gleyzette, 31120 Lacroix-Falgarde, FRANCE.

Activity (NAF or APE code): Distance selling via specialised catalogue (4791B)

SIRET number (head office): 75183533100032

RCS number: Toulouse B 751 835 331

What personal data do we collect and how is it collected?

Personal data is information relating to an identified or identifiable natural person. It includes, for example, a person’s name, address and gender.

We may collect personal data directly from you or indirectly (for example, from your electronic devices that interact with our websites, electronic forms or mobile applications (the ‘digital platforms’).

Purchase orders and invoices are archived on a reliable and durable medium that can be produced as evidence.

Data you provide directly to us

You may provide us with data:

– when you create an account online (or in our shops);

– when you subscribe to our newsletter;

– when you use our Digital Platforms;

– when you purchase products or services on our Digital Platforms (or in our shops);

– when you participate in one of our events.

Depending on what you provide us with, this information may include:

– your identity (including your first name, surname, gender, image, nationality);

– your contact details (including your postal address, e-mail address, telephone numbers);

– your personal status (including your title);

– your purchases and repairs (including purchase history, order details);

– your preferences (including your size);

– certain payment data (including billing data, type or method of payment, credit or debit card number);

– other information you may provide when filling out forms or contacting us (including your comments or other communications you send us, which may include health data relating to any adverse effects of our products).

We will inform you when your information is required to process your request, respond to your enquiries, or provide you with our products and services. If you do not provide this information, it may delay or prevent us from processing your request, responding to your enquiries, and providing you with products or services.

We strive to ensure that the personal data we hold is accurate at all times. We therefore encourage you to update your data in the event of any changes. We may also ask you to update your data from time to time.

We recommend that you only provide the data requested or necessary for your request, with the exception of sensitive data relating to race, ethnic origin, political opinions, religious or philosophical beliefs, and data concerning health, sex life or sexual orientation.

Indirectly collected data

We may collect data when you use our digital platforms, including your IP address or other browsing data (including browser, operating system, device model), through cookies or similar technologies placed on your device. Some cookies are necessary for our digital platforms to function properly, and others are used for analytical purposes to help us provide you with more personalised services and a better digital experience.

We may also collect data about you from third parties, including a spouse who contacts us on your behalf or friends who provide us with your contact details in order to invite you to events that may be of interest to you.

If you provide us with personal data relating to someone else, you must ensure that you have the right to disclose such data to us and that, without us taking any further steps required by data protection legislation, we may collect, use and disclose such data for the purposes described in this Privacy Policy.

For example, you must ensure that the data subject is aware of the various topics covered in this Privacy Policy. The data subject must also give the consents set out in this Privacy Policy with regard to how we process their personal data.

Minimum age

We remind you that we do not collect, directly or indirectly, personal data from persons under the age of 18. We therefore ask you not to provide us with personal data relating to persons who do not meet this criterion.

Why do we collect your personal data and how do we use it?

We collect and use your personal data based on one or more of the following legal bases:

We have obtained your prior consent (for example, when you subscribe to our newsletter). Please note that with this particular legal basis, you have the right to revoke your consent at any time (see below ‘9. What are your rights regarding your personal data?’);
The processing is necessary in the context of a contract between Serious and you (e.g. when you make a purchase);
We have a legitimate interest in carrying out the processing and this legitimate interest is not overridden by your interests, fundamental rights or freedoms (e.g. prevention of payment fraud);
We need to process your personal data in order to comply with applicable laws and regulations.

Depending on the context, we may use your personal data for the following purposes:

– Comply with our legal obligations, which includes providing information to regulatory bodies when required by law, in particular to comply with our legal obligations in relation to the prevention and combating of fraud, money laundering and terrorist financing.

– Provide you with the products or services you have requested;

– Carry out checks to identify you and verify your identity;

– Send you marketing communications, with your prior consent (see section ‘5. Marketing communications’);

– Provide you with after-sales service and manage refunds;

– Manage your refund requests;

– Respond to your questions, suggestions and requests, including your requests to exercise your rights;

– Manage complaints and disputes;

– Manage events you have registered for and/or participated in;

– Detect, prevent and combat any fraudulent or illegal activity, including protecting your transactions from payment fraud, taking action against counterfeiting and the resale of our products in violation of our terms and conditions and/or our distribution network;

– Protect you, our employees and other people in our stores, as well as our property;

– Manage the stock of certain types of rare products in order to ensure the fair distribution of the products we sell.

With your express prior consent (usually obtained by ticking a specific box on a form), you may receive information about offers, services, products or events sent by Serious (and/or other companies in the Serious group… in certain cases).

We rely on your consent to process the personal data you provide to us for this purpose.

Therefore, if you no longer wish to receive such information, you may withdraw your consent at any time (see below ‘What are your rights regarding your personal data?’).

We may ask you to confirm or update your marketing preferences if you request us to provide other products and/or services in the future, or if there are changes in the law, regulations or the structure of our company.

How long do we keep your personal data?

Your personal data is processed for the period necessary for the purposes for which it was collected, to comply with legal and regulatory obligations, and for the duration of any period necessary for the establishment, exercise, or defence of legal rights.

In order to determine the most appropriate retention periods for your personal data, we have specifically taken into account the quantity, nature and sensitivity of your personal data, the reasons why we collected your personal data, the service you deserve and expect from us, and the applicable legal requirements.

For example:

– With regard to our prospects (potential customers): your data is retained for three years from your last action, then deleted or archived in order to comply with legal retention obligations;
– With regard to our customers: your data is retained for the duration of our commercial relationship and for up to ten years, then deleted or archived in order to comply with legal retention obligations;
– With regard to cookies used on digital platforms: they are stored for up to 13 months from the moment they are installed on your device.

How do we disclose and transfer your personal data?

We may disclose your personal data only to the parties listed below and for the following reasons:

– We may disclose your personal data to Serious employees who need access to your personal data and who are authorised to process it for the purposes mentioned above and who undertake to respect its confidentiality, in charge of customer relations, retail, e-commerce, communication, legal affairs, finance, IT management and security for the purposes set out in this Privacy Policy.

This may involve providing you with the products and services you have requested, improving the services provided and, with your consent, sending you marketing communications about offers, services, products or events (for this purpose, you may revoke your consent at any time. See section ‘9. What are your rights regarding your personal data?’ below).

As part of our legitimate interest in combating payment fraud, Serious, as data controller, may transmit your financial data to an external service provider with a fraud detection tool in order to authenticate a payment. Said service provider is bound by a confidentiality obligation.

We may also be required to disclose personal data to third parties acting on behalf of Serious and approved by Serious.

All such processing is based on our prior instructions set out in a binding contract that complies with the requirements of applicable law. Such disclosures are made for various reasons, including:

o IT development and support;

o Hosting and conducting marketing and economic studies and marketing campaigns;

o Verification of your information, payment authentication and processing of orders and payments to third parties who provide credit reports, payment services or order fulfilment services;

o Delivery services…

These service providers undertake to respect confidentiality and are not authorised to use your personal data for any other purpose. We also require them to implement appropriate security measures to protect your personal data.

– We may be required by mandatory provisions of applicable law or in the context of legal proceedings or other legal requests to disclose your personal data to authorities or third parties.

– We may also disclose or process your personal data in accordance with applicable law to defend our legitimate interests (e.g. in civil or criminal proceedings). For example, we may disclose such personal data if necessary to identify, contact or bring legal action against an individual or entity that is not complying with our Terms and Conditions of Sale and Use, or who is disrupting or causing harm to other users of our Digital Platforms.

– In the event of acquisition by a third party of Serious, or all or part of its assets, your personal data may be included in the transferred assets.

How do we protect your personal data?

All your personal data are strictly confidential and will only be accessible in case of necessity, only by duly authorised Serious staff and independent contractors acting on our behalf within the framework of appropriate technical and organisational security measures.

Serious has security measures in place to protect your personal data from unauthorised access and use. We follow appropriate security procedures in the storage and disclosure of your personal data to prevent unauthorized access by third parties and to avoid accidental loss of your data. We limit access to your personal data to those who really need to access it for professional reasons. The persons who access your data will be subject to a duty of confidentiality towards Serious.

We also have procedures in place to address any suspected data security breach. We will notify you and any relevant supervisory authority in the event of a suspected data security breach where we are required to do so by law.

We also require the persons to whom we transmit your personal data to comply with the above. However, the transmission of information via the Internet is not completely secure. We cannot therefore guarantee the total and complete security of your personal data that you have transmitted to us via the Internet. Such transmission is at your own risk and you acknowledge and agree that we shall not be liable for any unauthorised use, distribution, damage or destruction of your data, except to the extent that the law requires us to bear such responsibility. Once we have received your personal data, we will apply the above-mentioned security measures.

What are your rights regarding your personal data?

In accordance with the applicable data protection law, you may at any time request access to, rectification, erasure and portability of your personal data, or restrict or object to its processing. A summary of these rights is set out below:

Your right of access: the right to receive a copy of your personal data.

Your right to rectification: the right to ask us to rectify any errors in your data or to complete them.

Your right to be forgotten: the right to ask us to delete your personal data, in certain situations.

Your right to restriction of processing: the right to request us to restrict the processing of your personal data, in certain circumstances, for example if you contest the accuracy of the data.

Votre droit à la portabilité des données : le droit de recevoir les données à caractère personnel que vous nous avez fourni, dans un format structuré, couramment utilisé et lisible par Your right to data portability: the right to receive the personal data that you have provided to us, in a structured, commonly used and machine-readable format and/or to transmit such data to a third party, in certain situations.

Your right to object to the processing: the right to object:

— at any time during the processing of your personal data for direct marketing purposes;

— in certain other situations, to the continuation of our processing of your personal data, for example the processing carried out on the basis of our legitimate interests.

Where the processing of your personal data is based on your consent, you may at any time decide to withdraw it. If your consent is withdrawn, this will not affect the processing of your personal data based on other legal bases, such as the execution of your orders and the storage of your order data in accordance with applicable law.

If you no longer wish to receive our advertising or promotional information, we remind you that you can revoke your consent to direct marketing at any time directly from the unsubscribe link included in each electronic message that we send you. If you do so, we will update our databases within a reasonable period of time and take all measures to respond to your request as quickly as possible, but we may continue to contact you as necessary in connection with any product or service you have requested.

You also have the right to lodge a complaint with your local data protection authority in case of an alleged breach of the data protection rules applicable to you.

To exercise any of these rights, please contact us using the details below

Please note that if you exercise any of the rights mentioned above, you will be asked to let us know which right you wish to exercise and to provide us with certain information (copy of an ID card, passport or other legally recognized ID) for identification purposes to process your request and protect you against fraudulent requests from third parties.

Contact us?

For any questions regarding your account, to revoke your consent, to ask general questions or to file a complaint, please contact our customer service department:

– By email: contact@seriousconnection.com

– By mail : Serious 25 Rue de la Gleyzette 31120 Lacroix-Falgarde FRANCE

For questions specifically related to advertising emails, we remind you that you can unsubscribe at any time directly through the “unsubscribe” link contained in all advertising emails that we have sent you.

If you have any questions or concerns about our Privacy Policy or data processing, you can contact the Group Data Protection Officer at the following address: contact@seriousconnection.com

Changes to this privacy policy

This privacy policy reflects our current practices and may be amended or updated from time to time.

When we post changes to this Privacy Policy, we will change the “Effective Date” at the top of this Privacy Policy to indicate when such changes have taken effect.

If we make a material change to this Privacy Policy, we will notify you by way of a notice of the change at the beginning of this Privacy Policy and on the home page of the website www.wawcomponents.com.