Effective 15/04/2024
We take your privacy very seriously and are committed to protecting it. We believe that you should be able to easily find out what personal data we collect and use and understand your rights in relation to it.
The purpose of this policy is therefore to inform you about how your personal data is managed on this site.
This policy may be updated and modified at any time, particularly in the event of changes to the applicable regulations or in the event that new functions, new services or new partnerships are added to our offering. The new version will be published on our site and the date of its entry into force will be specified.
We recommend that you read this Privacy Policy carefully as it contains important information about your personal data.
This Privacy Policy is designed so that you can easily access the section that interests you.
What is the legal and regulatory context applicable to the protection of personal data?
To begin with, we would like to remind you of the national and European laws and regulations applicable to the protection of personal data, as detailed below:
- Law no. 78-17 of 6 January 1978 on data processing, data files and individual liberties (amended Data Protection Act)
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (RGPD).
These sources are supplemented by analyses, recommendations and guidelines issued by national and European supervisory authorities, namely:
- The French Data Protection Authority (CNIL)
- The Article 29 Working Party (G29)
Some definitions
Personal data: any information relating to an identified or identifiable natural person, it being understood that an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.
Processing: any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Controller: the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing; where the purposes and means of such processing are determined by Union law or by the law of a Member State, the controller may be designated or the specific criteria applicable to his designation may be laid down by Union law or by the law of a Member State.
Processor: the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient: the natural or legal person, public authority, agency or any other body receiving personal data, whether a third party or not. However, public authorities which may receive personal data in the context of a particular enquiry in accordance with Union law or the law of a Member State shall not be regarded as recipients; the processing of such data by the public authorities in question shall comply with the applicable data protection rules in accordance with the purposes of the processing;
Third party: a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are authorised to process the personal data.
Consent of the data subject: any freely given, specific, informed and unambiguous indication of his wishes by which the data subject signifies his agreement, either by a declaration or by a clear act of consent, to personal data relating to him being processed.
Personal data breach: a breach of security resulting in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed.
Supervisory authority: an independent public authority established by a Member State pursuant to Article 51 of the GDPR.
Who is responsible for processing your personal data?
JMEKA is responsible for the processing carried out on this website and undertakes to process personal data in accordance with the General Data Protection Regulation (RGPD) and the aforementioned Data Protection Act.
JMEKA can be contacted by e-mail at the following address:
Taking into account the legislative and regulatory requirements in force, JMEKA has chosen not to appoint a personal data protection officer.
What personal data is collected?
We may collect personal data directly from you or indirectly (for example from your electronic devices that interact with the website, electronic form or mobile application)
Data you provide to us directly:
You may provide us with data:
- when you create an online account;
- when you use the digital platform;
- when you purchase products or services on the digital platform.
Depending on what you provide to us, this information may include:
- your identity (including first name, last name)
- your contact details (including postal address, e-mail address, telephone numbers)
- your personal status (including your title)
- certain payment details (including billing details, type or method of payment, credit or debit card number)
- other information that you may provide by filling in the form or by contacting us...
We recommend that you only provide the data requested or necessary for your request, with the exception of sensitive data relating to race, ethnic origin, political opinions, religious or philosophical beliefs, and data concerning health, sex life or sexual orientation.
We remind you that we do not collect, directly or indirectly, personal data from persons under the age of 16, without prejudice to any local law setting a different minimum age. We therefore ask you not to provide us with any personal data of persons who do not meet this criterion.
Data collected indirectly:
We may collect, indirectly, browsing data when you visit our website through cookies or similar technologies placed on your device.
FOCUS
What is a cookie?
A "cookie" is a string of information, generally small in size and identified by a name, which may be sent to your browser by a website to which you connect. Your web browser will store it for a certain period of time and send it back to the web server each time you reconnect. Cookies have many uses: they can be used to memorise your customer ID with a merchant site, the current contents of your shopping basket, an identifier that can be used to track your browsing for statistical or advertising purposes, etc.
There are 2 types of cookie:
- Cookies required for the website to function: your consent is not required for this type of cookie.
- Third-party cookies intended to improve the interactivity of the website: for this type of cookie, your consent is required before it is deposited or used.
Please note that you can change your choice regarding cookies at any time:
- By withdrawing your consent via the consent form
- By configuring your browser (for operational cookies not subject to prior consent).
To find out more about cookie management, please consult the following page on the CNIL website: https://www.cnil.fr/fr/cookies-les-outils-pour-les-maitriser (FR).
Why is your personal data collected?
We collect and use your personal data on one or more of the following legal bases:
- we have obtained your prior consent (for example via the contact form). Please note that you have the right to revoke your consent at any time (see below: "What are your rights")
- processing is necessary in the context of a contract between the platform and you (for example when you make a purchase)
- we have a legitimate interest in carrying out the processing and this legitimate interest is not overridden by your interests, fundamental rights or freedoms (e.g. preventing payment fraud).
Depending on the context, we may use your personal data to:
- provide you with the products or services you have requested;
- carry out checks to identify you and verify your identity;
- manage your claims for reimbursement;
- respond to your questions, suggestions and requests, in particular your requests to exercise your rights;
- manage complaints and disputes;
- detect, prevent and combat any fraudulent or illegal activity, including protecting your transactions from payment fraud, counterfeiting and the resale of our products;
- monitor and improve the digital platform;
- to improve our products and services;
- carry out statistical analyses, in particular to adapt our products and services;
- comply with our legal obligations, including providing information to regulatory bodies where required by law.
We refrain from collecting any sensitive data within the meaning of the RGPD and would not be held responsible if you spontaneously provided us with such information via the said form (free input zone).
The collection of your data is authorised on the basis of the consent you gave when sending the form (tick box).
If you choose the option to save your PAYMENT DATA (credit or debit card details), you expressly authorise us to process and store the data provided in order to activate and process the payment. The CVV Code (Card-Verification-Value) will only be used as part of the purchase process and will not be stored or processed as part of your payment details thereafter.
Consent is not presumed and takes the form of an unambiguous act of will, for example by means of a tick box.
Once you have authorised us to activate this feature, your details will be displayed automatically when you purchase items on the site again, so you will not have to enter these details each time. This authorisation will be valid and applicable to your subsequent purchases.
You can change your payment details and cancel your authorisation to process and save your details at any time directly on the site, free of charge.
The site stores and transmits your bank card details in compliance with general confidentiality and security standards for credit and debit cards.
If you use this function, you may be asked to change your password for security reasons.
Data processing is necessary for the performance of the contract to which you are party and for the performance of pre-contractual measures taken in response to your request.
Who receives your data?
JMEKA and the host of the mail server where the contact forms are received are the exclusive recipients of the data collected on this site.
No data is transferred outside the European Union.
How long will your data be kept?
Data will be kept in an active database for the time required to process your request.
In the event of a contract, the data collected may be kept for up to 10 years from the end of the financial year in question, in accordance with the provisions in force.
Prospective customers' data is kept for a maximum of 3 years from the last contact from the prospective customer.
Cookies are kept for a maximum of 6 months in accordance with CNIL recommendations.
What are your rights?
Any person whose personal data is processed has the following rights:
- The right to access all your personal data
- The right to rectify your data if it is out of date
- The right to erase your data
- The right to object to the processing of your personal data
- The right to limit the processing of your personal data
- The right to determine the fate of your data post mortem
In the absence of a data protection officer, any person wishing to exercise his or her rights or who has any queries regarding the protection of his or her personal data may contact the data controller via the following channel(s):
JMEKA can be contacted by e-mail at the following address:
With regard to the processing and management of your personal data, you also have the right to lodge a complaint with the CNIL via its website or by post at the following address: CNIL - 3 Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07.