🚚 Free delivery in France from €49 of purchase 🌍 Shipping across the European Union

Personal data processing policy by EASYPARA

Scope of the present Policy

The purpose of this "Personal data processing policy" (hereinafter referred to as "Policy") is to inform you on processing of personal data by EASY PARA PHARMACIE, S.A.S. registered with the RCS under number 499 531 457, whose registered office is at 47-49-PROMENADE CORNIGLION MOLINIER 47 BD RENE CASSIN 06200 NICE (hereinafter referred to as "EASYPARA").

 

The Policy pursues two main goals:

  • enable you to understand what is personal data processed by EASYPARA and how and why it is processed;
  • advise on how you may exercise your rights.

 

What are main regulations governing your personal data processing ?

A number of European and national regulations govern your personal data processing. Although not exhaustive, the purpose of this list is to inform you on the main regulations applicable and, where appropriate, enable you to access and get acquainted  with these regulations.

 

 

What personal data is processed by EASYPARA?

Personal data categories processed by EASYPARA depend on your situation. The nature of the data collected and processed by EASYPARA is likely to vary depending on whether or not you have already made a purchase with EASYPARA.

 

The table below shows which data categories are processed by EASYPARA depending on your situation:

 

At what point is this data collected and processed? ?

What categories of data are being collected and processed?

Example of data collected and processed

When you visit websites and applications published by EASYPARA  (e.g :  https://www.easypara.com

) within the framework of  EASYPARA «Cookies Policy»

Navigation data

  • Pages that you visit ;
  • Content you interact with;
  • Technical identifiers ;
  • Characteristics of the devices you use to visit the websites and applications published by EASYPARA (device model, browser type and version, operating system characteristics, language of use, etc.).
  • IP address;
  • Type of network connexion that you use (Wi-Fi, 4G, Bluetooth, etc.) ;
  • Etc.

 

When you create an EASYPARA account

 

Account data

The data you mention in EASYPARA « registration form» and/or the data taht you decide to add and/or modify at a later time in the varius EASYPARA screens (your account options, orders, etc) is processed by EASYPARA, namely :

  • Data relating to your identity (first and last name) ;
  • Contact details (e-mail) ;
  • Data enabling your EASYPARA account management (your choice in terms of receiving e-mail communications, your password stored in an encrypted form in our databases, etc.).

When you choose to create an EASYPARA account and/or place an order by being connected to the account of a third service that you already have (GOOGLE, AMAZON, FACEBOOK, etc.), this third service transmits to EASYPARA personal data concerning you. This includes in particular following data:

  • Data relating to your identity (title, surname and first name);
  • Contact details (e-mail, telephone addresses).

When you make a purchase with EASYPARA

 

Purchase data

  • Details of products purchased (product reference, quantities, price, etc.);
  • Date of purchase.

 

When you make an online purchase with EASYPARA

Payment Data

 

  • Details of the payment method used;
  • Credit card details if you use this method of payment;
  • Transaction details.

 

When you make a request to EASYPARA customer service and/or EASYPARA customer service contacts you as part of processing a purchase made with EASYPARA.

 

Customer Service Data

 

  • Customer identity details;
  • Customer contact details ;
  • Communications between the customer and EASYPARA customer service.

When you use one of EASYPARA websites and applications as a logged-in user

 

Activity data

  • Your login activities as an EASYPARA account’s user;
  • Activities you carry out as a logged-in user (adding a product to your "wish list", changing your contact details, etc.) on the websites and applications published by EASYPARA.

 

When you read an e-mail sent to you by EASYPARA

Activity data

 

  • Data related to  opening of EASYPARA e-mails, and clicks on the links contained therein.

When you use one of the websites and applications published by EASYPARA as a logged-in user

Review & Survey Data

  • Reviews you submit to EASYPARA and/or write on EASYPARA websites and applications related to products marketed by EASYPARA and services provided by EASYPARA;
  • Your anwsers to satisfaction surveys sent by EASYPARA (stars awarded, comments, etc.)

 

For what purposes is my personal data processed by EASYPARA? On what legal grounds?

When your personal data is processed by EASYPARA, it may be processed, depending on your situation, for several purposes and compliant to different legal bases. To understand what a legal basis is, please read the provisions of Article 6 of the "Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data".

 

Please consult the table below to know the purposes for which your personal data may be processed by EASYPARA depending on your situation.

 

For what purposes is my data processed?

What does this purpose consist of?

What is the legal basis for this processing?

Managing of EASYPARA user accounts

EASYPARA processes your Account Data to enable you to benefit from the services on its website and application (creation of product "wish lists", etc.) and to place orders.

 

For this purpose, EASYPARA may occasionally send you service messages by e-mail related to the use of your EASYPARA account.

You may delete your EASYPARA account at any time by making a deletion request using the relevant page.

 

Processing is carried out based on EASYPARA legitimate interests for the customers who have not placed an order with EASYPARA.

 

Processing is carried out on the basis of contractual measures performance for the customers who have placed an order via their EASYPARA account.

Processing of orders, delivery, payments, service performance or goods’ supply

EASYPARA processes your Account Data, your Purchase Data and your Payment Data in order to manage and deliver your order.

Processing is carried out on the basis of contractual measures performance (the act of purchase that you performed with EASYPARA).

Management and implementation of the various guarantees applicable to sales (commercial guarantee, legal guarantee of conformity and guarantee against hidden defects)

 

EASYPARA processes your Account Data, your Purchase Data
your Payment Data and Customer Service Data, in order to ensure the implementation of guarantees for your purchases.

The management and implementation of the legal guarantees of conformity and hidden defects are carried out on the basis of the regulatory obligations incumbent on EASYPARA (in particular by virtue of articles L217-3 to L217-17 of the French Consumer Code and article 1641 of the French Civil Code). The management and implementation of EASYPARA's commercial guarantees are carried out on the basis of the execution of contractual measures for customers who have placed an order via their EASYPARA account.

Manage complaints and requests sent to EASYPARA customer service

Depending on the nature of your request, Customer Service Data, Account Data, Purchase Data and Payment Data may be used by EASYPARA to provide you with a satisfactory response and to enable you to make full use of its services.

 

Processing is carried out on the basis of the legitimate interests of EASYPARA for the customers who have not placed an order with EASYPARA.

 

Processing is carried out on the basis of contractual measures performance for the customers who have placed an order with EASYPARA.

Communicating generic commercial information to EASYPARA users

Your Account Data is used by EASYPARA to send you email communications on its products and services.

The legal basis for this processing is dependant on your status:

 

  • If you are an EASYPARA customer (having already made a purchase with EASYPARA), EASYPARA will send you an e-mail based on its legitimate interests of communicating on similar goods and products;
  • If you have never made a purchase with EASYPARA, its e-mail communications are sent subject to your prior consent.

Communicate personalized commercial information to EASYPARA users

 

 

Based on a combination of your Browsing Data, Account Data,  Activity Data and  Purchase Data, the advertisements displayed to you on the EASYPARA website and application and/or on third-party platforms, as well as the commercial communications sent directly to you by EASYPARA (e.g. by e-mail) are customized according to your presumed preferences.

 

In order to determine which types of products are likely to be of interest to you, EASYPARA analyses and predicts your personal preferences. This operation is described as "profiling" by the RGPD.

 

EASYPARA's legitimate interests in offering customized commercial content based on preferences of its current and potential customers.

Carrying out satisfaction surveys, customer studies and opinion polls

 

EASYPARA processes your Review and Survey Data in order to understand its users and customers’ preferences and to identify ways of improving its products and services.

 

Review and Survey Data may be matched with your Account Data and Purchase Data to help EASYPARA analyze your explicit  answers related to your activity on the EASYPARA websites and applications.

 

EASYPARA's legitimate interests in offering customized commercial content based on preferences of its current and potential customers.

Processing user and customer reviews on products, services or content.

EASYPARA processes Review and Survey Data and your Account Data to enable you to give your opinion on the products marketed and services provided by EASYPARA.

 

EASYPARA's legitimate interests in offering customized commercial content based on preferences of its current and potential customers.

Evaluate the audience for the EASYPARA website and application in order to meet various needs (performance measurement, detection of browsing problems, technical performance optimisation or ergonomics, estimation of server power required, analysis of content consulted, etc.).

 

Your Browsing Data is processed for this purpose when you use the EASYPARA website and application and you have accepted cookies and other similar devices.

 

Your data is processed on the basis of your prior consent. You can object to the deposit and/or use of these cookies by visiting our Cookies Policy.

 

In addition to the aforementioned purposes, additional personal data may be collected and processed by EASYPARA and/or by third parties by means of cookies and other tracers. To understand how these technologies are used and what their effects are, please consult our Cookies Policy.

 

How long is your personal data processed by EASYPARA kept?

EASYPARA has determined and implemented measures to ensure that your personal data is processed for no longer than is necessary for the purposes for which it is processed.

 

At the end of these periods, EASYPARA purges and/or anonymises the personal data processed, with no proactive action required on the part of individuals concerned.

 

The table below lists the retention periods for personal data determined and implemented by EASYPARA depending on the situation in question:

 

Individuals concerned by the purging measure

Personal data concerned by the purging measure

Period after which personal data is purged

EASYPARA website and application user owning an EASYPARA account:

  • not being an EASYPARA customer  ;
  • and not having confirmed their account e-mail address

 

 

All the data relevant to the user (Account Data, Activity Data, etc.)

 

Once the purge has been carried out, users will no longer be able to access their EASYPARA account.

 

30 days after the account creation.

EASYPARA website and application user owning an EASYPARA accoun :

  • not being an EASYPARA customer.

All the data relevant to the user (Account Data, Activity Data, etc.)

 

Once the purge has been carried out, users will no longer be able to access their EASYPARA account.

 

 

As long as the user is considered active by EASYPARA.  A user is considered inactive if :

  • he has not logged into his/her EASYPARA account for over 24 months; or
  • whose e-mail address has become invalid (« hard bounce »).

User of EASYPARA websites and applications owning an EASYPARA account :

  • being a customer of EASYPARA.

All the data relevant to the user (Account Data, Activity Data, Purchase Data etc.)

with the exception of data required by EASYPARA to comply with its regulatory obligations in accounting and tax matters (See below).

 

Once the purge has been carried out, users will no longer be able to access their EASYPARA account.

As long as the user is considered active by EASYPARA.  A user is considered inactive if :

  • he has not placed an order with EASYPARA for at least 3 years ; and
  • he has not logged into his or her EASYPARA account for more than 36 months;
  • and not having clicked on a hypertext link contained in an e-mail sent by EASYPARA.

EASYPARA Customers

 

All data strictly necessary to enable EASYPARA to comply with its accounting and tax obligations, in particular, invoices for goods sold, including Account Data and Purchase Data.

 

 

10 years from the date of issue (example: 10 years from the date of an invoice issue).

EASYPARA customers who have paid by credit card

Bank card number used for payment and its expiry date

The bank details used for payment are kept until the reception of the goods ordered, plus the withdrawal period.

 

By way of derogation, the card number and validity date are deleted after a period of 13 months, following the debit date, or 15 months for the deferred debit cards, for the purposes of processing transaction related disputes and complaints.

Individuals who have made a request to EASYPARA Customer Service

 

All data necessary to address the request of the person concerned, i.e. Customer Service Data and, where applicable, Account Data, Purchase Data and Payment Data.

 

1 year after the request is closed.

EASYPARA website and application visitors who are not logged into an EASYPARA account

 

  • Browsing Data

 

 

13 months from the date of data collection.

 

In the context of certain exceptional situations, your data may be kept for longer than these periods (non-exhaustive list: in case of a dispute, when ordinary and extraordinary means of appeal are no longer possible against the decision made; for the purposes of complying with certain legal obligations incumbent on EASYPARA; at the request of a legal authority, etc.).

 

Who are your personal data recipients?

 Recipients acting as separate data controllers

 

EASYPARA attaches a great importance to not disclosing your personal data to third parties. This is why the transmission of your data to third parties, acting in their capacity of data controllers, is strictly limited to the following situations:

  • When you place an order with EASYPARA, your Account Data and your Purchase Data, which are strictly necessary to manage your order delivery, are transmitted to the carrier you have selected.
  • When you place an order with EASYPARA and you choose to pay via PAYPAL, AMAZON PAY or SCALAPAY, your Account Data and your Purchase Data, which are strictly necessary for the management of your payment, are transmitted to the payment service provider that you have selected.
  • When EASYPARA whises to communicate personalised commercial information to you via third-party platforms (for exemple, displaying an advertisment promoting EASYPARA products or services on a third-party site not owned by EASYPARA), your Browsing Data, Account Data, and Purchase Data are transmitted to EASYPARA's advertising partners.

 

Finally, and in accordance with the rules to which all entities established in France are subject, some of your data may be accessible to authorized third parties or public bodies in order to comply with any law or regulation in force, to which EASYPARA is obliged to respond (judicial or administrative request, etc.).

 

Recipients acting as subcontractors

 

In order to ensure the proper functioning of its website and application, EASYPARA relies on specialized service providers. Within this framework, your personal data is also processed by these specialized service providers (legally qualified as EASYPARA "subcontractors”), acting solely on the instructions of EASYPARA.

 

These subcontractors do not determine the essential purposes and means of your personal data processing: they process your personal data solely on behalf of EASYPARA. The main types of subcontractors used by EASYPARA are as follows: :

 

  • Data hosts ;
  • Outsourcing and IT security companies ;
  • Software publishers;
  • Routing service providers (these service providers enable EASYPARA to send you e-mails) ;
  • Etc.

 

In order to protect your personal data, EASYPARA only uses subcontractors who offer robust guarantees of security and compliance. A legal document systematically governs the relationship between EASYPARA and its subcontractors.

 

Where your personal data is processed ?

 

Wherever possible, your personal data is hosted and processed within the European Union. EASYPARA carries out all its activities from France.

 

However, some of the sub-contractors used by EASYPARA may transfer personal data outside the European Union subject to implementation of relevant guarantees (in particular, signing of standard contractual clauses adopted by a supervisory authority or the European Commission) and/or by virtue of an adequacy decision by the European Commission to a country ensuring an adequate level of protection.

 

In such cases, we take particular care to ensure that these transfers are made in compliance with the applicable regulations and to subcontractors who undertake to deploy solid measures to protect your personal data.

 

What rights do I have over my personal data and how may I exercise them?

Under the current regulations, you have the following rights with regard to your personal data :

 

  • Right of access to your personal data (right to obtain confirmation from EASYPARA as to whether or not personal data related to you is processed by us, information concerning the processing carried out and access to said personal data);
  • Right to rectify any of your personal data that proves to be inaccurate;
  • Right to erase your personal data. This right is subject to certain conditions detailed in the article 17 of the RGPD ;
  • Right to restrict the use of your personal data. This right is subject to certain conditions detailed in the Privacy Policy. article 18 of the RGPD ;
  • Right to your personal data portability (right to receive personal data related to you and/or the one you have provided to EASYPARA in a structured, commonly used and machine-readable format). This right is subject to certain requirements detailed in article 20 of the RGPD ;
  • Right to object to the processing carried out. This right is subject to certain requirements detailed in the article 21 of the RGPD ;
  • Right to define the fate of your data after your death and to choose whether or not EASYPARA communicates your data to a third party that you have previously designated.

 

Ultimately, you have the right to file a complaint to the competent institution in your country or directly to the European Union. Please contact EASYPARA prior to filing a complaint so that we may respond to your requests and expectations.

 

Exercise your rights addressing EASYPARA's DPO

To exercise your rights, you can make a request:

  • by e-mail to the following address:  donneespersonnelles@easyparapharmacie.com ; or
  • by post to the following address : EASYPARA - Data Protection Officer - Protection des données personnelles - 47 Boulevard René Cassin - 06200 Nice - FRANCE.

You are also informed, in accordance with Article 13-1, b) of the RGPD, that an external entity Mon DPO externe has been appointed as Data Protection Officer ("DPO") by the French Data Protection Agency (CNIL), on behalf of EASYPARA company. You may contact the DPO directly using the contact form provided on its website.

 

Exercising your rights directly from your EASYPARA account

As an EASYPARA user, you also have the option of exercising some of your rights directly, and independently, from your EASYPARA account. In particular, you may :

 

THE #EASYPARA NEWSLETTER
Join our 100% beauty and well-being community to enjoy our latest news and exclusive offers, specially designed for you. We are there to be by your side!
First Name
Email

The data transmitted via this form is intended for EASYPARAPHARMACIE ("EASYPARA") use in its capacity of data controller. It is processed with your consent for the purpose of sending you personalized commercial information by e-mail related to the activities and products marketed by EASYPARA. You may withdraw your consent to receive these newsletters by using the unsubscribe links imbedded in each email sent by EASYPARA.


You have the right to file a complaint with the competent supervisory authority, to define directives concerning the conservation, deletion and communication of your data after your death, as well as a right of access, rectification, deletion, limitation, portability and opposition on legitimate grounds of the personal data related to you. To exercise any of these rights, please send your request by e-mail to the following address: donneespersonnelles@easyparapharmacie.com or by post to: EASYPARA - Data Protection Officer - Protection des données personnelles - 47 Boulevard René Cassin - 06200 Nice - FRANCE.


For more information on processing of your personal data, please consult our EASYPARA personal data processing policy.

My items (0)