Aller au contenu
Worldwide shipping, delivered in 7 to 21 days

Privacy Policy

Last updated: 13/05/2026

ARTICLE 1: PREAMBLE

This privacy policy applies to the website www.daothe.com, published by Elouan Quéméneur, trading under the business name Daothé (hereinafter "Daothé" or "we").

Its purpose is to inform users of the website about how their personal data is collected and processed, about the rights they have regarding this data, about the identity of the data controller, about the potential recipients of this data, and about the website's cookie policy.

Personal data is understood to mean all information that makes it possible to identify, directly or indirectly, a natural person: surname, first name, postal address, email address, telephone number, IP address, login credentials.

This policy complements the legal notice and the general terms and conditions of sale, available at the following address: https://daothe.com/conditions-generales-de-vente/

ARTICLE 2: GENERAL PRINCIPLES REGARDING THE COLLECTION AND PROCESSING OF DATA

In accordance with Article 5 of European Regulation 2016/679 (hereinafter "GDPR"), the collection and processing of website users' data comply with the principles of lawfulness, fairness and transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality.

The collection and processing of personal data is based, depending on the case, on one of the following legal bases, in accordance with Article 6 of the GDPR: the user's consent, the performance of a contract to which the user is a party, compliance with a legal obligation to which the data controller is subject, or the pursuit of a legitimate interest of the data controller.

ARTICLE 3: DATA COLLECTED, PURPOSES AND LEGAL BASES

A. Data collected when placing an order

When making a purchase on the website, the following data is collected: surname, first name, postal address, email address and telephone number. Proof of the transaction (purchase order and invoice) is retained in our systems.

The legal basis for this processing is the performance of the sales contract (Article 6.1.b of the GDPR). This data is necessary for the preparation, shipping and tracking of the order, as well as for the management of the customer relationship (responding to requests, after-sales service).

B. Data collected in connection with commercial communications

With the user's consent, their email address may be used to send communications relating to Daothé's activities (new products, news). These communications are sent via Shopify's integrated tools.

The legal basis for this processing is the user's consent (Article 6.1.a of the GDPR). The user may withdraw their consent at any time by clicking on the unsubscribe link present in each email, or by sending their request to contact@daothe.com.

C. Data collected automatically (cookies and trackers)

The details of the cookies and trackers used on the website are set out in Article 8 of this policy.

D. Retention period

Data relating to orders is retained for a period of five years from the last order, in accordance with legal obligations regarding commercial limitation periods. Accounting data (invoices, proof of transaction) is retained for ten years in accordance with the French Commercial Code. Data collected for commercial prospecting purposes is retained for three years from the user's last active contact (email opening, purchase, request).

ARTICLE 4: RECIPIENTS OF THE DATA

The personal data collected on the website may be transmitted to the following processors, who are involved in the performance of the services:

Shopify Inc. (151 O'Connor Street, Ottawa, Ontario, Canada): website hosting, order management, payment processing via Shopify Payments (operated by Stripe), sending of commercial communications. Data transfers to Canada are governed by the European Commission's adequacy decision. Transfers to the United States are covered by the EU-US Data Privacy Framework.

PayPal (Europe) S.à r.l. et Cie, S.C.A. (22-24 Boulevard Royal, L-2449 Luxembourg): payment processing when the user chooses this payment method.

Google LLC (1600 Amphitheatre Parkway, Mountain View, CA, United States): audience measurement via Google Analytics. Transfers to the United States are covered by the EU-US Data Privacy Framework.

Meta Platforms Ireland Ltd (Merrion Road, Dublin 4, Ireland): advertising tracking via the Facebook pixel. The data is processed by Meta Platforms Ireland within the European Union.

These processors only access the data to the strict extent necessary for the performance of their services and are bound by contractual obligations of confidentiality and security.

No personal data is sold or transferred to third parties for commercial purposes.

ARTICLE 5: DATA HOSTING

The website www.daothe.com is hosted by Shopify Inc., whose registered office is located at 151 O'Connor Street, Ottawa, Ontario, K2P 2L8, Canada.

The data is stored on Shopify's servers located in North America. Data transfers outside the European Union are governed by the mechanisms mentioned in Article 4.

ARTICLE 6: DATA CONTROLLER

The data controller for the personal data is Elouan Quéméneur, who can be reached by email at contact@daothe.com or by post at the following address: Daothé, 115 chemin Haran, 64990 Urcuit.

The data controller undertakes to protect the personal data collected, not to transmit it to third parties outside the cases provided for in this policy, and to respect the purposes for which this data was collected.

The website has an SSL certificate guaranteeing the encryption of data exchanges between the user and the website.

In the event of a data breach likely to result in a high risk to the rights and freedoms of users, the data controller undertakes to inform the persons concerned as soon as possible, in accordance with Article 34 of the GDPR, as well as the CNIL within 72 hours in accordance with Article 33 of the GDPR.

ARTICLE 7: USER RIGHTS

In accordance with the GDPR and the French Data Protection Act, the user has the following rights regarding their personal data:

Right of access (Article 15 of the GDPR): the user may obtain confirmation as to whether or not data concerning them is being processed, and obtain a copy of it.

Right to rectification (Article 16 of the GDPR): the user may request the correction of inaccurate data or the completion of incomplete data. The user may also modify their information directly from their customer account on the website.

Right to erasure (Article 17 of the GDPR): the user may request the deletion of their data, subject to the legal retention obligations incumbent on Daothé.

Right to restriction of processing (Article 18 of the GDPR): the user may request the restriction of the processing of their data in the cases provided for by the GDPR.

Right to portability (Article 20 of the GDPR): the user may request to receive their data in a structured, commonly used and machine-readable format, or to have it transmitted directly to another data controller.

Right to object (Article 21 of the GDPR): the user may object to the processing of their data on grounds relating to their particular situation, or object without reason to the processing of their data for commercial prospecting purposes.

Right to withdraw consent (Article 7 of the GDPR): where processing is based on consent, the user may withdraw it at any time, without affecting the lawfulness of the processing carried out before such withdrawal.

Right to set guidelines regarding the fate of their data after their death (Law No. 2016-1321 of 7 October 2016).

To exercise any of these rights, the user may send their request by email to contact@daothe.com, specifying their surname, first name and email address. The data controller will respond within one month of receipt of the request. This period may be extended by two months given the complexity or number of requests.

In the event of an unsatisfactory response or no response, the user has the right to lodge a complaint with the CNIL (Commission Nationale de l'Informatique et des Libertés — www.cnil.fr) or to bring the matter before the competent court.

ARTICLE 8: COOKIES AND TRACKERS

When browsing the website, cookies and trackers may be placed on the user's device. An information banner is displayed on the first visit in order to obtain the user's consent for non-essential cookies.

Strictly necessary cookies: these cookies are essential to the operation of the website (cart management, user session, security). They do not require the user's consent.

Audience measurement cookies: the website uses Google Analytics and Shopify's integrated analytics tools to measure traffic and understand how the website is used. These cookies are only placed with the user's consent.

Advertising cookies: the website uses the Facebook pixel (Meta) for advertising tracking and targeting purposes. This tracker is only activated with the user's consent.

The user may at any time modify their cookie preferences via the cookie management banner accessible on the website, or by configuring their browser. Refusing non-essential cookies does not prevent the use of the website or the placing of orders.

ARTICLE 9: MINORS

In accordance with Article 8 of the GDPR and the French Data Protection Act, only minors aged fifteen or over may consent to the processing of their personal data. Below this age, the consent of a legal representative is required.

ARTICLE 10: AMENDMENT OF THE PRIVACY POLICY

Daothé reserves the right to amend this policy in order to ensure its compliance with the applicable law. The user is invited to consult it regularly. Any substantial amendment will be indicated by updating the date appearing at the top of this document.