Politique de Confidentialité / Privacy Policy
Last updated: April 2025
Who We Are
We are a small handmade jewelry business based in France. Our website address is: https://mokaishop.fr
For any privacy-related questions, you can contact us at: 📧 mokai.contact@gmail.com
What Data We Collect and Why
When you place an order or interact with our store, we collect the following personal data:
- Full name — to identify your order and address communications to you
- Email address — to send your order confirmation, shipping updates, and respond to enquiries
- Shipping address — to deliver your order to the correct location
- Payment information — processed securely through our payment provider (Stripe / PayPal / etc.). We never store your card details directly on our servers
We do not use tracking cookies, analytics tools, or advertising pixels. We do not collect browsing data.
Legal Basis for Processing (GDPR)
Under the General Data Protection Regulation (GDPR), we process your personal data on the following legal bases:
- Contract performance (Art. 6.1.b) — your name, email, and address are necessary to fulfill your order
- Legal obligation (Art. 6.1.c) — we are required to retain certain transaction data for French accounting and tax law (typically 10 years)
- Legitimate interest (Art. 6.1.f) — to respond to customer service enquiries
We do not rely on consent as a basis for processing order-related data. If we ever send you marketing emails, we will ask for your explicit consent separately, and you may withdraw it at any time.
How Long We Keep Your Data
| Data | Retention period |
|---|---|
| Order details (name, address, email) | 3 years after last purchase |
| Accounting & invoicing records | 10 years (French legal requirement) |
| Customer service correspondence | 3 years |
Once the retention period expires, your data is permanently deleted.
Who We Share Your Data With
We do not sell or rent your data to third parties. We may share limited data with trusted service providers solely to fulfill your order:
- WooCommerce / WordPress — our e-commerce platform, which stores order data
- Payment processor (Stripe, PayPal, or similar) — to securely handle transactions
- Shipping carrier (La Poste, Colissimo, etc.) — your name and address, to deliver your parcel
All third-party providers are required to handle your data in accordance with GDPR.
Your Rights Under GDPR
As a resident of the European Union, you have the following rights regarding your personal data:
- Right of access — request a copy of the data we hold about you
- Right to rectification — ask us to correct inaccurate data
- Right to erasure — ask us to delete your data (“right to be forgotten”), subject to legal retention obligations
- Right to restriction — ask us to limit how we use your data
- Right to data portability — receive your data in a structured, machine-readable format
- Right to object — object to processing based on legitimate interest
To exercise any of these rights, contact us at 📧 mokai.contact@gmail.com. We will respond within 30 days.
If you believe we have not handled your data correctly, you have the right to lodge a complaint with the French data protection authority:
CNIL (Commission Nationale de l’Informatique et des Libertés) www.cnil.fr — 3 Place de Fontenoy, 75007 Paris
Data Security
We take reasonable technical and organisational measures to protect your data against unauthorised access, loss, or disclosure. Our website uses HTTPS encryption. Payments are processed through PCI-DSS compliant providers and your card details never pass through our servers.
Cookies
Our store may use strictly necessary cookies to maintain your shopping cart session and process your order. These do not track you across other websites and do not require consent under French law (CNIL guidelines).
We do not use analytics, advertising, or third-party cookies.
Changes to This Policy
We may update this policy from time to time. Any changes will be posted on this page with an updated date. We encourage you to review it periodically.
Contact
For any questions about this privacy policy or your personal data: