Politique de confidentialité

Privacy Policy – DIOIB

Paris, France

1. Information on the Processing of Personal Data

At DIOIB (“DIOIB”, “we”, “us”, “our”), the protection of your personal data is a priority.
This Privacy Policy explains how we collect, use, store, and share your personal data when you visit our website, create an account, place an order, or interact with our services.

This Policy applies in particular to the website www.dioib.fr and to all interactions we may have with you (email, customer service, social media, etc.).

2. Data Controller and Contact Details

DIOIB
7 rue Saint-Claude
75003 Paris
France

📧 administration@dioib.fr

SIRET (if applicable): 982 319 931 00019

3. Processing Activities

3.1 Orders and Order Management

Purposes

  • Processing orders (payment, preparation, delivery)

  • Invoicing, accounting, and compliance with legal obligations

  • Customer service: returns, exchanges, claims, warranties

  • Fraud prevention and payment security

  • Statistics and improvement of the shopping experience

  • Service-related communications (order confirmations, shipping updates, important notices)

Personal Data Processed

  • Identity: first name, last name

  • Contact details: email address, phone number

  • Billing and/or delivery address

  • Order details: products, quantities, order history

  • Payment information: we do not store full payment card details (payments are handled by secure third-party providers)

Legal Basis (GDPR)

  • Art. 6(1)(b): performance of a contract (processing your order)

  • Art. 6(1)(c): legal obligation (accounting, invoicing)

  • Art. 6(1)(f): legitimate interest (security, fraud prevention, service improvement)

Retention Periods

  • Accounting and invoicing documents: 10 years (French legal obligation)

  • Order-related data (excluding accounting): up to 5 years after the last transaction, depending on disputes or legal requirements

3.2 Customer Service and Enquiries

Purpose

  • Responding to your requests (email, contact form, social media)

Data

  • Name, email address, phone number (if provided)

  • Content of messages and communication history

Legal Basis

  • Art. 6(1)(f): legitimate interest (handling requests)

  • Art. 6(1)(b): if the request relates to an ongoing order

Retention

  • Up to 2 years after the end of the exchange

  • Up to 5–10 years if linked to a transaction, dispute, or legal obligation

3.3 Newsletter and Marketing Communications

If you subscribe to our newsletter or consent to receive marketing communications, we process:

Data

  • Email address (and possibly first name)

Purpose

  • Sending newsletters, offers, and product updates

Legal Basis

  • Consent (Art. 6(1)(a)) or legitimate interest where applicable (Art. 6(1)(f))

You may unsubscribe at any time using the link provided in each email.

Retention

  • Until you withdraw consent or unsubscribe, or after a prolonged period of inactivity (e.g. 12–24 months)

3.4 Contests, Events, and Special Operations (if applicable)

Purpose

  • Managing participation, awarding prizes, communicating results

Data

  • Name, email address, postal address (if prize delivery), and any other data required for the operation

Legal Basis

  • Art. 6(1)(f): legitimate interest (organization)

  • Art. 6(1)(a): consent where required

Retention

  • Up to 1 year after the end of the event, unless legal obligations require longer storage

3.5 Website Operation, Cookies, and Analytics

We use cookies and similar technologies to:

  • Ensure proper website functionality (essential cookies)

  • Measure website traffic and performance

  • Improve and personalize user experience

  • Deliver advertising content where applicable

Data

  • IP address (often anonymized)

  • Browser and device information

  • Pages visited, interactions, navigation paths

Legal Basis

  • Essential cookies: legitimate interest / technical necessity

  • Analytics and marketing cookies: consent via cookie banner, in accordance with applicable regulations

👉 Cookie Policy: /pages/cookie-policy

4. Data Recipients

We may share personal data with:

  • Shopify (e-commerce hosting and infrastructure)

  • Payment providers (e.g. Shopify Payments, Stripe, PayPal)

  • Shipping and logistics partners

  • Email and marketing tools (e.g. Klaviyo, Mailchimp, if used)

  • Analytics and advertising partners (Google, Meta, if enabled)

  • Professional advisors (accountants, lawyers)

  • Public authorities, where legally required

We do not sell your personal data.

5. Transfers Outside the EU/EEA

Some service providers (notably those linked to Shopify and certain analytics or marketing tools) may process data outside the EU/EEA, including in the United States.

In such cases, we implement appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission

  • Additional technical and organizational measures where necessary

For further information, please contact us at administration@dioib.fr.

6. Your Rights (GDPR)

You have the following rights:

  • Right of access

  • Right to rectification

  • Right to erasure (subject to legal limitations)

  • Right to restriction of processing

  • Right to object, particularly to direct marketing

  • Right to data portability

  • Right to withdraw consent at any time (newsletter, cookies)

To exercise your rights, contact: administration@dioib.fr

You also have the right to lodge a complaint with the CNIL (French Data Protection Authority):
👉 https://www.cnil.fr

7. Data Security

We implement reasonable technical and organizational measures to protect your personal data against unauthorized access, loss, alteration, or disclosure.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The current version is always available on our website.
In the event of significant changes, we may notify you by email or via a notice on the website.

9. Contact

📧 administration@dioib.fr

DIOIB
7 rue Saint-Claude
75003 Paris
France