The TIMEOS company (as defined in article 1 below), carrying out its activities under the MUSE by… brand, offers for sale ready-to-wear items, leather goods, shoes, jewellery, etc. on its website www.muse-by.com and in its physical store.
In order to offer for sale, sell and deliver its products, TIMEOS collects personal data from users of its website and from its customers during purchases made at physical points of sale.
TIMEOS, as data controller, undertakes to comply with the provisions of Regulation (EU) No. 2016/679 of April 27, 2016 relating to the protection of personal data.
The customer is informed that certain data must be collected by TIMEOS in order to be able to perform its services. If the customer does not wish to communicate this data, TIMEOS will not be able to perform its services.
1. The Data Controller
The data controller, who collects personal data and implements data processing is:
TIMEOS Sarl, registered with the Luxembourg Trade and Companies Register under number B.114.047, whose registered office is located at 8 Avenue Porte Neuve in L-2227 Luxembourg, Grand Duchy of Luxembourg.
2. Collection of personal data
TIMEOS is required to collect the personal data of users on the website www.muse-by.com and during purchases in its MUSE by… store in Luxembourg.
The personal data likely to be collected are as follows:
- user account data: namely the data that the user provides when creating an account by completing the registration form (first name, last name, postal billing and delivery addresses, email address, number mobile phone number, password for connecting to the customer account);
- transaction data: refers to the data that the user provides when making purchases (information relating to orders made and returns such as his telephone number, address, email address and information relating to his means of payment );
- exchanges made with customer service;
- data relating to navigation: refers to the data that TIMEOS collects during the user's navigation on the site such as in particular the date, the time of the connection and/or navigation, the type of browser, the language of the browser , its IP address, location data and geolocation.
Data relating to means of payment (credit card number, expiry date, authorization number, security code) are collected directly by our service providers Stripe and Paypal.
Third-party providers of applications, tools, gadgets and plug-ins on our website, as well as the networks on which we publish editorial and promotional content (such as Facebook and Instagram) may also use automated means, linked to the centers of interest and context, to collect user data (interactions with functions and profiling of online activity). This data is collected directly by these service providers and/or third parties and is subject to their policies. To the extent permitted by applicable law, TIMEOS is not responsible for the practices of such service providers and third parties.
3. Purposes of collecting personal data
The Data collected in the context of the use of the site or in the physical store are processed in order to meet the purposes described below.
The regulations in force protect the privacy of users and require any data controller to be able to justify a legitimate basis for said processing. The regulations thus provide among the legal bases for processing:
- the performance of a contract to which the data subject is a party, such as a sales contract. Thus certain personal data of the customer are necessary to deliver the goods, manage the customer account and make returns;
- the respect of a legal obligation, in particular accounting by the conservation of invoices;
- the prior consent of the data subject;
- the legitimate interest of the controller, in respect of the rights and freedoms of users. Thus, improving the customer experience or preventing fraud may justify data collection.
TIMEOS does not share any personal data for commercial purposes with third parties.
The user has the option of modifying his personal data and withdrawing his consent at any time by logging into his customer account.
4. Service providers with access to users' personal data
The personal data collected is transmitted to TIMEOS service providers, who may process on behalf of TIMEOS (subcontractors) and/or their own account (data recipients).
The recipients of the data are:
- Stripe (Shopify Payments) and Paypal, payment providers;
- DPD or DHL, transport providers;
- customs services and providers in the event of delivery abroad;
- any police or administrative authority in the context of legal requisitions concerning the fight against fraud.
TIMEOS subcontractors may have to access the data collected to:
- preparing and shipping orders and returning products;
- improving the content of the website;
- technical maintenance and development operations for the TIMEOS website and internal applications, including entities that fulfill orders and provide web hosting, information storage, email service providers, as well as data processing services. analysis, tag management, such as Google Analytics.
To obtain more details on these analysis services and the methods of opposition, we invite you to consult the following sites:
- Google Analytics:https://support.google.com/analytics/answer/6004245?hl=en
TIMEOS may also share the personal data of customers with a customer account in its physical store. Their access is limited to orders placed by the customer.
5. Rights of users over their personal data
Under the GDPR you have a series of rights.
1. Right of access
You have the right to obtain from TIMEOS confirmation that personal data concerning you is or is not being processed and, when it is, access to said personal data as well as the following information:
- The categories of personal data collected and processed;
- The purposes of their processing;
- The categories of recipients to whom the personal data have been communicated or are likely to be communicated;
- The retention period of the personal data;
1. b) Right to object
You can object, for legitimate reasons, to any processing of your personal data. Thus, TIMEOS will no longer process your personal data, unless it demonstrates that there are legitimate and compelling reasons for the processing which prevail over the interests and the rights and freedoms of the person concerned, or for the observation, the exercise or defense of legal claims.
1. c) Right of rectification
You have the possibility to ask to have your personal data corrected if they prove to be inaccurate, incomplete or obsolete.
1.d) Right to erasure and right to be forgotten
As the holder of your rights, you can request the erasure of your personal data on simple request. However, this right is not absolute and may, for example, conflict with the legitimate interest of the data controller – or with the legal obligations to which the latter is subject. Thus, for example, a person having to pay an invoice cannot purely and simply request the erasure of his data to escape his debt, the conservation of the data of his debtor being for the legitimate controller at least until payment.
1.e) Right to restriction of processing
You can require TIMEOS to rectify, complete, update, block or delete personal data concerning you, which is inaccurate, incomplete, ambiguous, outdated, or whose collection, use, communication or storage is prohibited.
1.f) Right to data portability
You have the right to receive your personal data collected or processed by TIMEOS, in a structured, commonly used and machine-readable format, and the right to transmit this data to another controller without TIMEOS to whom the personal data personnel have been communicated to prevent this.
6. Duration of data retention
User data will not be kept beyond the time strictly necessary for the purposes pursued as set out herein, in accordance with applicable regulations and laws.
In this respect, the data used for prospecting purposes may be kept for a maximum period of 3 years from the closing of the user's account or the last contact of the prospect concerned.
User data is deleted when the retention periods expire. Nevertheless, the data may be archived beyond the durations provided for the purposes of research, observation, and the prosecution of criminal offenses for the sole purpose of allowing, as needed, the provision of this data to the judicial authority.
Archiving implies that this data will be anonymized and will no longer be available online but will be extracted and stored on an autonomous and secure medium.
7. Security measures for personal data collected
As data controller, TIMEOS undertakes to take all necessary precautions to preserve the security and confidentiality of the data and in particular to prevent them from being altered, distorted or accessed by unauthorized third parties. .
TIMEOS has entered into service contracts with partners benefiting from a certain expertise in the field of data protection.
TIMEOS does not have access to customer payment data.
However, the user can choose to save his payment card data in his customer account. This data is not stored with TIMEOS, but with Stripe and/or Paypal. The user can modify or delete these bank details at any time by logging into their customer account.
8. Cookies, TAGS and trackers
When browsing our website, information relating to the browsing of the user's terminal (computer, tablet, smartphone, etc.) may be recorded through files called "Cookies".
The cookie makes it possible to carry out a follow-up of the navigation or an analysis of the behavior of the user, and in particular:
- to measure traffic to our website and our application, as well as their content;
- save information relating to the customer account when the user is connected to it;
- save the shopping cart;
- customize the display of content accessible to the user.
During each new connection to the Site, the user will be asked for his preferences with regard to the use of such cookies. He is also free to modify his preferences in terms of cookies, through the browser software used.
The user can also oppose the deposit of cookies by the website http://www.youronlinechoices.com/fr/controler-ses-cookies/.
9. Social networks
TIMEOS official Facebook and Instagram accounts may allow users to post their content. The user is informed that the content published on these social networks can be seen by third parties, and that increased vigilance is required of users when they provide certain personal data on these sites or applications such as financial data, an address or any sensitive data.
TIMEOS is in no way responsible for any damage caused by third parties due to or resulting from the publication of their personal data by users.
10. Links to Third Party Sites
The website may contain links to sites, applications and services other than those of TIMEOS which may be operated by third party companies.
TIMEOS is not responsible for the processing of personal data by these third-party sites. The user should consult the personal data protection policies.
11. The Data Protection Officer
The data protection officer or personal data manager of TIMEOS ensures compliance with the regulations and rules in force, and must in particular establish a register of personal data processing activities.
The User may contact the Data Protection Officer or Personal Data Manager of TIMEOS at email@example.com
Timeos © - March 2022