Introduction

As part of the relationship you have with our Company, you will be required to provide us with a certain amount of personal data.
Our Company is committed, within the framework of its activities and in accordance with the national legislations in force (in France: Law No. 78-017 of January 6, 1978, as amended, relating to information technology, files and freedoms) and Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the Processing of Personal Data and on the free movement of such Data (RGPD), to ensure the protection, confidentiality and security of the Personal Data of the persons benefiting from the services offered by our Company, as well as to respect their privacy. Within the
meaning of the European regulations, personal data (hereinafter “Personal Data”) means any information that may relate to an identified or identifiable
natural person.
The GDPR requires us, as a data controller, to meet certain security requirements, which we ensure we comply with in order to ensure the protection of your Personal Data.
This policy is intended to provide you with the information necessary for you to understand the various processes that we carry out in order to carry out our missions and to provide you with the services that are best suited to you.
This policy applies to any individual who has a relationship with our company as a data owner, customer, prospect, applicant, agent, guarantor or legal representative.

Article 1: Identity and contact details of the data controller

The data controller is TELXIA Ltd, registered in Bulgaria under number 205264867 and with registered office at 28 Tsar Asen, 8000 Burgas, Bulgaria, (hereinafter the “Company”).

Article 2: Personal data collected

When you visit our website www.neroskincare.com/, we collect personal data such as your name, email address, phone number, shipping/billing address and information about your browsing and shopping behavior. The data we collect is used to receive and process your order, process payment for your order, deliver your purchases, send marketing communications, provide registered users with access to services, and support you through our customer service teams.
We process your personal data for a variety of purposes on a number of legal bases: to ensure the proper performance of our contract, pursuant to our legitimate business interests, to comply with a legal obligation, or on the basis of your consent which you may withdraw at any time.

Article 3: Processing of personal data

Your personal data will be processed by NERO SKINCARE’s internal teams and may be transferred to third parties that we use to provide our services. These third parties include: –
our payment service providers to help us process your orders;
– our delivery service providers to help us deliver your purchases;
– our professional service providers, such as e-mail service providers, computer software providers, marketing agencies and web hosts;
– governmental and regulatory bodies in order to fulfill our legal obligations ;
In all cases of subcontracting the processing of some of your personal data, our Company requires our subcontractors to comply with all the legal and technical provisions for the protection of your Personal Data in accordance with the RGPD, in particular by prohibiting them from reproducing your data for their own benefit or for the benefit of anyone else, or from marketing it.
In the event that our Company subcontracts all or part of the Personal Data concerning you, we shall remain solely responsible for the processing with respect to you.
Your Personal Data will not be transferred outside the European Union.

Article 4: Length of time personal data is kept

Our Company complies with Article 5 of the RGPD which states as a principle relating to the processing of personal data that “Personal data must be kept in a form which permits identification of the data subjects for no longer than is necessary for the purposes for which it is processed […]”.
When the person whose data is collected has not yet entered into a contractual relationship with our Company (prospect, candidate for employment, etc.), his or her personal data may be kept for a maximum of two years from the date of his or her last contact with our services, unless a shorter period is indicated in the communication channel used.
When the person whose data is collected is party to a contract with our Company, his or her personal data is kept for the duration of the said contract or for the time required to complete the service, to close legal proceedings, to comply with legal or regulatory obligations and to preserve evidence in contractual matters until the rights of the parties or third parties concerned have been extinguished.

Article 5: Use of cookies

A cookie is a text file that may be placed on your terminal when you visit a website or an application, thanks to your browser. A cookie file allows its issuer to identify the terminal in which it is stored, for the duration of validity or storage of the cookie.
When you connect to one of the pages of our site, we are likely, subject to your choices, to install various cookies in your terminal allowing us to recognize the browser of your terminal during the period of validity of the cookie concerned.
The cookies that we issue are used for the purposes described below, which result from the parameters that you will have indicated during your visit and that you can express and modify at any time under the conditions recalled in the present policy.
Four categories of cookies are used for the purposes described below. As far as possible, we inform you of the purpose of the third-party cookies of which we are aware and of the means available to you to make choices with regard to these cookies.

Cookies necessary for the operation of the site These are
cookies that are essential for browsing our site (such as session identifiers) and that allow you to use the main features of the site and to secure your connection. Without these cookies, you would not be able to use the site normally and we therefore advise you not to prevent their use or to delete them. These cookies are deposited exclusively by our Company.

Functionality cookies
These cookies allow us to optimize the functioning of the site. They also allow you to adapt the presentation of the site to the display preferences of your terminal during your visits. These cookies allow you to have a fluid and customized navigation. Placing cookies on your terminal is the simplest and fastest way to personalize and improve your user experience.
These cookies are deposited by our Company. They have a short lifespan, corresponding for the most part to the duration of your session and, at most, thirteen (13) months.
If you have refused the implementation of cookies, you will not be able to benefit from the features described in this paragraph.

Analytical / performance measurement cookies These are
cookies that allow us to know the use and performance of the site, to establish statistics, volumes of traffic and use of various elements (content visited, path …) in order to improve the interest and usability of our services (pages or sections most often visited, the most read articles, …). Cookies are also used to count visitors to a page.
These analytical cookies are likely to transfer personal data to member countries of the European Union. In this case, a precise and demanding framework, in accordance with the models adopted by the European Commission, as well as appropriate security measures, ensure the protection of the personal data transferred. The transfers of personal data made necessary take place under conditions and guarantees that ensure the confidentiality and security of such data.
The fact of refusing the implementation of such cookies or of deleting them has no impact on your navigation on our site but is likely to prevent us from ensuring the best quality of services that we wish to offer to our visitors.

Video cookies
We may include on our site computer applications from third parties that allow you to read content from our site with other people or to let them know your consultation or your opinion about content on our site.
For example, our site may contain playback links to YouTube that allow you to play content from our site. When you use this playback button, a third-party cookie from the relevant site is set. If you are logged in to the site while browsing our site, the playback buttons allow you to link the content you have viewed to your user account
– We invite you to consult the privacy policy of this site in order to learn about the purposes of use, including advertising, of the browsing information that it may collect thanks to this application button. YouTube’s cookie policy, for example, can be found below: https://policies.google.com/privacy?hl=fr&gl=fr
– These protection policies should allow you to exercise your choices with this operator, in particular by setting up your user account on its site.

Article 6 : Deletion or limitation of cookies

You can restrict, block or delete cookies from the cookie management banner that appears when you first log in. You may not opt out of the use of essential and functional cookies that are required to ensure the functionality of the Site. By deleting our cookies or disabling future cookies, you may not be able to access certain parts or features of our Site.
https://tools.google.com/dlpage/gaoptout.
To more effectively target the ads we post on Facebook, we use Facebook’s personalized audience services. You can manage the use of Facebook cookies at http://www.facebook.com/about/privacy/.
For more information about how cookies work, how to manage them, and how to delete them, please visit http://www.youronlinechoices.com/.

Article 7: Security

We take all necessary technical, physical and organizational measures to protect your personal data against the risks of unauthorized access, illegal processing, loss, disclosure, damage or unintentional or unauthorized destruction. Information relating to your means of payment and in particular to your credit cards is encrypted using the SSL security protocol and stored with AES-256 encryption.

Article 8: Changes to the Privacy Policy

We regularly revise our Privacy Policy to reflect changes to our services and privacy regulations. Any version of the Privacy Policy posted on the Site supersedes previous versions and is effective immediately upon posting.

Article 9: Your rights

You have the right to access, rectify, delete, port your personal data, oppose, and limit the processing as provided for in the RGPD and the Data Protection Act.
The rights referred to in this paragraph may be exercised by written request, accompanied by proof of identity, addressed to the contact details mentioned above or by e-mail to the following address: privacy@neroskincare.com.
We will respond to any person who has made use of one of the aforementioned rights within one (1) month from receipt of the request.
This period may be extended by two (2) months, taking into account the complexity and number of requests, after informing the person concerned of this extension within one (1) month of receiving the request.
Where the data subject formulates his request in electronic form, the information shall be provided electronically where possible and unless he requests otherwise.
If the controller refuses to comply with the data subject’s request for information, the controller shall state the reasons for the refusal.
In the event that we do not respect your rights or if you wish to report any infringement of the protection of your Personal Data, you may also file a complaint with your national supervisory authority (for France, with the CNIL, 3 place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07).