Privacy Policy
Privacy Policy
Last updated: November 5, 2025
This Privacy Policy describes how Sophie Dumont collects, uses, stores, and protects users’ personal data when visiting or making a purchase on the website www.sophiedumont.com (the “Site”).
We attach great importance to protecting your privacy and complying with the General Data Protection Regulation (GDPR).
1. Data Controller
The data controller responsible for the processing of personal data is:
Sophie Dumont
Email: contact@sophiedumont.com
2. Data We Collect
We collect different categories of data when you use the Site, place an order, or contact us:
Identification data: first name, last name
Contact details: email address, postal address, phone number
Order and delivery data: purchased products, delivery address, shipment tracking
Payment data: payments are securely processed through external providers (Stripe and PayPal). We do not store your banking information.
Browsing data: IP address, device type, pages visited, cookies
Marketing data: subscription preferences, newsletter openings, clicks
Data is collected when you browse the Site, create an account, place an order, subscribe to the newsletter, or contact us.
3. Use of Your Data
Your data is used to:
Process and manage orders, payments, deliveries, and returns
Communicate with you (customer service, order tracking, invoices)
Send newsletters, if you have given your consent
Improve the user experience and the functionality of the Site
Prevent fraud and ensure security
Comply with legal and accounting obligations
4. Legal Basis for Processing
We process your data based on the following legal grounds:
Contractual necessity: orders, purchases, delivery
Consent: newsletters, marketing cookies
Legitimate interest: improving the Site, fraud prevention
Legal obligations: invoicing, accounting, requests from authorities
5. Secure Payments
Payments made on the Site are processed by:
Stripe (for credit card payments)
PayPal
These providers process your payment data according to strict security protocols. The Site does not store or have access to your full banking details.
6. Shipping
The data required to ship your orders may be transmitted to our main carrier, DHL, or to any other delivery provider if necessary.
This data is used solely to ensure the shipment, tracking, and delivery of your order.
7. Protection of Minors
This Site is not intended for minors. We do not knowingly collect personal data from individuals under the age of 15.
If a parent or guardian becomes aware that a minor has provided us with personal data, they may request its deletion by contacting: contact@sophiedumont.com.
8. Cookies and Similar Technologies
The Site uses cookies to improve navigation, analyze traffic, and personalize content.
A consent banner allows you to accept or refuse non-essential cookies during your first visit.
Types of cookies used:
Functional cookies: necessary for the proper functioning of the Site
Analytical cookies: traffic measurement and statistics
Marketing cookies: targeted advertising and retargeting
You may modify your preferences at any time via your browser settings or through the cookie banner.
9. Social Media and Tracking Pixels
The Site may use analytics and advertising tools such as:
Meta (Facebook & Instagram Pixel)
Google Analytics / Google Ads
Pinterest Tag (if activated)
These tools allow us to analyze traffic, measure the effectiveness of our campaigns, and personalize advertisements.
You may refuse these cookies through the consent banner.
10. Data Retention
Customer data: 5 years after the last contact or purchase
Billing data: 10 years (legal requirement)
Cookies: up to 13 months
Newsletter data: until you unsubscribe
11. Data Sharing
We never sell, rent, or transfer your personal data.
Your data is only shared with trusted service providers when necessary for the operation of the Site (hosting, payment processing, delivery services, analytics tools).
All such providers are bound by confidentiality obligations.
12. Transfers Outside the European Union
Some providers, such as Wix, Stripe, Google, or Meta, may store data outside the European Union.
In such cases, we ensure that transfers comply with GDPR requirements (standard contractual clauses and appropriate safeguards).
13. Your Rights
In accordance with the GDPR, you have the following rights:
Right of access
Right to rectification
Right to erasure
Right to object
Right to restriction of processing
Right to data portability
Right to withdraw consent at any time
To exercise your rights, contact:
You may also lodge a complaint with the CNIL if you believe your rights have not been respected:
www.cnil.fr
14. Data Security
We implement technical and organizational measures to protect your data against loss, unauthorized access, disclosure, or alteration.
15. Policy Updates
This Privacy Policy may be updated at any time.
The version displayed on the Site is the currently applicable version.
16. Applicable Language
This policy is available in several languages.
In the event of any discrepancy, the French version shall prevail.