PERSONAL DATA PROTECTION POLICY 

KEYENA is required to process personal data concerning users when they use the https://keyena.com/ website (hereinafter “the Site”) or order online on the Site.

This Personal Data Protection Policy (hereinafter “the Policy”) informs you of the way in which we process, protect and share your personal data collected in the context of your use of the Site.

In particular, it contains important information about your rights with respect to your personal data.

Please read it carefully so that you know and understand our practices regarding the processing of personal data by us.
Please note that this Policy may be amended or supplemented at any time, in particular in order to comply with any legislative or regulatory changes. In such a case, the date of the update will be clearly identified at the top of the Policy. These changes are binding on the user of the Site as soon as they are posted online. Please consult this Policy on a regular basis in order to be aware of any changes.
For any information on the protection of personal data, you can also visit the website of the CNIL (Commission Nationale de l’Informatique et des Libertés): https://www.cnil.fr.

1. Who is the data controller?

The data controller is the person who determines the purposes (why are personal data processed?) and means (how are personal data processed?) of a personal data processing operation (in particular, collection, storage, transmission, deletion and/or use of personal data).

KEYENA, a simplified joint stock company with a single shareholder and a capital of €10,600, registered in the LYON Trade and Companies Register under number B 880 214 051, whose registered office is located at 320, route de Genas in Bron (69500), acts as the data controller.

Number : + 33 (0)____________

Hereinafter referred to as “KEYENA”.

2. What types of personal data does KEYENA collect?

Personal data is any data that can be used to designate or identify, directly or indirectly, a natural person, such as first and last names, postal address, telephone number, e-mail address or IP address.
As part of your use of the Site, KEYENA collects and processes various types of personal data.

2.1. The data you provide directly to us

When you create a customer account on the Site, you transmit to us :
– Your first and last name
– A valid email address
– A password
This information is mandatory. Otherwise, you will not be able to create a customer account.

When you order a product on the Site, you transmit to us :
– Your first and last name
– The name of your company
– A billing address and a delivery address
– A valid email address
– A cell phone number
This information is mandatory. Otherwise, you will not be able to order a Product on our Site.

When you sign up for our newsletter, you provide us with your e-mail address.
The data you give us when you contact KEYENA via the Site’s contact form.
The data you send us when you post a review on the Site.
The data you give us when you contact KEYENA in any way whatsoever.

2.2. Information we collect when you use our site

2.2.1. Technical data

When you use the Site, we collect technical information relating to your connection and your navigation such as: your Internet browser, IP address, navigation history (date and time of the last connection).

Various technologies may be used to collect this data, including the use of cookies.

For information on cookies, please see our Cookie Policy, available here and on our Site by clicking on the “Cookie Policy” tab.

2.2.2. Transaction data

When placing an order, we also collect transaction data from the use of our delivery services, such as delivery data, time and date of delivery.

2.3. Rules applicable to banking data

The banking data transmitted when you order Products via the Site are collected by our payment provider STRIPE whose privacy policy (only in English) is accessible from the following link: https://stripe.com/fr/privacy.

At no time do your banking details pass through KEYENA’s computer system.

Your IP address may also be collected by [KEYENA and transmitted to STRIPE OR by STRIPE] in order to secure online payments and fight against fraud.

3. For what purposes is my personal data processed by KEYENA?

We use your personal data for the following purposes:

Supply of products marketed on the Site
Management of your customer account on the Site
Management and follow-up of customer orders
Management of billing and payment operations
Management of your requests for information
Management of your rights
Management of your complaints
Strengthen and personalize communication with you, in particular by sending newsletters and communication campaigns
Measure your level of satisfaction through customer reviews and improve offers and services through satisfaction surveys
To carry out statistical studies
To prevent fraud
To ensure the security of the Site
Investigating and prosecuting illegal activities
Settling disputes
Publication of customer reviews on the Site.

4. On what legal basis is my personal data processed?

The processing of your personal data is justified by different legal grounds (legal bases) depending on the use we make of the data. You will find below the legal bases that we apply to our main processing operations.

The legal bases

Main treatments
The contract:
  • Execution of the General Sales Conditions.

The consent:

You agree to the processing of your personal data by means of an express consent (check box, click…). You can withdraw this consent at any time.

Are based on your consent:

The processing of your data collected via the contact form on the Site.
The processing of your data for the sending of newsletters and communication campaigns.

    Legitimate interest:

    KEYENA has a legitimate interest in processing your data that is justified, balanced and does not infringe your privacy, in the following cases: 

    • As part of the use of the Site, your IP addresses are collected for the purpose of securing our computer systems against fraud and cyber-attack. 
    • In order to measure the level of customer satisfaction, in particular through customer reviews / to improve offers and services through satisfaction surveys.
    • To carry out statistical studies.
    • As part of your requests for information.

    5.Who are the recipients of your personal data?

    Your personal data may be processed by authorized KEYENA staff, partners or service providers of KEYENA. The use of these partners or service providers is necessary for the proper execution of the contract between you and KEYENA.

    Are likely to have access to your personal data:

    KEYENA staff who need to access it as part of their duties
    The technical subcontractors we use in the course of our activities to :
    Host your data on servers based exclusively in France
    To be completed: mention the activities for which you use technical subcontractors
    The payment provider STRIPE
    The beneficiaries of our activities in case of transfer of activity or assets
    The consumer ombudsman and, if applicable, any competent authority.
    To be completed if necessary

    6. How long do we keep your personal data?

    The length of time your personal data is kept varies according to the purpose of its processing, as well as legal and regulatory obligations:

    7. What are your rights regarding your personal data?

    In accordance with the regulations in force, you have rights concerning your personal data:

    7.1. Right of access and communication

    You have the right to know whether KEYENA processes personal data about you and, if so, to obtain a copy of such data in an understandable format.

    In order to process your request, we are legally obliged to verify your identity. We may need to ask you to provide us with further information to respond to your request (such as a copy of your identity document).

    7.2. Right of rectification and deletion

    You have the right to have your inaccurate data corrected and your incomplete data completed, as well as to have your personal data erased in accordance with the regulations in force.

    7.3. Right to limit processing

    You have the right to temporarily suspend the use, in part or in whole, of your personal data.

    This is the right to have a processing operation suspended for the time needed to carry out a verification in the cases provided for by the regulations (e.g. to verify the accuracy of the data, to check whether the legitimate reasons pursued by the data controller prevail over those invoked by the data subject in the event of opposition, etc.).

    7.4. Right to object

    You also have the right to data portability, i.e. the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format and the right to transmit this data to another data controller.

    This right only applies to data collected with your consent or under contract.

    7.6. Instructions in the event of death

    You have the right to define general or specific directives concerning the fate of your personal data after your death.

    You may change or revoke these instructions at any time.

    7.7. Exercice of rights

    You can exercise your rights by mail by writing to us at KEYENA – DPO, GASSAMA – 320, route de Genas – BRON 69500 – FRANCE or at contact@keyena.fr.

    7.8. 7.8. Referral to the competent supervisory authority

    If you consider that KEYENA is not complying with its obligations with regard to the protection of your personal data, you can contact the competent authority. In France, the competent authority is the CNIL: https://www.cnil.fr/.

    8. Are your personal data transferred outside the European Union?

    All our subcontractors and partners are established within the European Union.

    9. 9. Security of your personal data

    We undertake to take all necessary measures, in view of the nature of the data and the risks presented by the processing, to preserve the security of your personal data and, in particular, to prevent them from being distorted, damaged or accessed by unauthorized third parties.

    We use physical, electronic and administrative security measures.

    Our safeguards include firewalls, physical access controls, and authorization controls for data access.

    10. Cookies

    For more information, please see our Cookie Policy, available here.