Privacy policy


EN- PRIVACY POLICY – PÊLE-MÊLE OFFICIAL

Last updated: June 26, 2026

Pêle-Mêle Official places great importance on the protection of personal data and the respect of users’ privacy.

This Privacy Policy aims to inform you, in a clear, transparent and comprehensive manner, about how your personal data is processed in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) and applicable French data protection laws.

This Policy may be updated at any time to reflect legal, regulatory, or technical developments.

1. DATA CONTROLLER

The data controller is:

Pêle-Mêle Official
Email: pelemele101@gmail.com

The data controller is the entity that determines the purposes and means of processing personal data (Article 4 GDPR).

2. PERSONAL DATA COLLECTED

2.1 Data you provide

When using the website, we may collect:

  • First and last name

  • Email address

  • Billing and shipping address

  • Order-related information

  • Content of communications with customer support

2.2 Data collected automatically

When you browse the website:

  • IP address

  • Browsing and usage data (pages viewed, time spent, interactions)

  • Device and browser information

This data may be collected via cookies and similar technologies.

3. PURPOSES AND LEGAL BASES (ARTICLE 6 GDPR)

Your data is processed based on the following legal grounds:

Purpose

Legal basis

Order processing, payment and delivery

Performance of a contract (Art. 6(1)(b) GDPR)

Invoicing and accounting obligations

Legal obligation (Art. 6(1)(c) GDPR)

Customer support

Legitimate interest (Art. 6(1)(f) GDPR)

Website security and fraud prevention

Legitimate interest (Art. 6(1)(f) GDPR)

Website improvement

Legitimate interest (Art. 6(1)(f) GDPR)

Non-essential cookies (if applicable)

Consent (Art. 6(1)(a) GDPR)


4. USE OF SHOPIFY

The website is hosted and operated via Shopify Inc.

In this context:

  • Shopify acts as a data processor for hosting and infrastructure (Article 28 GDPR)

  • Shopify may also act as an independent data controller for certain processing activities (e.g., fraud detection, service improvement)

Your data may be transmitted to Shopify and its technical partners.

Shopify Privacy Policy: https://privacy.shopify.com

5. DATA RECIPIENTS (ARTICLE 28 GDPR)

Your data is accessible only to:

  • Authorized internal personnel

  • The following service providers acting as data processors:

Provider

Purpose

Shopify Inc.

Hosting, infrastructure and order management

Shopify applications (including invoice generation tools)

Business operations and invoicing

Invoice Generator (Shopify app)

Creation and management of invoices

These service providers process your data strictly on our behalf and under our instructions, in accordance with Article 28 GDPR.

We do not sell personal data to third parties.

6. INTERNATIONAL DATA TRANSFERS

Some data may be transferred outside the European Union (notably via Shopify).

Such transfers are governed in accordance with Articles 44 to 49 GDPR, including:

  • Standard Contractual Clauses (SCCs)

  • Adequacy decisions where applicable

7. DATA RETENTION (ARTICLE 5 GDPR)

Data category

Retention period

Customer data

Duration of the contractual relationship

Accounting data

10 years (legal obligation)

Technical logs

12 months

Cookies

Maximum 13 months

Data is deleted or anonymized once no longer necessary.

8. YOUR RIGHTS (ARTICLES 12–22 GDPR)

You have the following rights:

  • Right of access (Art. 15)

  • Right to rectification (Art. 16)

  • Right to erasure (Art. 17)

  • Right to restriction (Art. 18)

  • Right to object (Art. 21)

  • Right to data portability (Art. 20)

  • Right to withdraw consent (Art. 7)

You may exercise your rights at:
pelemele101@gmail.com

You also have the right to lodge a complaint with a supervisory authority such as the French CNIL:
www.cnil.fr

9. DATA SECURITY (ARTICLE 32 GDPR)

We implement appropriate technical and organizational measures, including:

  • Restricted access to data

  • Secure authentication systems

  • Secure hosting via Shopify

  • SSL encryption for transactions

However, no system is completely secure.

10. COOKIES

10.1 Definition

A cookie is a small file stored on your device that allows your browser to be recognized.

10.2 Cookies used

The website only uses strictly necessary cookies, including:

Cookie

Purpose

Duration

Shopify cookies

Cart and session management

Session

Security cookies

Fraud prevention

Session

These cookies do not require prior consent under applicable laws.

10.3 Consent

  • No analytics or advertising cookies are used

  • If this changes, your consent will be collected via a cookie banner

10.4 Managing cookies

You can:

  • Modify your preferences via the cookie banner

  • Configure your browser settings

Please note that disabling certain cookies may affect website functionality.

11. THIRD-PARTY LINKS

The website may contain links to external websites.
We are not responsible for their privacy practices.

12. POST-MORTEM DATA RIGHTS

Under French law, you may define instructions regarding the storage, deletion, and communication of your personal data after your death.

13. CHANGES TO THIS POLICY

This Privacy Policy may be updated at any time.
The applicable version is the one published on the website.