0
Cart Your Shopping Cart is Empty
Since Courir was founded in 1980, we have always had a close relationship with our customers and with local social and economic fabric. In response to the increasing digitisation of personalised contact with customers, Courir has created a Personal Data Protection Charter shared with our partners.
This charter will help us maintain a close relationship with every customer and develop an accessible and relevant product offering. With your consent, Courir will inform you what we are doing to protect your personal data.
To enable you to buy with peace of mind, this charter contains clear, simple and genuine information about how data is processed by Courir with your consent. This charter will give you a better understanding of which information and personal data we collect (hereinafter referred to as "personal data") and how we use it to bring you new services while respecting all your personal data rights.
Whichever sales or contact channel you use, Courir undertakes to protect your privacy in accordance with current legislation by safeguarding the personal data you share with us, and keeping it confidential and safe.
The Main Principles
With your consent, Courir undertakes to adhere to the key principles for respecting fundamental rights and all current laws and regulations:
Your personal data may be collected:
Declarative personal data is the data you provide within our commercial relationship, or with our partners, for example:
This data is collected via forms (digitally on our websites or mobile apps), on paper, or in response to questions asked by, for example, our Customer Services team.
Compulsory declarative data is marked with an asterisk.
To use our services, you need to provide (except in specific cases):
Personal data linked to Courir products and services. This is generated by how you use or purchase our products and services within our commercial relationship.
On this website, we also collect
Exclusion of special personal data categories
In accordance with the law, we never collect special categories of personal data, meaning data that reveals racial or ethnic background, political opinions, religious or philosophical beliefs, or union membership, genetic personal data, biometric personal data used to uniquely identify a natural person, personal data concerning health, or personal data about the sex life or sexual orientation of a natural person.
These special categories of personal data are never collected or processed by Courir.
We use your data in accordance with the terms of this charter and the general terms and conditions of sale or use for our products and services. We are always mindful of the need for transparency and security when it comes to your data. Uses:
This processing takes account of your interests and fundamental rights as customers. As such, it includes measures and guarantees to ensure your interests and rights are protected, establishing an appropriate balance with our legitimate interests.
Data is stored by Courir, who collects it in accordance with French legislation and European regulations.
We may share personal data with other companies if it is needed for services you have entered into or subscribed to (e.g. home delivery, click and collect, product availability alerts, etc.). Operations where a third party receives your data are subject to a contract to ensure that your data is protected and your rights are respected.
Where data is transferred to a country outside the European Union, there are rules in place to ensure it is kept protected and secure.
Data retention periods are in line with CNIL recommendations and/or legal obligations:
Personal data categories | Active retention rules |
---|---|
Data from your customer account (non-loyalty) | 3 years after the last customer contact |
Data from your customer account (loyalty) and the loyalty programme | 5 years after the last customer contact |
Personal data for website logins | 1 year |
Cookies | Validity period maximum 13 months |
Buying data | Invoicing 10 years |
Behavioural data | Data stored while the customer is active and does not ask for their data to be deleted. No limit for anonymised data. |
Prospect data | Data stored while the customer is active and does not ask for their data to be deleted. |
Identification data | Data stored while the customer is active and does not ask for their data to be deleted. |
Segmentation | Data stored while the customer is active and does not ask for their data to be deleted. No limit for anonymised data. |
Exercise your rights by accessing the online service in the FAQ or via [My Account - Personal Data]. You can also exercise your right of access by writing with a copy of an identity document to the DPO (Data Protection Officer) at Groupe Courir – 91 avenue Ledru-Rollin 75011 Paris.
Our priority is respecting your right to have your data protected, secure and confidential. Courir undertakes to use security measures appropriate to personal data sensitivity levels to protect it from malicious intrusion, loss, modification and disclosure to unauthorised third parties.
When designing, developing, selecting and using our services requiring personal data processing, Courir is mindful of the right to personal data protection from the start.
As such, we may for example use pseudonymisation or anonymisation where this is possible or necessary.
All personal data is confidential, so can only be accessed with your consent by Courir staff or providers acting on behalf of Courir who need it to do their work. All those with access to your data are bound by a duty of confidentiality and subject to disciplinary action and/or other sanctions if they do not fulfil their obligations.
Operations involving third-party recipients are subject to a contract to ensure that your personal data is protected and your rights are respected.
At Courir, we are fully committed to protecting the personal data you give us. Due to our ongoing concerns about security and protection, we encourage you to take care to prevent unauthorised access of your personal data and protect your devices (computer, smartphone, tablet) from unwanted or malicious access by using a strong password, which it is recommended you change regularly. If you share a device, we recommend you log out after each session.
We have appointed a Data Protection Officer (DPO), whose contact details are: Claire Pellarin, Data Protection Officer, 6 place Robert Schuman, Bât B1- 38000 Grenoble France; dpo@courir.com.
" Anonymisation " is defined as resulting "from processing personal data in order to irreversibly prevent identification";
" Pseudonymisation " is a technique where identifying information (or personal data in general) is replaced with a pseudonym. This technique allows for re-identification and correlations to be examined if the need arises;
" Collect " means gathering personal data. This can be done using questionnaires or forms online;
" Consent " means any freely given, specific, informed and unambiguous indication of your wishes by which you, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to you;
" Personal data " means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
"Right of access" means all fundamental rights as described in European regulations concerning:
" Restriction of processing " means the marking of stored personal data with the aim of limiting its processing in the future;
" Minimisation " in the data context means limiting the collection or use of information;
" Data pooling " means the result of multiple partners sharing their databases containing the details of customers or prospects;
" Profiling " means "any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements";
" Products or services " means all products and services, including technology (websites, apps and associated services) that are offered or will be offered by Courir; "Commercial prospecting" means looking for customers. The fact that it is commercial means it relates to commerce;
" Commercial relationship " covers all dealings between Courir and its customers, such as when you buy products or services, use the after-sales service, participate in online games, return products, make a complaint, complete satisfaction surveys or take part in the loyalty programme;
" Data Processing Officer " is the person at an organisation who individually or jointly determines the goals and methods used in processing your personal data;
" Behavioural segmentation " uses behavioural information to establish a person's socio-economic or psychological profile in order to include them in a segment;
" Online services " means digital services offered by Courir such as a website, apps, associated services and mobile services;
" Processor " is the contractor who processes personal data on behalf of the data-controller person, structure or organisation;
" Individual behaviour tracking", sometimes called "profile deduction", means techniques to evaluate aspects of how a natural person uses the internet;
" Third party " means anyone other than Courir and yourself;
" Personal data processing " means any operation or set of operations which is performed on your data, no matter the online service medium or process used.
1. G29 Opinion 05/2014 of 10 April 2014 on Anonymisation Techniques (WP216)
3. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, art. 15 to 21 and art. 23
4. Regulation (EU) 2016/679 of 27-4-2016, art. 4
5. Regulation (EU) 2016/679 of 27-4-2016: OJ 2016 L 119 p.1 s, art. 4 §4.
6. Original French from Larousse Dictionary, 2017.