Rules of confidentiality, security, protection and control of personal data
The RGPD (European Regulation on the protection of personal data) adopted on April 14, 2016, implemented on May 25, 2018, by any entity with activity in the European Union (EU), regardless of whether the organization is registered in the EU.
In accordance with this regulation we have taken the following measures :
We have mapped our treatments and data, revised our security and confidentiality processes and rules, updated our sites and data, to make a file available to the competent authorities so that they can verify our compliance with the RGPD.
We have implemented all the necessary elements to guarantee the confidentiality, the right to consultation, the modification, the cancellation.
Access to personal data, from an Internet connection, is only possible via identification and a password known only by the customer and encrypted in the database.
It is the responsibility of the user to secure this information and not to entrust it to third parties.
In any case we do not transmit, sell your information to a third party company, except information essential to the delivery of your purchases.
Or at the express request of justice.
Or at the express request of justice. We have NO knowledge of bank account numbers, credit card, PayPal, etc.
The data concerning the banking transactions do not transit on our site.
In case of bank identity theft and acceptance of payment by payment systems we can not be held responsible for information that we do not know and do not hold.
All communications go through an SSL authentication certificate in https connection.
- Our servers
Our servers are hosted by a host who respects the European privacy laws, and therefore the RGPD, and who can not access our data. On the other hand, the data contained is encrypted and accessible only by us and according to a strict process where only people who need to access to serve you are allowed to access it.
- Customer password management
- Passwords are encrypted by security software that is inaccessible to the management, technical, or site administration team or hosting server technicians. They are stored in the database encrypted and unreadable. Only the password management software can transparently verify to any user the conformity of a password.
- On the site, personal information is only visible to the user and if he identified himself by a strict process ID + password.
- The password when it is created or used is hidden. It requires a double entry for validation. It is the responsibility of the user to choose a sufficiently elaborate password so that it can not be discovered by a third party and to ensure the safeguard and security in his personal archives and not to communicate it to some thirds.
-In case of loss of the password, the user will have to use the process «Forgot your password? at the bottom of the identification page, to reset a new password He must enter his username or email address which will be controlled in the database by the password management system, if there is a concordance, a link of reset will be sent to the email address provided by the user during the creation of his profile and contained in the database, in case of mismatch an error message is displayed.
- Loss of the identifier The user can retrieve his username by identifying his email address and password then he goes to the page "my account" and find his information.
- Loss of the email address If the user has multiple email addresses and does not remember which he used for the site, by connecting with his login he can in the page "my account", after login find his address email and possibly change it.
- Loss of the identifier AND registered email address, but the user always has access to his mailbox. the user must contact the administrator of the website to request the resetting of a temporary password. He must provide at least his first and last name, and other available information, to identify the user and to reconcile the information and identity of the applicant. If the conciliation is positive, the administrator inside the "administration" function will be able to do:
> A password reset goes through the password manager.
> an automatic email will be sent to the email address already registered in the database.
- Under no circumstances will the administrator know the password. It will be the responsibility of the user to log in to his account, after Identification he goes to the page "My account" and to put a new password sufficiently elaborate so that it can not be discovered by a third party and to safeguard it in his personal archives.
- Loss of the identifier AND the registered email address, IF the user no longer has access to his email box The user will have to create a new profile if he wants to stay on the site and have access to the reserved parts. register.
- Data retention
In case of cancellation of a registration by a user, the data retention period are subject to laws, including tax and we can not derogate. After expiry of this period, personal data, billing, are destroyed.
- Registration to the newsletter (newsletter) and or as a customer.
These two notions are totally different and independent of each other.
- Information letter
- Registration for the newsletter must be voluntary.
A checkbox is present on the various forms
used in our site, in your customer profile if you have already placed an order and you will be subscribed to the newsletter only if you checked the corresponding box.
- The management of the newsletter is totally independent of the management of the site Mister-gadgets.com
- The termination of subscription to the newsletter is done by clicking on a link present in each newsletter. This unsubscription is immediate. To receive the new letter again, the user will have to make the request via the contact form.
- Registration as a customer
- Registration as a customer is done during the first order. The validation of his data will be requested and additional information, including personal address, delivery address if different from the personal address, payment method without taking the account data. It is the payment system that takes over and processes the payment without sending us any account information. Informing us only that the payment has been successful. - When placing an order, the customer must read and accept the GTCS and the rules of confidentiality.
- Right to consultation and modification of personal data with right of cancellation
At any time, through access to his account, any registrant or customer may consult his personal information and modify it.
He also has the possibility to cancel his subscription to the "new letter" simply by clicking on the link located in each "new letter".
It is also possible to terminate your registration by sending us a request using the CONTACT form. Subject to compliance with legal obligations, especially if the person has the customer status, therefore to place an order, we can only terminate his registration without erasing his data for a variable period from the date of the last order and this for reasons of tax law, product guarantee, statistical and internal management.
By cons his email address will be removed from any communication system.
- Right of control, modification of personal data, termination.
At any time a registrant or customer has the ability to access his personal information and modify it.
This access is obtained by identifying at the top of the Identification button menu and going to the My Account page.
Questions ? CONTACT US