Privacy policy

Definitions :
Owner/Company: Société Cyrille Mathon – 32, impasse de la Diat – 38660 Saint-Bernard-du-Touvet – France
SIRET: 42384616100100036

The Site:

Publication manager: Cyrille MATHON
The publication manager is a natural person.

Webmaster: Cyrille MATHON

Host: OVH SAS – 2 rue Kellermann 59100 Roubaix 1007

Data Protection Officer: CYRILLE MATHON

The Owner is concerned about protecting your privacy and the confidentiality of your personal data.
The purpose of the rules below is to describe and inform you of the processing that can be carried out via the Site with your personal data.
They enable us to inform you of the identity of the controller, who controls and manages the personal data collected via the Site, as well as the personal information collected, the purposes and methods of processing, the presence of cookies and their usefulness, the extent of data transfers. Similarly, these rules specify the security measures put in place by the Owner to protect your data, and inform you of all your rights over your personal data, in accordance with European Union regulations. It should be noted that this regulation only concerns citizens of the European Union.

The rules in force are those published on the Site. They can be modified and updated by us. This is why we invite you to consult them regularly, in order to stay informed of the various changes.

Who manages, and who is responsible for, your personal data collected through the Site?

This Site, including in particular its content, its domain name, as well as the management of the sale of products, is administered by the Owner, the Webmaster and the Publication Manager and the Data Protection Officer
The Host may store certain data from the Site. However, these data are only processed by authorised and qualified personnel in order to be able to process them.

What personal data is collected when using the Site? For what purpose? Can you refuse this collection and the resulting processing?
Through our Site, we collect various personal data concerning you and process them for the purposes described below:

Supply of products:
When you purchase products via our Site, we will process your personal data, in particular to provide you with the said products, process your order and ensure delivery.
To do this, we will use the information we have collected directly from you, such as your first and last names, email and postal addresses, user names, passwords and other information that allows us to identify and authenticate you.
Similarly, we will have to process transactional information about you, including products and details of previous orders (delivery and billing addresses, payment authorizations) to satisfy your request to purchase products.

Provision of services:
You may contact us to benefit from services, such as technical questions about our products. These services also allow us to ensure the functionality and safety of our products and users.
– To enable these services to be carried out properly, we must process the following data, collected directly from you: your full name, email address and country of residence.

User communication and marketing:
The processing of personal data for marketing and non-commercial emailing purposes is only possible if you wish. In any case, this processing operation is subject to your consent, which you may revoke at any time and free of charge (see section on the rights of the data subjects).
If you consent to the processing of your personal data for this purpose, we may send you promotional products, news and other promotional and non-commercial information, inform you of the various events and events related to the Cyrille Mathon Company.
The personal data collected for this purpose concerns your surname, first name, email address, country of residence and language.

Site management:
During a simple visit or consultation of our Site, without any purchase of our products, no personal data concerning you is collected or processed. The data collected during these operations are the so-called “navigation” data, and refer to the data collected by cookies (see section below).
This data does not allow us to identify you individually or even to associate you with this data. They are only processed for the purpose of audience, statistics and improving the user experience when you visit the Site.
You may refuse to provide us with this data, but it should be noted that some information is necessary to fulfill the purposes described above (excluding the management of the Site, for which some cookies may be disabled).
The communication of data for survey, statistical and marketing purposes is in no way mandatory, and the refusal to communicate them will not in any way impede the fulfilment of our contractual obligations to you, or the provision of services via the Site.

Does the Site use cookies? What is their role?
The Site does use cookies. For more information on cookies, we invite you to visit this page.

Is your data communicated/transferred to third parties? Are these third parties in the European Union? Why these transfers?
In addition to the communication of certain data to the Company’s internal and external services for the purposes of their missions, your personal data may be transferred to third parties within the European Union, to whom we authorise the processing of your data, on behalf of the Company and for the sole purposes we inform them. We therefore require these third parties to comply with this Charter and also with European Union regulations.
These third parties are service providers providing technical (data hosting, Site features), logistical (delivery of products or promotional materials) or other services.
The processing of transactions and payments for the purchase of products via our Site is also entrusted to third parties located in the European Union, which, in addition to complying with the Charter and regulations of the European Union, are bound by obligations of security and confidentiality of personal data and information relating to bank cards.
In any case, your personal data will not be transmitted to third parties who are not related to the Company, or who do not carry out any mission or service for the Company. Nevertheless, they may be communicated if required by law or regulation to do so by the Company, in particular in the event of legal proceedings or requests from judicial or administrative authorities.

What types of measures does the Company implement to ensure the security of your data?
As the Company is concerned about the protection of your personal data, we put in place a series of security measures to prevent the loss and destruction of your data, as well as the unauthorized disclosure, collection and use of your data.
These measures are both “organisational” and “technical”.
Indeed, we ensure that your data are processed by staff and third parties subject to an obligation of confidentiality, by means of a contract, so that they can only process them for the assignment we have entrusted to them.
Similarly, a security incident management procedure has been adopted and implemented within our departments to effectively and quickly counter possible computer attacks.
In terms of technical measures, we have put in place secure access management, which includes limiting access by IP address or double authentication, so that only precisely determined individuals cannot access and process your data.
In order to control these accesses, we also log data access events, so that we know who may have had access to your personal data and when.
Finally, we have an SSL certificate, which ensures a secure connection and data transmission between the servers and your browser. The secure connection is symbolized by the acronym “HTTPS” (Hypertext Transport Protocol Secure) in the link on our Site.

Does the Site contain elements, links controlled by third parties? Is the Company responsible for these elements?
The Site may contain elements and links to other sites controlled by third parties. This may include, for example, links to websites or social networking sites (such as Facebook, Twitter or others).
By consulting these different links, social networks and other sites will have access to many data about you. These data will be processed by these sites and social networks. We recommend that you consult their privacy policy to find out how your data is collected and processed.
The Company has no access to or control over these elements, links, cookies or other technologies owned and operated by these third parties located on our Site or on the site of this third party to which you can access through our Site. Similarly, we cannot control the methods of processing and the purposes of processing personal data carried out by these third parties. Consequently, the Company declines any responsibility concerning these sites, elements, cookies or other devices held and operated by third parties.

What rights do I have over my personal data collected and processed by the Company?
European Union regulations, in particular Regulation (EU) 2016/679 on the protection of personal data, give you a number of rights over your data, details of which are given below.
To exercise your rights, you can contact us at any time, and free of charge, at the following address: with a copy of your identity document.

Right of access:
This right allows you to contact us and obtain confirmation from us that your data are or are not processed and, if they are, to obtain various information relating in particular to the purposes of the processing operation(s), the categories of data processed, the possible recipients of such data, etc.
In exercising this right, we will provide you with a copy of your personal data being processed. Please note that we may require you to pay a fee for any additional copies.

Right of rectification:
The right of rectification allows you to complete your personal data, and/or to obtain from the Company the rectification of personal data concerning you that may prove to be inaccurate.
Right to limitation of processing:
This right allows the Company to restrict the use of your personal data for one or more purposes, and may be exercised in the following cases:
1. When you dispute the accuracy of the personal data you have provided, this within the time period necessary for the Company to verify this accuracy;
2. When the processing is unlawful, but you object to the deletion of your data;
3. When your data are no longer required for the purpose of the processing, but are necessary for the establishment, exercise or defence of legal claims;
4. When you have objected to the automated processing of your data.
This data will no longer be processed, and will only be processed with your consent. However, it should be noted that your data remains in the Company’s custody.
Finally, before it takes place, you will be informed of the lifting of the restriction on the processing of your data, for example when the personal data are found to be accurate or the processing becomes lawful.

Right of opposition:
This right allows you to object to the processing of your personal data for certain purposes. We will then no longer be able to process your data, unless we can demonstrate to you that such processing is necessary for the Company, in particular for the establishment, exercise or defence of legal rights.
You may also object to the processing of your personal data for prospecting purposes at any time and free of charge.

Right to data portability:
This right allows you to receive your personal data that you have provided us with free of charge and to transmit them to a new data controller, either by your own means or through the Company where technically possible.
This right may be exercised when the processing is based on your consent or on the application of a contract, or when the processing of your data is carried out by automated means.
The exercise of this right does not affect the exercise of the right to erase your data.
It should be noted that, in the event of manifestly unfounded or excessive requests, we reserve the right, at our sole discretion:
1. To require the payment of certain fees to take the requested action, or
2. To refuse to comply with these requests.

Right to erase (known as the “right to forget”):
This right makes it possible to delete, delete the personal data you have provided us, copies and reproductions of this data, as well as any link redirecting to this data.
This right may be exercised, in particular when:
1. Personal data are no longer necessary for the purpose of the processing for which they were collected, or when they are processed for another purpose;
2. You decide to withdraw your consent to the processing of your data, and that there is no other legal basis for such processing;
3. You object to the automated processing of your data, or to processing for commercial prospecting purposes;
4. Your data have been unlawfully processed;
5. A national legal obligation and/or a European regulatory obligation imposes it on the controller;
6. The data were collected from a minor.

Who should you turn to if you find that the Company is failing to meet its obligations?
In the event that the Company does not comply with its obligations under current laws and regulations relating to the protection of personal data, in particular with regard to the security of your data or the exercise of your rights, you may file a complaint with the local supervisory authority (for France: the CNIL).