Contact us

Privacy Policy

1. Introduction

Crealoz (hereinafter referred to as “the Company”) is committed to protecting the privacy and personal data of its clients and users in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679. This Privacy Policy details how we collect, process, store, and protect your personal data when you use our website (https://shop.crealoz.fr/) and related services.

2. Data Controller

The data controller is Crealoz, a single-member simplified joint-stock company headquartered at 13, rue de la Piniatelle – 15300 Murat – France, registered under SIREN number 901826602. For any inquiries regarding data protection, you can contact us at:

3. Data Collected

We collect and process the following personal data for the purposes outlined in this policy:

  • Identification Data: First and last names, company name, legal form
  • Contact Information: Email address, phone number, postal address
  • Financial Data: VAT number (if applicable), payment details (handled securely by third-party payment providers)
  • Usage Data: Order history, product interactions, technical logs, IP address, and cookies

4. Purpose of Data Collection

We collect and process personal data for the following purposes:

  • Account Management: Creating and maintaining user accounts
  • Order Processing: Managing transactions, billing, and invoicing
  • Customer Support: Handling support requests and technical assistance
  • Marketing and Communication: Sending newsletters and promotional content (subject to consent)
  • Compliance and Legal Obligations: Adhering to legal and regulatory requirements
  • Website Analytics and Security: Improving website performance and ensuring security

5. Data Retention

We retain personal data for the following periods:

  • Client Account Data: Stored for the duration of the contractual relationship and up to two (2) years after termination
  • Transaction Records: Retained for up to ten (10) years for legal and accounting purposes
  • Support Requests: Stored for up to five (5) years after the resolution of the request
  • Newsletter Subscription Data: Retained until the user unsubscribes
  • EasyAudit Fixer Processing Data: Automatically deleted within five (5) days after the correction is made available

6. Data Processing and Security Measures

We implement strict security measures to protect personal data, including:

  • Encrypted storage of sensitive information
  • Secure access controls and authentication
  • Regular security audits and updates
  • Restricted access to authorized personnel only

7. Third-Party Processors

We use third-party service providers to assist in specific functions while ensuring compliance with GDPR regulations. Our key partners include:

  • Payment Processing: Woopayments, PayPal (for secure transactions if available in your country)
  • Email Marketing: Brevo (for newsletter management)
  • AI Processing: Mistral AI (for service-related automated processing)
  • Website Analytics & Tracking: Google Tag Manager (for audience and traffic analysis)

These third parties are contractually bound to ensure the confidentiality and security of your data.

8. User Rights

Under GDPR, users have the following rights:

  • Right of Access: Obtain a copy of their personal data
  • Right to Rectification: Request corrections to inaccurate or incomplete data
  • Right to Erasure (Right to be Forgotten): Request deletion of personal data under certain conditions
  • Right to Restrict Processing: Limit the processing of personal data in specific circumstances
  • Right to Data Portability: Receive personal data in a structured format
  • Right to Object: Object to processing, including for marketing purposes

To exercise these rights, users can contact the Company via email or postal mail, providing proof of identity.

9. Cookies and Tracking Technologies

Our website uses cookies for functionality, analytics, and personalized marketing. Users can manage cookie preferences through our cookie consent tool. Functional cookies are mandatory, while tracking cookies require user consent.

10. Data Transfers Outside the EU

If personal data is transferred outside the European Union, we ensure appropriate safeguards such as:

  • Standard contractual clauses approved by the European Commission
  • Binding corporate rules for data protection compliance

11. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time. Any modifications will be posted on this page with an updated “Last Revised” date. Users are encouraged to review this policy periodically.

12. Contact Information

For any inquiries, requests, or concerns regarding data protection, users can contact us at:

Postal Address: 13, rue de la Piniatelle – 15300 Murat – France

Email: contact@crealoz.fr