Personal Data Protection Policy
From May 25, 2018, the new mutually agreed European General Data Protection Regulation (GDPR) will update personal data rules.
It’s an opportunity to reaffirm our commitment to transparency and to the protection of your personal data, and it allows you to better control how your personal data is used.
We will always keep you informed on data use and ensure we get your full consent before implementing any new processing, should we require to, in line with our legal responsibilities.
1. What Information do we collect?
How To Spa may collect personal information from you. We only collect the minimum adequate information relevant to the purpose of its processing.
Therefore, when you subscribe to our services and use these services, we may collect the following information:
-Identification information such as your full name,
-Contact information such as your full address, email address and phone number,
-Connexion information such as your IP address, log-in and services use history,
-Payment information and purchases history
2. What do we do with your information?
- Information Processing
Your personnal information is only collected and processed to operate and maintain our website and services, in line with the GDPR.
Should you order a product or service from us, the collection and the processing of such information allow the following
– Managing clients’ online accounts
– Identification and authentification of client or user
– Communication with clients such as technical and commercial assistance
– Delivery management
- How long will we keep your personal data?
We will not keep your data for longer than it is necessary to fulfill the purposes for which we have initially collected it as detailed above.
- Who do we share your personal data with?
Your data may be processed by How To Spa employees and we may share your information with our third-party partners or service providers for the purposes of completing tasks and providing services to you on our behalf (for example to complete a product or service delivery or process payments ). In such case, we only disclose the personal information that is necessary for the specific task.
Should any of our partners or service providers require to use your data outside the European Union, be assured that data-sharing will be done according to the GDPR.
- How secure is your personal data with us?
We have put technical and organisationnal security measures in place to ensure the protection and privacy of your personal information. These measures are tailored to the type, range of use and accessibility of your information.
They are used in our client account management and orders processing methods for example.
3. Your rights as a data subject
- What are your rights?
At any time, you have the right to request access to the personal data we hold about you, correct it, ask for the data to be erased from our records (as long as it does not compromise the completion of an ongoing task such as the delivery of a product or service ordered through our website) as well as the right to restrict processing.
You have the right to object to certain processing activities such as direct marketing and you have a right to portability (to have the data we hold about you transferred to another organisation).
- Up-to-date information
Please note it is important that you share up-to-date information with us to allow proper processing of deliveries.
- Requests and complaints
All requests should be made to bonjour@howtospa.com. Identification will be required, so please clearly state your full name in any email and provide a copy of a valid form of ID.
If you have any complaints about the way in which your data is processed and are not satisfied with our response, you have the right to lodge a formal complaint to the CNIL (French Data Protection Regulation Body) – 3 place de Fontenoy – TSA 80715 – 75334 Paris Cedex 07.