Privacy policy

Last updated: October 2024

This privacy policy informs Users of this website about the way in which their personal data is collected and processed, in accordance with French Law No. 78-17 of 6 January 1978 as amended and Regulation (EU) 2016/679 of 27 April 2016.

Article 1. Definitions

Words beginning with a capital letter have the following meanings:

Data Controller: The Data Controller is the natural or legal person who determines the purposes and means of processing, i.e., the objective and the way in which it is carried out.

The Data Controller of personal data is MARTAUD, société par actions simplifiée unipersonnelle, with a share capital of €1,000, registered with the Paris Trade and Companies Register under number 930 711 023, whose registered office is located at 16 rue d’Avron, 75020 Paris.

Site: The website published by the Data Controller, www.martaud.com

User: Any person accessing and browsing the Site.

Personal Data: Any information relating to an identified or identifiable natural person (e.g., names and surnames, age, email or postal address, location, etc.).

Processing of Personal Data: Any operation or set of operations performed on personal data, regardless of the process used (collection, recording, organisation, storage, adaptation, modification, extraction, consultation, use, disclosure by transmission or dissemination or any other form of provision, matching).

Article 2. Processing of Personal Data

Browsing the Site

When browsing the Site, the Data Controller may automatically collect technical data about your equipment, actions and browsing patterns, notably through the use of cookies. Please refer to the cookie policy below for more details on the purpose of data processing, storage periods and your rights.

Contact form

When you submit a request via the contact form, the Data Controller collects your name, email address, phone number, and any information you may provide in your message. We ask you not to include any sensitive information in your message.

The legal basis for this processing is the Data Controller’s legitimate interest.

Data provided for a contact request are stored for three (3) years from the closure of the request. If the contact results in the conclusion of a contract, data are stored for the duration of the contract and for the periods required to comply with legal and regulatory obligations.

Newsletter subscription

When you subscribe to the newsletter, you consent to receiving promotional and advertising information by email. To do so, you provide your email address.

The legal basis for this processing is consent. You may withdraw your consent at any time by clicking the unsubscribe link included in each email.

The Data Controller may also send you commercial communications by email related to products and services similar to those already supplied. The legal basis for this processing is the Data Controller’s legitimate interest. You may opt out of these communications at any time by clicking the unsubscribe link included in each email.

Your email address is kept until you unsubscribe or for three (3) years from the last contact between you and the Data Controller (e.g., a click on a link in an email). Before deleting your email address from the database, the Data Controller may contact you to ask if you wish to maintain your newsletter subscription.

Customer account creation

The personal data collected when creating a customer account are: name, surname, email address. The password chosen by the User is encrypted.

The legal basis for this processing is the performance of contractual or pre-contractual measures.

Customer account data are stored for two (2) years after your last login. After this period, before permanently deleting your data, the Data Controller will send you an email offering you the option to keep your account or delete it.

Processing of orders and pre-orders

When placing an order, you provide certain personal data necessary to process your order (invoice management, delivery and payment, follow-up, customer reviews and after-sales service): name, surname, postal address, email address, phone number for delivery.

This information is only intended for the Data Controller, who may share it with partners, notably logistics partners, solely for the purpose of processing the order.

The legal basis for this processing is the performance of the contract concluded when placing an order or pre-order online.

The following storage periods apply to personal data collected when placing orders and pre-orders on the Site:

• Pending, failed or cancelled orders: 6 months
• Completed orders: 2 years in active storage, then 3 years in intermediate storage
• Invoices: 10 years in intermediate storage

Article 3. Data Recipients

The Data Controller may share your data with the following categories of recipients:

• Internal staff authorised by virtue of their duties and responsibilities.

• Service providers for payment, identity and banking verification, delivery, newsletter distribution.

• Subcontractors for the performance of its business activities. The Data Controller requires all third-party providers to respect the security of personal data and process them lawfully, only for specific purposes in line with the Data Controller’s instructions, and never for their own purposes.

• Advisors subject to professional secrecy (legal, accounting, banking, insurance).

• Third parties upon request from a public or administrative authority, to comply with legal requirements or proceedings, or to defend its interests in court.

Article 4. Transfer of Data outside the European Union

The Data Controller may share your data with service providers located outside the European Economic Area (EEA).

In such cases, the Data Controller ensures that your data are transferred to countries whose level of protection has been deemed adequate by the European Commission, or, where this is not the case, that appropriate safeguards are in place to ensure secure transfer of your data, such as signing standard contractual clauses approved by the European Commission with the data recipient.

Article 5. Data Security

The Data Controller takes appropriate technical and organisational measures to prevent unauthorised access, disclosure, alteration or loss of personal data.

When you transmit credit card information during payment, SSL encryption technology secures your transactions.

Article 6. User Rights and Exercise

The User has the following rights:

- Right of access: to obtain confirmation whether personal data are being processed and, if so, to access them and related information.

- Right of rectification: to request correction of inaccurate or incomplete data as soon as possible.

- Right to restriction of processing: to request that data processing be restricted (data are frozen without being erased).

- Right to object: to object at any time to the processing of personal data, unless the Data Controller demonstrates compelling legitimate grounds.

- Right to withdraw consent at any time (e.g., unsubscribing from the newsletter).

- Right to data portability: to receive personal data processed automatically on the basis of a contract or consent and transfer them to another controller.

- Right to provide instructions regarding the fate of personal data after death.

The User may exercise these rights by sending a request:

- By email to: hello@martaud.com
- By post to: MARTAUD SASU, 16 rue d’Avron, 75020 Paris, France

Your request will be processed within one month of receipt. In case of doubt about your identity, we reserve the right to request proof of identity. A copy of such proof will be kept for one year. Other data relating to your request (title, name, surname, nature of the request, response provided) will be kept for 3 years.

The Data Controller undertakes to comply with your instructions concerning the retention, deletion and disclosure of your personal data after your death. In the absence of such instructions, the Data Controller will comply with requests from heirs, as provided by applicable law.

If you believe that your personal data or rights are not being processed in accordance with the law, you have the right to lodge a complaint with the CNIL: CNIL – 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07.

Article 7. Updates

This policy may be updated at any time, particularly in the event of new data processing, or pursuant to legal and/or regulatory requirements and/or CNIL recommendations. We invite you to consult the latest version of this page before browsing.

Article 8. Cookie Policy

The Data Controller uses cookies. A “cookie” is a small text file containing information specific to the User of the Site. It is stored on the User’s hard drive and can only be read by the server that provided it.

For example, cookies help us remember your username during your next visit, understand how you interact with our content and improve it based on collected information.

Some cookies are essential for the Site to function. Other cookies are optional and require your consent to be placed on your browser.

You can configure your browser to block all cookies, but blocking essential cookies may prevent the Site from functioning properly.

No non-essential cookies are placed on your browser upon arrival on the Site. A pop-up window allows you to make your choices. You may accept all cookies, continue without accepting, or set your preferences by accessing the details of the categories of cookies that may be used. You can change your choices or withdraw your consent at any time by accessing the interface via the dedicated link or widget.