Privacy Policies


Privacy Policy Last Updated: September 20, 2019

Welcome to https://ivindobio.com (the “Site”).

By connecting to this site, subscribing to the newsletter and purchasing IVINDO BIO and participating in it, you transmit personal information to us. The controller of your personal data Florence ROUX, FLO COSMETICS Ltd , whose registered office is located at 28 Old Brompton Road SW7 3SS, LONDON (hereinafter “IVINDO BIO” or “ We ").

The protection of your personal data is a priority for IVINDO BIO, and this collection of information is limited to what is strictly necessary, in accordance with the principle of data minimization. Your data will not be transmitted to third parties for commercial prospecting purposes, whether free of charge or for a fee.

For any clarification or complaint, do not hesitate to contact us on the page https://ivindobio.com for any request.

WHAT ARE THE CATEGORIES OF DATA THAT ARE SUBJECT TO COMPUTERIZED PROCESSING?

  • When you browse the Site, data is collected using cookies and similar technologies (including IP addresses, connection logs, traffic data, terminal used, browser language).
  • Civil status and contact information (name; first name; email address; postal address; telephone number) will allow us to identify you (creation of a profile) and communicate with you; Your messages and our responses may also be subject to computer processing;
  • We will also be required to process information relating to the contractual and commercial relationship (in particular details on the training course(s) ordered) that you may establish with us as well as banking information (bank details, card numbers, cryptogram) and transactional information (transaction date, amount, order number).
  • As part of the training to which you subscribe, we will be required to collect and process data on monitoring and participation in the training (consultation of modules, time spent, progress indicators, data on participation in webinars, registration data and participation in events organized as part of the training, etc.).

The fields that must be completed are indicated as such in our collection forms (asterisk, notification, mention, etc.).

In the event that we ask you to respond to surveys, questionnaires, etc., we will ensure the legality of collecting other categories of personal data than those mentioned above.

FOR WHAT PURPOSES AND ON WHAT LEGAL BASIS?

These data processing operations contribute to the execution of the contractual relationship that unites us and/or that you wish to establish with us, since the personal data that we collect and process are necessary for the performance of the services requested under the Amazon.fr T&Cs.

These treatments are also necessary to protect our legitimate interests, in particular by allowing us to carry out commercial prospecting within the framework of our professional activity, to keep proof of transactions carried out and/or where applicable to recover unpaid invoices.

More specifically, the objectives pursued by the automated processing of the aforementioned data are as follows:

  • Identification of persons using the Site to benefit from online training services, register and access related services;
  • Ensure the management of the customer account of the person concerned or of the legal entity that the person concerned represents, and the execution of payment transactions made at their request;
  • Carry out operations relating to the management of files concerning: contracts; orders; deliveries; invoices; accounting and monitoring of the commercial relationship;
  • Management of relationships with prospects and customers and of people's opinions on products, services or content;
  • Processing of questions and possible complaints from individuals and management of requests for the right of access, rectification and opposition;
  • Compliance with the terms of online access to accounts (and management of any authentication procedures);
  • Analysis and monitoring of the progress of training subscribers as well as their participation in training events (online or in person);
  • Execution of payments;
  • Development of commercial statistics and advertising, including on social networks;
  • Prospecting and/or sending information (newsletter), which includes following up with prospects (including in the event of order abandonment), managing technical prospecting operations, selecting people to carry out loyalty, prospecting, survey, product testing and promotional activities, as well as carrying out solicitation operations;
  • Prevention and fight against fraud and means of payment and in particular against bank card fraud;
  • Management of unpaid debts and disputes;
  • Improvement of the Site and the IVINDO BIO service, subscription and training offers.

INFORMATION ON COOKIES

You are informed that we are likely to place cookies on your device. The cookie records information relating to browsing on our sites (the pages you have viewed, the date and time of viewing, etc.) that we can read during your subsequent visits. The maximum retention period for cookies is 13 months after their first deposit in your device. The lifespan of cookies is not extended with each visit.

Cookies may be used for statistical purposes, in particular to optimize the services provided, based on the processing of information concerning the frequency of access, the personalization of pages as well as the operations carried out and the information consulted. They may also be used for advertising purposes, in particular to offer you targeted content in banners and inserts on the Internet. Certain features of the site such as video players or interactive content may use services offered by third parties and place cookies allowing them to identify your consultation of the content.

You are therefore informed that we may use cookies, and you authorize us to do so by validating the dedicated banner. If you do not want cookies to be used on your device, most browsers allow you to disable cookies through the settings options ( more information here ). However, you are informed that some services may no longer function properly.

WHAT ARE YOUR RIGHTS AND HOW TO EXERCISE THEM

You have the right to access your data, to rectify or erase it, to query it, to limit the processing of your data, to portability, and to erasure ( more information here ), within the limits set by the regulations and in particular the GDPR.

You also have the right to object at any time, for reasons relating to your particular situation, to the processing of personal data having as its legal basis our legitimate interest, as well as a right to object to commercial prospecting by clicking on the unsubscribe link in the newsletter.

Requests to exercise your rights should be sent to the page: https://ivindobio.com . You can also lodge a complaint with the personal data protection and supervisory authority to which you are subject (for example, in France, the CNIL).

For all useful purposes, it is specified that from the exercise of the right to erasure, to oppose the processing, or to withdraw consent, the proper functioning of the Site and the online store may be disrupted or even interrupted. For example, if these rights are exercised at the time of ordering products, then said order cannot be carried out.

HOW LONG IS MY DATA KEPT?

If you have not authenticated yourself on the Site or have not engaged in active behavior (for example, by clicking on a link) for a period of three years, you may receive an email inviting you to log in as soon as possible, otherwise your data will be deleted from our databases. Our electronic communications relating to commercial prospecting or newsletters will include an unsubscribe link.

In accordance with our legal obligations, certain documents relating to our internal operations and containing personal information (purchase orders, contracts, invoices, etc.) will be archived. In any event, the personal data processed are not kept beyond the time necessary to fulfill the obligations defined when the contract was concluded, or as required by current legislation. Beyond this, they may be anonymized and kept for exclusively statistical purposes.

The data collected using cookies and similar technologies are kept for the period strictly necessary to achieve the purposes set out above, without going beyond 13 months.

Data purging methods are put in place to provide for their effective deletion as soon as the retention or archiving period necessary for the accomplishment of the determined or imposed purposes is reached.

OUR COMMITMENTS REGARDING SUBCONTRACTING, TRANSFER, COMMUNICATION TO THIRD PARTIES

Your personal data is for internal use, it is strictly confidential and cannot be disclosed to third parties, except in the event of express agreement or if you have decided to make it public.

In the event of communication of your personal data to a third party, whatever their capacity, we will ensure beforehand that the latter is required to apply confidentiality conditions identical to ours.

In addition, we undertake to (i) ensure that any subcontractor provides sufficient and appropriate contractual guarantees to respect your rights, so that the processing meets the requirements of the GDPR and (ii) to comply with the provisions of the GDPR applicable to data transfers.

Based on our legal obligations, your personal data may be disclosed in application of a law, a regulation or by virtue of a decision of a competent regulatory or judicial authority.

OUR COMMITMENTS IN TERMS OF COMPUTER SECURITY

We undertake to implement all appropriate technical and organizational measures using physical and logistical security measures in order to guarantee an appropriate level of security with regard to the risks of accidental, unauthorized or illegal access, disclosure, alteration, loss or destruction of your personal data.

In the event that we become aware of illegal access to your personal data stored on our servers or those of our service providers, or of unauthorized access resulting in the realization of the risks identified above, we undertake to:

  • Notify you of the incident as soon as possible if it is likely to result in a high risk to your rights and freedoms;
  • Examine the causes of the incident;
  • Take reasonable steps to mitigate the negative effects and harm that may result from said incident.

Under no circumstances may the commitments defined in the point above be assimilated to any recognition of fault or responsibility with regard to the occurrence of the incident in question.

APPLICABLE LAW AND LANGUAGE

This Privacy Policy is governed by European Union law. They are written in French. In the event that they are translated into one or more languages, only the French text shall be authentic in the event of a dispute. The invalidity of a clause shall not entail the invalidity of the Privacy Policy. The temporary or permanent non-application of one or more clauses hereof shall not constitute a waiver on its part of the other clauses hereof, which shall continue to produce their effects.