top of page

Legal Notice

Privacy Policy
Last updated: 05/11/2025

This Privacy Policy explains how Sophie Dumont collects, uses, stores, and protects the personal data of users when browsing or making a purchase on the website www.sophiedumont.com (“the Site”).
We place the utmost importance on protecting your privacy and complying with the General Data Protection Regulation (GDPR).

1. Data Controller

The controller responsible for processing personal data is:
Sophie Dumont
Email: contact@sophiedumont.com

2. Data We Collect

We collect several categories of data when you use the Site, place an order, or contact us:

  • Identification data: first name, last name

  • Contact details: email address, postal address, phone number

  • Order and delivery data: purchased products, delivery address, tracking information

  • Payment data: payments are processed securely via external providers (Stripe and PayPal). We do not store your banking information.

  • Browsing data: IP address, device type, pages viewed, cookies

  • Marketing data: subscription preferences, newsletter openings, clicks

Data is collected when you browse the Site, create an account, place an order, subscribe to the newsletter, or contact us.

3. How We Use Your Data

Your data is used for the following purposes:

  • Processing and managing your orders, payments, deliveries, and returns

  • Communicating with you (customer service, order updates, invoices)

  • Managing newsletter distribution, if you have given your consent

  • Improving user experience and the overall functioning of the Site

  • Preventing fraud and ensuring security

  • Complying with legal and accounting obligations

4. Legal Bases for Processing

We process your data based on the following legal grounds:

  • Performance of a contract: orders, purchases, deliveries

  • Consent: newsletters, marketing cookies

  • Legitimate interests: Site improvement, fraud prevention

  • Legal obligations: invoicing, accounting, regulatory requests

5. Secure Payments

Payments made on the Site are handled by:

  • Stripe (credit card payments)

  • PayPal

These providers process your payment data using strict security protocols.
The Site does not store or have access to your full banking details.

6. Delivery

The data necessary for shipping your orders may be transmitted to our main carrier, DHL, or to any other delivery provider when required.
This information is used solely to ensure the dispatch, tracking, and receipt of your order.

7. Protection of Minors

This Site is not intended for minors. We do not knowingly collect personal data from individuals under the age of 15.
If a parent or guardian discovers that a minor has provided us with personal data, they may request its deletion at: contact@sophiedumont.com

8. Cookies and Similar Technologies

The Site uses cookies to improve navigation, analyse traffic, and personalise content.
A cookie banner allows you to accept or refuse non-essential cookies during your first visit.

Types of cookies used:

  • Functional: essential for the proper functioning of the Site

  • Analytics: audience measurement and statistics

  • Marketing: targeted advertising and retargeting

You may adjust your preferences at any time through your browser settings or the cookie banner.

9. Social Media and Tracking Pixels

The Site may use tracking, analytics, and advertising tools such as:

  • Meta (Facebook & Instagram Pixel)

  • Google Analytics / Google Ads

  • Pinterest Tag (if enabled)

These tools help analyse traffic, measure the effectiveness of campaigns, and personalise advertising.
You can refuse these cookies via the consent banner.

10. Data Retention Period

  • Customer data: 5 years after the last contact or purchase

  • Billing data: 10 years (legal requirement)

  • Cookies: up to 13 months

  • Newsletters: until unsubscription

11. Data Sharing

We never sell, rent, or transfer your personal data.
Data is shared only with trusted service providers when necessary for operating the Site (hosting, payment, delivery, analytics tools).
All providers are bound by confidentiality obligations.

12. Transfers Outside the European Union

Some providers—such as Wix, Stripe, Google, or Meta—may store data outside the European Union.
In such cases, we ensure that transfers comply with the GDPR (standard contractual clauses, appropriate safeguards).

13. Your Rights

In accordance with the GDPR, you have the following rights:

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to object

  • Right to restrict processing

  • Right to data portability

  • Right to withdraw consent at any time

To exercise your rights, contact:
contact@sophiedumont.com

You may also file a complaint with the French Data Protection Authority (CNIL): www.cnil.fr

14. Data Security

We implement technical and organisational measures to protect your data against loss, unauthorised access, disclosure, or alteration.

15. Changes to This Policy

This Privacy Policy may be updated at any time.
The version displayed on the Site is the version currently in effect.

16. Applicable Language

This policy is available in several languages.
In the event of any discrepancies, the French version shall prevail.

bottom of page