Privacy policy
EN- PRIVACY POLICY – PÊLE-MÊLE OFFICIAL
Last updated: June 26, 2026
Pêle-Mêle Official places great importance on the protection of personal data and the respect of users’ privacy.
This Privacy Policy aims to inform you, in a clear, transparent and comprehensive manner, about how your personal data is processed in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) and applicable French data protection laws.
This Policy may be updated at any time to reflect legal, regulatory, or technical developments.
1. DATA CONTROLLER
The data controller is:
Pêle-Mêle Official
Email: pelemele101@gmail.com
The data controller is the entity that determines the purposes and means of processing personal data (Article 4 GDPR).
2. PERSONAL DATA COLLECTED
2.1 Data you provide
When using the website, we may collect:
-
First and last name
-
Email address
-
Billing and shipping address
-
Order-related information
-
Content of communications with customer support
2.2 Data collected automatically
When you browse the website:
-
IP address
-
Browsing and usage data (pages viewed, time spent, interactions)
-
Device and browser information
This data may be collected via cookies and similar technologies.
3. PURPOSES AND LEGAL BASES (ARTICLE 6 GDPR)
Your data is processed based on the following legal grounds:
|
Purpose |
Legal basis |
|---|---|
|
Order processing, payment and delivery |
Performance of a contract (Art. 6(1)(b) GDPR) |
|
Invoicing and accounting obligations |
Legal obligation (Art. 6(1)(c) GDPR) |
|
Customer support |
Legitimate interest (Art. 6(1)(f) GDPR) |
|
Website security and fraud prevention |
Legitimate interest (Art. 6(1)(f) GDPR) |
|
Website improvement |
Legitimate interest (Art. 6(1)(f) GDPR) |
|
Non-essential cookies (if applicable) |
Consent (Art. 6(1)(a) GDPR) |
4. USE OF SHOPIFY
The website is hosted and operated via Shopify Inc.
In this context:
-
Shopify acts as a data processor for hosting and infrastructure (Article 28 GDPR)
-
Shopify may also act as an independent data controller for certain processing activities (e.g., fraud detection, service improvement)
Your data may be transmitted to Shopify and its technical partners.
Shopify Privacy Policy: https://privacy.shopify.com
5. DATA RECIPIENTS (ARTICLE 28 GDPR)
Your data is accessible only to:
-
Authorized internal personnel
-
The following service providers acting as data processors:
|
Provider |
Purpose |
|---|---|
|
Shopify Inc. |
Hosting, infrastructure and order management |
|
Shopify applications (including invoice generation tools) |
Business operations and invoicing |
|
Invoice Generator (Shopify app) |
Creation and management of invoices |
These service providers process your data strictly on our behalf and under our instructions, in accordance with Article 28 GDPR.
We do not sell personal data to third parties.
6. INTERNATIONAL DATA TRANSFERS
Some data may be transferred outside the European Union (notably via Shopify).
Such transfers are governed in accordance with Articles 44 to 49 GDPR, including:
-
Standard Contractual Clauses (SCCs)
-
Adequacy decisions where applicable
7. DATA RETENTION (ARTICLE 5 GDPR)
|
Data category |
Retention period |
|---|---|
|
Customer data |
Duration of the contractual relationship |
|
Accounting data |
10 years (legal obligation) |
|
Technical logs |
12 months |
|
Cookies |
Maximum 13 months |
Data is deleted or anonymized once no longer necessary.
8. YOUR RIGHTS (ARTICLES 12–22 GDPR)
You have the following rights:
-
Right of access (Art. 15)
-
Right to rectification (Art. 16)
-
Right to erasure (Art. 17)
-
Right to restriction (Art. 18)
-
Right to object (Art. 21)
-
Right to data portability (Art. 20)
-
Right to withdraw consent (Art. 7)
You may exercise your rights at:
pelemele101@gmail.com
You also have the right to lodge a complaint with a supervisory authority such as the French CNIL:
www.cnil.fr
9. DATA SECURITY (ARTICLE 32 GDPR)
We implement appropriate technical and organizational measures, including:
-
Restricted access to data
-
Secure authentication systems
-
Secure hosting via Shopify
-
SSL encryption for transactions
However, no system is completely secure.
10. COOKIES
10.1 Definition
A cookie is a small file stored on your device that allows your browser to be recognized.
10.2 Cookies used
The website only uses strictly necessary cookies, including:
|
Cookie |
Purpose |
Duration |
|---|---|---|
|
Shopify cookies |
Cart and session management |
Session |
|
Security cookies |
Fraud prevention |
Session |
These cookies do not require prior consent under applicable laws.
10.3 Consent
-
No analytics or advertising cookies are used
-
If this changes, your consent will be collected via a cookie banner
10.4 Managing cookies
You can:
-
Modify your preferences via the cookie banner
-
Configure your browser settings
Please note that disabling certain cookies may affect website functionality.
11. THIRD-PARTY LINKS
The website may contain links to external websites.
We are not responsible for their privacy practices.
12. POST-MORTEM DATA RIGHTS
Under French law, you may define instructions regarding the storage, deletion, and communication of your personal data after your death.
13. CHANGES TO THIS POLICY
This Privacy Policy may be updated at any time.
The applicable version is the one published on the website.