CONFIDENTIALITY AND COOKIES
Personal data protection policy / Cookie management
(last updated: February 1, 2024)
I. Personal data
Personal data collected on the site www.kinase-boutique.com or during purchases in stores are processed by the company AUTHENTIC JAPAN, a single-member simplified joint stock company with share capital of 100,000 euros, registered with the RCS of Paris under number 839 581 303 with its head office located at 28, rue du Dragon – 75006 Paris.
AUTHENTIC JAPAN is keen to protect the personal information communicated by its customers (the “Personal Information”) and is committed to ensuring the best level of protection for them in accordance with the European and French regulations applicable to it in terms of protection of personal data and in particular Law No. 78-17 of January 6, 1978 relating to information technology, files and modified freedoms and any new law, decrees taken for its application such as the Digital Republic Law No. 2016-1321 of October 7, 2016 and Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 known as “GDPR”.
This document explains: (i) how, for how long and for what purposes Personal Information is used; (ii) how the Customer can access, correct, modify or delete Personal Information that AUTHENTIC JAPAN holds about them; (iii) to whom AUTHENTIC JAPAN may, if applicable, disclose it; and (iv) the security measures implemented by AUTHENTIC JAPAN to protect the confidentiality of Personal Information.
1. Data collected and purpose of collection
AUTHENTIC JAPAN collects Personal Information voluntarily declared to it by the customer using the collection forms made available to it either on the site or directly within its establishments.
The information that must be provided by the customer is marked with an asterisk on the collection form.
Personal Information is processed by AUTHENTIC JAPAN for the purposes of managing customer accounts, marketing and statistical studies and monitoring the quality of services, with the aim of providing customers with the most appropriate services.
AUTHENTIC JAPAN only collects the data strictly necessary for the creation and monitoring of the customer's customer account (their name, user name, first names, gender, date of birth, e-mail address, telephone number, postal address, word password), management and monitoring of orders (payment, delivery), monitoring of customer relations such as carrying out satisfaction surveys, managing complaints and after-sales service as well as carrying out loyalty, information and promotion actions of AUTHENTIC JAPAN (such as, in particular, the sending of newsletters) when the customer has expressly wished to subscribe to them.
AUTHENTIC JAPAN collects the customer's Personal Information in particular when he:
– creates your customer account on the Site or in store
– places an order on the Site or in store
– navigates the Site and consults the Products
– contact customer service.
REGARDING THE PAYMENT PROCESS
6.1. Purpose of processing
The customer wishing to purchase Products on the Site must use payment services.
The payment services necessary for the site are provided by the French bank LCL
AUTHENTIC JAPAN uses the Sherlock's secure payment system managed by LCL bank as well as the 3D Secure system.
The security of card data transport is ensured by 128-bit SSL (Secure Socket Layer) encryption and the payment page is hosted on a bank server which ensures the integrity and confidentiality of the data collected. Each payment systematically triggers an authorization request to your bank in order to verify the validity of the card details.
As part of the payment process, AUTHENTIC JAPAN's payment providers will collect and process a certain amount of data concerning the customer's means of payment (bank card number, expiry date of the bank card, cryptogram visual, the latter not being preserved, etc.).
AUTHENTIC JAPAN processes the partial number of the customer's bank card made up of the first six (6) numbers and four (4) last numbers and the expiration date as transmitted by the bank.
This payment identifier therefore does not allow a banking transaction to be carried out and is kept for fifteen (15) months, unless deleted by the customer from their account.
It is expressly recalled that AUTHENTIC JAPAN and its banking partner (subcontractor within the meaning of the GDPR):
– Will not carry out data processing which would be incompatible with the defined purposes
– Will take all technical and organizational measures to ensure the security and confidentiality of customers’ personal data.
2. Data storage and hosting
Personal Information is stored on encrypted computer files and maintained on secure storage servers. These storage servers are installed in data centers located Hosting: OVH SAS: 2 rue Kellermann – BP 80157 59053 ROUBAIX CEDEX 1
In any case, AUTHENTIC JAPAN naturally takes appropriate measures to maintain an appropriate level of confidentiality and security of Personal Information during the transfer and upon receipt thereof, in particular by contractually requiring all its subcontractors and service providers that they implement all appropriate technical and organizational measures, on an ongoing basis, to secure Personal Information and ensure the same level of protection as that required by the GDPR, Law No. 78-17 of January 6, 1978 relating to information technology, files and modified freedoms and any new law, decrees taken for its application such as the Digital Republic Law n°2016-1321 of October 7, 2016.
3. Preservation
Personal Information will only be kept on an operational basis for the period strictly necessary for the purpose for which it was collected and processed.
Personal Information will then be archived with restricted access for an additional period for limited reasons authorized by law (payment, guarantee, disputes, accounting or archiving obligations, etc.). After this period, they will be deleted.
The retention periods are as follows:
4. Transmission of Personal Information
AUTHENTIC JAPAN will never transmit Personal Information to any third party likely to use it for its own purposes and in particular for commercial purposes and/or direct advertising, without the express prior consent of the customer.
AUTHENTIC JAPAN may disclose Customer Personal Information to legally authorized bodies and authorities, to the extent that disclosure is required or authorized by law, or when AUTHENTIC JAPAN deems it necessary or appropriate to comply with laws and other texts. applicable, or to protect or defend its rights or those of its employees, customers or any other person.
AUTHENTIC JAPAN may transfer customers' Personal Information to third parties in the event of an assignment, transfer of assets, reorganization or liquidation. AUTHENTIC JAPAN will then notify the customer if their Personal Information will be subject to a different confidentiality policy.
The Personal Information collected may possibly be communicated to third parties linked to AUTHENTIC JAPAN by contract for the execution of subcontracted tasks necessary for the management of customer accounts or the execution of orders placed on the Site or in store.
Unless expressly agreed by the customer when collecting their Personal Information, AUTHENTIC JAPAN cannot transmit Personal Information to its partners (including companies in the group to which it belongs) for communication and/or prospecting purposes, in particular through electronic, postal or telephone means.
Even after having given their agreement, customers may object to the continuation of this communication by sending a letter to AUTHENTIC JAPAN at the following address: 28, rue du Dragon – 75006 Paris
The Customer is informed that data concerning him may be transmitted for the purposes of the purposes mentioned above to companies located in countries outside the European Union which have a lower level of data protection than in the European Union. Prior to transfer outside the European Union, AUTHENTIC JAPAN will take all necessary measures and guarantees to secure such transfers.
5. Security
In accordance with the GDPR, Law No. 2018-133 of February 26, 2018 “carrying out various provisions for adaptation to European Union law in the field of security and Law No. 78-17 of January 6, 1978 relating to information technology, files and modified freedoms and any new law, decrees taken for its application such as the Digital Republic Law n°2016-1321 of October 7, 2016, AUTHENTIC JAPAN undertakes to take all useful precautions, with regard to the nature of the data and the risks presented by the processing, to preserve the security of the personal data concerning the Customer and, in particular, to prevent their personal data from being distorted, damaged, or from unauthorized third parties having access to it.
6. Responsible for processing and customer rights
6.1. Processing manager
The data controller is the company AUTHENTIC JAPAN, a single-member simplified joint stock company with a share capital of 100,000 euros, registered with the Paris RCS under number 839 581 303 with its head office located at 28, rue du Dragon – 75006 Paris.
6.2. Customer Rights
In accordance with the GDPR, Law No. 78-17 of January 6, 1978 relating to information technology, files and freedoms as amended and any new law, decrees taken for its application such as the Digital Republic Law No. 2016-1321 of January 7, 1978. October 2016, the customer can:
– access all of their data: this right allows the customer to ask questions to AUTHENTIC JAPAN about the nature of the processing concerning them and to request a copy of all of the information concerning them. This right applies regardless of the legal basis of the processing (contract, legal obligation, consent, legitimate interest, etc.).
– oppose the processing of your data: this is the right not to appear in data processing or to no longer appear there. This right applies when the processing is based on the “legitimate interest” of AUTHENTIC JAPAN;
– rectify, update, complete and delete your declarative data;
– request the portability of your data;
– request a limitation of the processing carried out by AUTHENTIC JAPAN relating to its Data: this right can be exercised when one of the following reasons applies:
• the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
• the processing is unlawful and the data subject objects to their erasure and instead demands restriction of their use;
• the controller no longer needs the personal data for the purposes of processing but they are still necessary for the data subject to establish, exercise or defend legal claims;
• the data subject has objected to the processing, pending the verification whether the legitimate grounds pursued by the controller override those of the data subject.
In addition, the customer has the possibility to communicate to AUTHENTIC JAPAN instructions relating to the conservation, erasure and communication of his Personal Data after his death, which instructions can also be recorded with "a trusted third party certified digital”. These directives, or a sort of “digital will”, can designate a person responsible for their execution; failing this, his heirs will be designated.
In the absence of any directive, the client's heirs may contact AUTHENTIC JAPAN in order to:
– access treatments allowing “the organization and settlement of the deceased’s estate”;
– receive communication of “digital assets” or “data resembling family memories, transferable to heirs”;
– have the customer’s account closed and object to the continued processing of their Personal Information.
To exercise their rights, the customer can send their request (indicating email address, surname, first name, postal address and a copy of their identity document):
– By email to: support@kinase-boutique.com
– By post to the following address: 28, rue du Dragon – 75006 Paris
A response will be sent within a maximum of one (1) month following the date of receipt of the request.
The customer may, at any time, lodge a complaint with the competent supervisory authority (in France, the CNIL: www.cnil.fr)
7. Social networks – Plug-ins and social modules – Social Connect
The use of social networks and the Site in connection with these social networks may result in the collection and exchange of certain data between the social networks and AUTHENTIC JAPAN.
The Customer is invited to consult the personal data protection policies of social networks in order to be aware of the information which is collected by social networks and which may be transmitted to AUTHENTIC JAPAN in connection with its site as well as the purposes of use of its data, in particular for advertising purposes.
The Customer can configure access and confidentiality of their data directly on social networks. The information collected by AUTHENTIC JAPAN on its own behalf through the Site in connection with social networks is governed by these conditions. On the other hand, AUTHENTIC JAPAN is not responsible for the use made of the Customer's data by social networks for their own account.
The Site uses “plug-ins” or social modules. These include the small “like” and “share” buttons on third-party social networks such as Facebook, Instagram, Twitter, Google+, etc. appearing on the Site. They allow the Customer to “like” and share information from the Site with their contacts on social networks.
When the Client consults a page of the Site containing plug-ins or social modules, a connection is established with the servers of the social networks which are then informed that the Client has accessed the corresponding page of the Site, even if he does not does not have a user account, and even if he is not connected to his account.
If the Customer does not want social networks to publish his actions resulting from the plug-ins in his social network accounts, he must disconnect from his social networks before visiting the Site.
The Social Connect function allows the Customer to connect to the Site with their social network accounts to facilitate their purchases and access to AUTHENTIC JAPAN services.
When the Customer connects to the Site with these accounts, AUTHENTIC JAPAN can access certain information in order to offer them a personalized and social experience.
Additional information to that already present in its social accounts may be requested by AUTHENTIC JAPAN for the purposes described above. The information collected by AUTHENTIC JAPAN on the Site is not transmitted to social networks without the customer's consent. It is up to the Customer to manage their privacy settings on social networks when they wish to connect to AUTHENTIC JAPAN services with your social network credentials.
II- COOKIES
The “cookie” is a file installed on the User's terminal, allowing information relating to their navigation on the AUTHENTIC JAPAN website to be stored for the purpose, in particular, of authenticating users, memorizing their preferences and settings, to determine the popularity of content, to distribute advertising campaigns and measure their effectiveness, to analyze site traffic and more generally to understand the online behavior and interests of people who interact with AUTHENTIC JAPAN services.
Cookies may have a variable lifespan. “Session cookies” only persist if the User’s browser is open. They are automatically deleted when the User closes their browser. Other cookies are "persistent cookies", which means that they continue to be active after the browser is closed. They can recognize, for example, the User's device when the User opens a new browsing session.
The paragraphs below aim to give the User information regarding the cookies used by AUTHENTIC JAPAN or its partners when the User uses the Site and to offer them a solution to adapt their choice.
AUTHENTIC JAPAN cookies
AUTHENTIC JAPAN uses cookies. The cookie is a computer file, stored on the hard drive of the User's computer. Its purpose is to indicate your previous visit to the Site, and therefore does not allow you to identify yourself or constitute Personal Information. Cookies are only used by AUTHENTIC JAPAN for the purpose of personalizing the Services offered to Users.
AUTHENTIC JAPAN also uses audience measurement cookies. These cookies make it possible to analyze the use of the site in order to be able to measure and improve its performance and to improve the quality of services.
Third party cookies
When the User accesses the Site, one or more cookies from partner companies may be placed on their computer. The purpose of these third-party cookies is to identify the User's interests and collect browsing data in order to personalize the advertising offer sent to them outside the Site.
AUTHENTIC JAPAN has no access to and cannot exercise any control over third-party cookies.
However, AUTHENTIC JAPAN ensures that partner companies agree to process the information collected on the Site in compliance with the law and undertake to implement appropriate measures to secure and protect data confidentiality.
Cookie management
Several possibilities are offered for managing cookies. At any time, the User can express and modify their wishes regarding cookies, via the Help section of their browser toolbar. This indicates how to refuse new “cookies” or obtain a message indicating their receipt or how to deactivate “cookies” either systematically or depending on their issuer. The User can also delete cookies manually.
The User can also choose to deactivate or delete similar data used by software accessory to his browser, such as Flash cookies, by modifying the settings of this software or by visiting the website of the publisher of this software.
Please note, it is possible that this browser configuration deprives the User of access to certain content or significantly disrupts their navigation and the services they expect from the Site. Where applicable, AUTHENTIC JAPAN declines all responsibility for the consequences linked to the degraded behavior of the Site resulting from the impossibility of using the cookies necessary for its operation.
For cookie management, each browser offers a configuration process. It is described in the browser help menu which will allow the User to know how to express their wishes regarding cookies:
For Internet Explorer™: open the “Tools” menu, then select “Internet Options”; click on the “Confidentiality” tab then the “Advanced” tab choose the desired level or follow this link: http://windows.microsoft.com/fr-FR/windows-vista/Block-or-allow-cookies
For Firefox™: open the “Tools” menu, then select “Options”; click on the “Privacy” tab then choose the desired options or follow this link: http://support.mozilla.org/fr/kb/Activer%20et%20d%C3%A9sactiver%20les%20cookies
For Chrome™: open the configuration menu (wrench logo), then select “Options”; click on “Advanced options” then in the “Privacy” section, click on “Content settings”, and choose the desired options or follow the following link: http://support.google.com/chrome/bin/answer.py ?hl=fr&hlrm=en&answer=95647
For Safari™: choose “Safari > Preferences” then click on “Security”; In the “Accept cookies” section choose the desired options or follow this link: http://docs.info.apple.com/article.html?path=Safari/3.0/fr/9277.html
For Opera™: open the “Tools” or “Settings” menu, then select “Delete private data”; click on the “Detailed options” tab, then choose the desired options or follow this link: http://help.opera.com/Windows/10.20/fr/cookies.html
On mobile:
To specify whether Safari™ accepts cookies or not:
1. From the main screen, choose Settings > Safari.
2. Tap Accept cookies and choose “Never”, “From sites visited” or “Always”.
To clear all cookies in Safari:
1. From the main screen, choose Settings > Safari.
2. Touch Clear cookies.
To delete cookies on Android:
1. Menu > Settings > Clear all cookies