Skip to content

Cart

Your cart is empty

Privacy policy

PRIVACY POLICY

Terms beginning with a capital letter that are not defined in this document will take the meaning that is given to them in the General Terms and Conditions

1. PURPOSE OF THIS PRIVACY POLICY

The purpose of this policy (hereinafter the “Privacy Policy”) is to inform the Client about the ways in which Défi International, in its capacity as data controller, collects personal data, in strict compliance with the Client’s rights.

Mindful of its Clients’ right to privacy, Défi International, the data controller, undertakes that the personal data of its Clients and Website users is processed in accordance with law n° 78-17 of January 6 1978 as amended, relating to data processing and protection, and EU regulation (UE) 2016/679 of April 27 2016 known as the “European Data Protection Regulations”.

2. DEFINITION AND NATURE OF PERSONAL DATA

using the Website, Défi International is likely to collect personal data relating to the Client.

The term “personal data” refers to all information concerning the Client and which enables his/her identification.

When using the Website, Défi International may collect the following personal data:

  • Surname, names and pseudonym,
  • Postal and electronic mail addresses,
  • Telephone numbers,
  • Date of birth,
  • Data relating to transactions made on the Website,
  • Order, Subscription, Formula details,
  • Bank card details,
  • Any other information that the Client agrees to provide to Défi International.

When using the Website, Défi International is likely to collect, in accordance with applicable legislation and with the Client’s agreement, as applicable, information relating to the devices on which the user uses the Website, such as in particular IP addresses, connection data, the type and version of web browser used, types and versions of browser plugins, operating systems and platforms, clickstream data from the Website, user preferences.

3. IDENTITY OF THE DATA CONTROLLER

The entity in charge of collecting your personal data is the company Défi International, a limited liability company registered with the Trade and Company Registry of Paris under n° 535 165 674, whose head office is located 5 rue Pierre Chausson 75010 Paris (referred to herein as «Défi International»).

4. LEGAL BASIS

The legal basis for processing is consent. The supply of personal data is necessary for the performance of the services offered by Défi International, if this personal data is not supplied it is likely that the Services provided by Défi International will no longer be able to be performed.

5. PROCESSING PURPOSES

Your personal data is collected in order to meet one or more of the following purposes:

  • (i) Account creation and Account management ;
  • (ii) to manage access to the Services available from the Website and their use,
  • (iii) to carry out operations relating to Client management concerning Orders, Subscriptions, Formulas, deliveries, invoices, loyalty programs, client relation follow-up,
  • (iv) to produce a file of registered members, users, clients and prospects,
  • (v) to send out newsletters, canvassing and promotional messages, if the Client has given his or her consent,
  • (vi) to produce business and Website traffic statistics,
  • (vii) to organize competitions, lotteries and all promotional operations, excluding gambling and games of chance subject to approval by the on-line Gaming Authorities,
  • (viii) to manage person’s reviews of Products, Services or content,
  • (ix) to manage non-payments and any disputes as to the use of Products and Services, (x) to comply with our legal and regulatory obligations.

It is indicated, when collecting personal data, whether certain information is compulsory or if it is optional.

6. THE RECIPIENTS OF THE DATA THAT IS COLLECTED

Only Défi International staff, the departments in charge of inspection (in particular the auditor) and sub-contractors have access to personal data.

Other potential recipients of personal data are public bodies, exclusively for compliance with Défi International’s legal obligations, court officers, ministerial offices and bodies charged with debt recovery.

No personal data is transferred outside the Economic Area of the European Union.

7. SALE OF PERSONAL DATA

The Client’s personal data will not be sold, leased or exchanged in favor of a third party.

8. PERSONAL DATA CONSERVATION PERIOD

(i) Concerning data related to Client and prospect management:

Personal data will not be conserved for any longer than is strictly necessary for the management of the business relationship between Défi International and the Client. However, data that can be used to provide evidence of a right or contract, or that must be conserved in compliance with a legal obligation, will be conserved for the period of time provided for by the law that is in effect. Further, in case of dispute or non-compliance with the General Terms and Conditions, Défi International reserves the right to keep all of the data that it deems necessary throughout the length of the proceedings or the time taken to settle the dispute.

Concerning any prospection operation aimed at Clients, their data may be conserved for a period of three years from the end of the business relationship.

Personal data related to a prospect, not a client, may be conserved for a period of three years from the date of its collection or the date of final contact on the part of the prospect.

At the end of this three-year period, Défi International may make contact with the Client or the prospect to find out if they wish to continue receiving business offers.

(ii) Concerning identity documents:

In the event that a right of access or rectification is exercised, data from the identity documents may be conserved for the period provided for in article 9 of the penal procedure code, that is one year. In the event that a right to set aside is exercised, this data may be archived during the prescription period provided for by article 8 of the penal procedure code, that is three years.

(iii) Concerning bank payment card details:

Financial transactions relating to the payment of purchases and costs via the Website are processed by a payment services provider, which ensures their proper processing and security.

For the purposes of these services, this payment services provider may need to receive Clients’ bank payment card numbers and details, which it will collect and conserve on behalf of Défi International. The Client can consult the applicable terms and conditions at the following address (insert Adyen T&Cs)

Défi International does not have direct access to this data.

So that the Client can make regular purchase or pay related costs on the Website, his or her bank payment card details will be conserved during the time that he or she is registered on the Website and at the very least until the time that the Client makes his or her final transaction, not exceeding a period of thirteen (13) months.

By checking the box specifically provided to this end on the Website, the Client gives his or her express consent to this data being conserved.

Details of the security number, or CVV2, printed on the bank payment card, is not stored.

If the Client refuses that personal data relating to his or her bank card details be conserved under the conditions set out herein, said data will not be conserved for any longer than is necessary to allow the transaction to be processed.

In any case, data relating to bank card details can be conserved for use as evidence in the event that a transaction is contested, in intermediate archives, for the period provided for in article L 133-24 of the French Monetary and Financial Code, in this case thirteen (13) months following the date of debit. This period can be extended to fifteen (15) months in order to take into account the possibility of using deferred payment cards.

(iv) Concerning the management of lists of prospection refusals:

Information that can be used to take into account the right of refusal is conserved for at least three (3) years with effect from the date on which the right of refusal is exercised.

(v) Concerning audience measurement statistics:

Information stored in users’ terminals or any other element used to identify and track users or Website traffic will not be conserved for more than six (6) months.

9. SECURITY

Défi International takes all necessary precautions, the appropriate organizational and technical measures to protect the security, integrity and confidentiality of its Clients’ personal data, and in particular to prevent it from being distorted or damaged, or its unauthorized access by third parties.

To ensure the security of personal data, Défi International has notably put into place measures such as:

  • Access management – authorized person;
  • Storage on secure servers;
  • User name / password.

10. COOKIES

Cookies are text files, often encrypted, stored in the browser. They are created when a user’s browser downloads a given internet site: the site sends information to the browser, which creates a text file. Each time the user returns to that same site, the browser retrieves the file and sends it to the internet site server.

There are two types of cookies, which are not used for the same purposes: technical cookies and advertising cookies:

  • Technical cookies are used while browsing in order to facilitate and execute certain functions. A technical cookie can, for example, be used to memorize information completed on a form or user preferences for the language or presentation of a website, when such options are available.
  • Advertising cookies can be created not only by the website that the user is browsing, but also by other websites broadcasting commercials, advertisements, widgets or other elements on the page that is displayed. These cookies can be used in particular to create targeted advertisements, that is to say advertisements that are determined according to the user’s browsing.

Défi International uses technical cookies. These are stored in the Client’s browser for a period of 6 months.

Défi International may use advertising cookies. In this case, Défi International will first inform the Client and offer the possibility, as applicable, to turn these cookies off.

Défi International uses Google Analytics, which is a statistical audience analysis tool that generates a cookie used to measure the number of Website visits, the number of pages viewed and visitor activity. The IP address is also collected to determine from which city the Website user is connecting. The length of time that this cookie is conserved is given in article 7 (v) of the Privacy Policy.

It is reminded, for all intents and purposes, that it is possible to refuse cookies in the browser settings. Refusal may, however, prevent the Website from functioning properly. For more information on setting up cookies depending on the browser:

11. CLIENT RIGHTS

In accordance with law n° 78-17 of January 6 1978 relating to data processing and protection, the Client has the right to obtain communication and, where necessary, rectification, limitation or removal, together with portability, of his or her own data.

The Client also has the right to give instructions about the use that can be made of his or her personal data after his or her death, and to make a claim to the French National Commission for Data Protection.

Finally, the Client has the right to obtain a copy of his or her personal data held by Défi International. In this case Défi International may have to check the Client’s identity and will endeavor to comply with this request as quickly as possible.

To exercise these rights the Client is invited to contact Défi International via:

  • our contact form,
  • The Account on the Website ;
  • The postal address: 5 rue Pierre Chausson, 75010 Paris.

For more information: https://www.cnil.fr/fr/les-droits-pour-maitriser-vos-donnees-personnelles.

12. AMENDMENTS

Défi International reserves the right, at its sole discretion, to amend this Privacy Policy at any time, in whole or in part, obtaining the Client’s agreement if necessary. Such amendments will take effect from the date on which the new charter is published.

13. EFFECTIVE DATE

This Privacy Policy comes into effect on August 19, 2019.