Login

Cart

Your cart is empty

Privacy Policy

Last updated: 13/05/2026

ARTICLE 1: PREAMBLE

This privacy policy applies to the website www.daothe.com, published by Elouan Quéméneur, operating under the trade name Daothé (hereinafter referred to as "Daothé" or "we").

Its purpose is to inform website users about how their personal data is collected and processed, their rights regarding this data, the identity of the data controller, any potential recipients of this data, and the website's cookie policy.

Personal data is considered to be any information that directly or indirectly identifies a natural person: last name, first name, postal address, email address, telephone number, IP address, connection identifiers.

This policy complements the legal notices and general terms and conditions of sale available at the following address: https://daothe.com/conditions-generales-de-vente/

ARTICLE 2: GENERAL PRINCIPLES FOR DATA COLLECTION AND PROCESSING

In accordance with Article 5 of European Regulation 2016/679 (hereinafter "GDPR"), the collection and processing of user data on the site adhere to the principles of lawfulness, fairness and transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, and confidentiality.

The collection and processing of personal data are based, depending on the case, on one of the following legal bases, in accordance with Article 6 of the GDPR: user consent, the performance of a contract to which the user is a party, compliance with a legal obligation incumbent on the data controller, or the pursuit of a legitimate interest of the data controller.

ARTICLE 3: DATA COLLECTED, PURPOSES AND LEGAL BASES

A. Data collected during an order

When making a purchase on the site, the following data is collected: last name, first name, postal address, email address, and phone number. Proof of the transaction (purchase order and invoice) is kept in our systems.

The legal basis for this processing is the performance of the sales contract (Article 6.1.b of the GDPR). This data is necessary for the preparation, shipment, and tracking of the order, as well as for customer relationship management (responding to requests, after-sales service).

B. Data collected for commercial communications

With the user's consent, their email address may be used to send communications related to Daothé's activities (new products, news). This is sent via Shopify's integrated tools.

The legal basis for this processing is the user's consent (Article 6.1.a of the GDPR). The user can withdraw their consent at any time by clicking on the unsubscribe link in each email, or by sending their request to contact@daothe.com.

C. Data collected automatically (cookies and trackers)

The details of cookies and trackers used on the site are specified in Article 8 of this policy.

D. Retention period

Order-related data is kept for a period of five years from the last order, in accordance with legal obligations regarding commercial prescription. Accounting data (invoices, transaction proofs) is kept for ten years in accordance with the commercial code. Data collected for commercial prospecting purposes is kept for three years from the user's last active contact (email opening, purchase, request).

ARTICLE 4: DATA RECIPIENTS

Personal data collected on the site may be transmitted to the following subcontractors, who are involved in the performance of services:

Shopify Inc. (151 O'Connor Street, Ottawa, Ontario, Canada): website hosting, order management, payment processing via Shopify Payments (operated by Stripe), sending of commercial communications. Data transfers to Canada are governed by the European Commission's adequacy decision. Transfers to the United States are covered by the EU-US Data Privacy Framework.

PayPal (Europe) S.à r.l. et Cie, S.C.A. (22-24 Boulevard Royal, L-2449 Luxembourg): payment processing when the user chooses this payment method.

Google LLC (1600 Amphitheatre Parkway, Mountain View, CA, United States): audience measurement via Google Analytics. Transfers to the United States are covered by the EU-US Data Privacy Framework.

Meta Platforms Ireland Ltd (Merrion Road, Dublin 4, Ireland): advertising tracking via the Facebook pixel. Data is processed by Meta Platforms Ireland within the European Union.

These subcontractors only access data to the strict extent necessary for the performance of their services and are bound by contractual confidentiality and security obligations.

No personal data is sold or transferred to third parties for commercial purposes.

ARTICLE 5: DATA HOSTING

The website www.daothe.com is hosted by Shopify Inc., whose registered office is located at 151 O'Connor Street, Ottawa, Ontario, K2P 2L8, Canada.

Data is stored on Shopify's servers located in North America. Data transfers outside the European Union are governed by the mechanisms mentioned in Article 4.

ARTICLE 6: DATA CONTROLLER

The data controller for personal data is Elouan Quéméneur, contactable by email at contact@daothe.com or by mail at the following address: Daothé, 115 chemin Haran, 64990 Urcuit.

The data controller undertakes to protect the personal data collected, not to transmit it to third parties outside of the cases provided for in this policy, and to respect the purposes for which this data was collected.

The site has an SSL certificate guaranteeing the encryption of data exchanges between the user and the site.

In the event of a data breach likely to pose a high risk to the rights and freedoms of users, the data controller undertakes to inform the data subjects as soon as possible, in accordance with Article 34 of the GDPR, as well as the CNIL within 72 hours, in accordance with Article 33 of the GDPR.

ARTICLE 7: USER RIGHTS

In accordance with the GDPR and the French Data Protection Act, the user has the following rights regarding their personal data:

Right of access (Article 15 of the GDPR): the user can obtain confirmation as to whether or not data concerning them is being processed, and obtain a copy of it.

Right to rectification (Article 16 of the GDPR): the user can request the correction of inaccurate data or the completion of incomplete data. The user can also modify their information directly from their customer area on the site.

Right to erasure (Article 17 of the GDPR): the user can request the deletion of their data, subject to Daothé's legal retention obligations.

Right to restriction of processing (Article 18 of the GDPR): the user can request the restriction of the processing of their data in the cases provided for by the GDPR.

Right to data portability (Article 20 of the GDPR): the user can request to receive their data in a structured, commonly used, and machine-readable format, or to have it transmitted directly to another data controller.

Right to object (Article 21 of the GDPR): the user can object to the processing of their data for reasons relating to their particular situation, or object without cause to the processing of their data for commercial prospecting purposes.

Right to withdraw consent (Article 7 of the GDPR): when processing is based on consent, the user can withdraw it at any time, without compromising the lawfulness of the processing carried out before this withdrawal.

Right to define directives concerning the fate of their data after their death (Law no. 2016-1321 of October 7, 2016).

To exercise any of these rights, the user can send their request by email to contact@daothe.com specifying their last name, first name, and email address. The data controller will respond within one month of receiving the request. This period may be extended by two months due to the complexity or number of requests.

In case of an unsatisfactory response or no response, the user has the right to lodge a complaint with the CNIL (Commission Nationale de l'Informatique et des Libertés — www.cnil.fr) or to refer the matter to the competent court.

ARTICLE 8: COOKIES AND TRACKERS

When browsing the site, cookies and trackers may be placed on the user's terminal. An information banner is displayed during the first visit to obtain the user's consent for non-essential cookies.

Strictly necessary cookies: these cookies are essential for the proper functioning of the site (shopping cart management, user session, security). They do not require user consent.

Audience measurement cookies: the site uses Google Analytics and Shopify's integrated analytics tools to measure traffic and understand site usage. These cookies are only placed with the user's consent.

Advertising cookies: the site uses the Facebook pixel (Meta) for advertising tracking and targeting purposes. This tracker is only activated with the user's consent.

The user can at any time modify their cookie preferences via the cookie management banner accessible on the site, or by configuring their browser. Refusing non-essential cookies does not prevent the use of the site or the placement of orders.

ARTICLE 9: MINORS

In accordance with Article 8 of the GDPR and the French Data Protection Act, only minors aged fifteen or older can consent to the processing of their personal data. Below this age, the consent of a legal representative is required.

ARTICLE 10: MODIFICATION OF THE PRIVACY POLICY

Daothé reserves the right to modify this policy to ensure its compliance with current law. The user is invited to consult it regularly. Any substantial modification will be indicated by updating the date at the top of this document.