Last update: October 2022
RICHON CORPORATE takes the protection of your data very seriously and will do everything in its power to protect it. Please find below our commitment to data protection and our data protection policy.
Our commitment to the protection of personal data - When we have to call upon external service providers, we select them rigorously and ensure that they are also informed and committed to data protection; - Your data is only used for explicit, legitimate and specific purposes in connection with our various services; - Only the data necessary for the execution of our services are collected; - We communicate your data only to authorized partners, service providers or professional organizations that need it for our activities; - We are respectful of your rights as a customer, that is why we do everything possible so that you can exercise them; - We respect your privacy and your choices, which is why the communications you receive from us can be terminated at any time.
Your personal data is collected by RICHON CORPORATE S.R.L. (hereinafter "we") registered with the Crossroads Bank for Enterprises under number 0790.710.742 and whose registered office is based at: 84, Rue de l'Église at 1150, Woluwe-Saint-Pierre, Brussels, Belgium.
RICHON CORPORATE is to be understood as a "data controller" within the meaning of Article 4.7) of the General Data Protection Regulation of the European Parliament and of the Council of 27 April 2016, hereinafter "GDPR".
For further information on the protection of personal data, you can also consult the website of the Belgian Data Protection Authority: https://www.autoriteprotectiondonnees.be/citoyen.
Pursuant to Articles 15 to 21 of the GDPR, any natural person using the webshop has the right to exercise the following rights:
A right of access: as a data subject, you may ask us whether we hold any personal data about you, and if so, ask us to provide it to you. Such access to your personal data will be provided upon request.
A right of rectification: if any personal information is inaccurate or incomplete, you may request that it be amended. If your data is incomplete, you may also request that it be completed, insofar as this is relevant to the purpose of the processing in question. In the event of rectification, we will notify each recipient to whom your data is communicated, unless such communication proves impossible or requires disproportionate efforts on our part.
A right to object: you have the right to object at any time to the processing of your personal data when we process them for legitimate interests.
A right to be forgotten: you can obtain from us, under certain conditions, the deletion of some of your personal data as soon as possible. This right to oblivion can only be obtained in certain cases, notably for reasons of public interest, for archival purposes or to comply with legal obligations. We shall also be obliged to notify the recipients to whom your personal data has been communicated of such erasure, unless such communication proves impossible or requires disproportionate efforts on our part.
A right to limit the processing of your data: you can obtain from us that we limit the processing of your personal data, in particular when you object to this processing, when you dispute the accuracy of the data or when you believe that their use is unlawful.
A right to portability of your personal data: under certain conditions, you may request to receive your entire personal data so that you can transfer it to another controller of your choice.
A right to withdraw consent: where we base the processing of your data on your consent, you have the right to withdraw your consent at any time and without justification. Withdrawal of consent will stop the processing.
Liora : insérer ici votre adresse e-mail de contact
To exercise these rights, please write to RICHON CORPORATE, 84, Rue de l'Église, 1150 Woluwe-Saint-Pierre, Brussels, Belgium, or to the e-mail address e-mail firstname.lastname@example.org.
Your requests to exercise your rights must be accompanied by a document proving your identity. We have 30 business days from receipt of your request to respond. Some time-consuming requests may take longer, in which case the time limit will be extended to 60 business days, and you will be notified.
We have the option of denying your request to exercise your rights if:
We are unable to identify the person making the request;
The requests are manifestly unfounded or excessive, in particular because of their repetitive nature or the technical difficulty of structuring the data. In this case, we may also require payment of a reasonable administrative fee.
Dans In the context of the purposes set out below, we process the following data only when they are relevant and strictly necessary for the processing. Depending on the case, the data may relate directly to you or to third parties and/or parties to the contract.
This personal data is collected at three points of collection:
The GDPR permits the processing of personal data provided that it is based on one of the legal grounds provided for in the GDPR and for specific purposes.
We collect and process your personal data for the purposes described below. We ensure that only necessary and relevant personal data are processed, in compliance with the data minimization principle.
In general, we base the processing of your personal data on the following legal grounds:
In the event that we are required to carry out processing that is not already provided for in this Policy, we may use your personal data as long as these purposes are compatible with the purposes for which we initially collected your data. We consider any relationship between the original and subsequent purposes and the context in which the data is collected. If we believe that the purposes are incompatible with the original purposes, we will contact you before using your personal data. The purpose of this contact will be to inform you about this processing and, if necessary, to ask for your consent to this further processing.
4.1. Compliance with our legal obligations
In some cases, we are obliged to process your personal data in the context of legal obligations or when we cooperate with the competent authorities. In these cases, we pass on your personal data in order to comply with our legal obligations.
4.2. In the context of the execution of the contract which binds us or the pre-contractual measures taken at your request
Regarding the services offered by the webshop, namely the personalization of clothing, and its operation, the personal data that we process are mainly part of the contractual relationship that binds us, or in the implementation of pre-contractual measures taken at your initiative.
More precisely, the purposes for which we process your personal data are the following
Logging into your NFT portfolio, and the data processing involved, will be considered, for the purposes of this Policy, as a pre-contractual measure taken at your request, the log-in being voluntary.
4.3. As part of our legitimate interests
In some cases, it is in our legitimate interest to process your personal data. To this end, we always take care to maintain a fair balance between the need to process your personal data and the respect of your rights and freedoms.
This is the case when we pursue a legitimate interest, i.e. one that is not contrary to the law, and the processing of personal data is necessary to achieve that legitimate interest. For example, we have a legitimate interest in preventing fraud, or in ensuring the security of networks or its computer systems.
In addition, we process your personal data based on our legitimate interests, in particular, for:
|If you only surf our webshop, without connecting your NFT wallet, without creating a user account and without placing an order, no personal data will be processed, except for your electronic identification data collected via our cookies.| | - |
In general, we do not keep your personal data longer than is necessary for the purposes for which it was collected.
More specifically, there are several situations in which the length of time we retain your personal data can be determined:
5.1. In case of conclusion of a sales contract
In general, except for your NFT portfolio data (b), your identification and billing data is retained for the duration of the contractual relationship, and for 60 days after deletion of your customer account.
If necessary, the deletion of your customer account must be done manually via your customer account.
However, in order to comply with our legal obligations and/or to enforce our legal rights, we may have to keep your personal data for a period of 10 years after the end of the contract between us, this period corresponding to the legal limitation periods.
Specifically, the identification data related to your NFT wallet is kept until you manually disconnect your NFT wallet from the webshop (either via the "logout" button or when you close our webshop page in your web browser).
5.2. In the absence of a contract of sale
If you create a customer account but do not place an order in our webshop, and therefore do not connect your NFT wallet, the personal data related to your customer account will be retained until you manually delete your customer account (in your customer area), and for a period of 60 days after deletion.
Without the creation of a customer account on our webshop, no personal data other than those listed in point 5.3 will be collected.
If you do not delete the data, the personal data collected through the implementation of cookies will be stored for a period of 13 months after the cookie has been implemented on your terminal.
This electronic identification data is collected independently of whether you place an order on our webshop or not. It is collected from the moment you enter our webshop.
5.4. Prospection commerciale
If you do not respond to any further solicitations 3 years after the last contact from you, your information will be deleted.
After 3 years, we will contact you to determine whether or not you wish to continue to receive commercial solicitations. If you do not, we will make every effort to ensure that your personal data is made unavailable and inaccessible.
To whom will your data be transmitted?
In some cases, we may need to transfer your personal data to other third parties.
6.1. Internal recipients
Access to your personal data is strictly limited to those persons whose function requires it. Access to the data will only be granted within the limits of the performance of their duties. Access to your personal data will be controlled by RICHON CORPORATE, which will ensure that only authorized persons have access to it.
In order to enable you to access, improve and use our webshop, we work with subcontractors who may have access to your personal data where necessary for the provision of our services.
For example, this may include subcontractors responsible for the maintenance of our infrastructure, external IT consultants, software providers, and any other partners we may use while running the webshop.
If this is the case, we ask them to ensure compliance with the legal and regulatory provisions in force and to ensure strict compliance with the confidentiality of the information they are likely to process as part of their intervention.
6.3. Transmission by legal obligation or by order of a competent authority
In certain cases, we may be required to transmit your personal data to comply with a legal obligation, a judicial decision, or a request from any competent authority.
6.4. Third party cookies
Third party cookies are cookies that are not generated by us but by a third party advertising on our website. Third-party cookies are used by our partners (the advertisers or ad servers) on our website, using pixels or tags, to target your preferences and deliver personalized ads. To do this, these cookies will collect information about your behavior on the website.
We implement appropriate technical and organizational measures to ensure an adequate level of security for the processing of your personal data. This level of security is established based on the risks presented by the processing and the nature of the data to be protected.
We have put in place appropriate security measures to protect your personal data, in particular against loss, theft, misuse or alteration of the information received, disclosure or unauthorized use of your personal data.
If your personal data under our control is compromised as a result of an information security breach, we will act promptly to identify the cause of the breach and take appropriate and necessary steps to remedy it.
If necessary and in accordance with applicable law, we will notify you of the incident.
If you have any questions and/or complaints regarding this Policy, please feel free to contact us directly to see how we can help you:
If you are not satisfied with our response, please be aware that you may also file a complaint with the Belgian Data Protection Authority, whose contact details are as follows:
Data Protection Authority
Rue de la Presse, 35
1000 Brussels, Belgium
Phone + 32 2 274 48 00
Fax: + 32 2 274 48 35
In addition, you always have the possibility to file a complaint with the Court of First Instance of Brussels. For more information on complaints and possible remedies, please consult the information available on the website of the Data Protection Authority: https://www.autoriteprotectiondonnees.be.
This Policy is governed by Belgian law.
Any dispute will first be subject to an attempt at amicable discussion and resolution. If the amicable discussion fails, any dispute relating to the interpretation or execution of this Policy will be subject to Belgian law and will fall under the exclusive jurisdiction of the courts of the judicial district of Brussels.
We reserve the right to change the provisions of this Policy at any time. We will publish the changes directly on our webshop.