Under the new regulations on the protection of personal data that came into force on 25/05/2018, here is information concerning the management and protection of this data by BOEHM when you contact us through the website or place an order.
1. What personal data do we process?
- Civil status, identity: surname, first name, address, telephone number, e-mail address
- Economic and financial information: bank details
- Login details: account login and password
2. For what purpose is this data processed?
- Managing inquiries
- Order processing
- Order shipment
- Online payment
3. Who has access to this data?
Internal users :
- Accounting department
- Sales department
- Management team
Our subcontractors :
- Webmaster of www.boehm.fr
- La Banque Populaire online payment service
- DPD or Heppner carrier.
- Société des avis Garantis for the management and collection of customer reviews
4. What safety measures are in place to protect them?
Data access control :
- Password-protected customer and administrator accounts
- Access to data restricted to staff in charge of processing
- External access to this data is limited to the webmaster of our website and our IT service provider.
- The entire website is in https.
Data access control on paper :
Paper data only appear on invoices. They are accessible to company personnel only.
Securing customer banking data:
Online payment is secure. Our payment system does not give us access to the customer’s bank details. The bank department responsible for collecting this information is PCI DSS Level-1 V3.2 certified and implements a number of security measures, including :
- Information System Security Policy ;
- Buildings monitored and protected by access control ;
- Secure servers and backed-up data ;
- Regularly audited information systems ;
- Highly secure hosted centers ;
- Highly secure firewalls ;
- Backup redundancy ;
- High-availability servers ;
- Encryption of transferred data ;
- Authentication protection ;
- Limited data access rights ;
- Database backup procedures.
5. Data retention period
- Data on paper: 10 years
- Electronic data: indefinitely, except if you ask us to delete them. The bank keeps card payment data for 15 months.
6. Is this data transferred outside the EU?
No.
7. What are your rights regarding this data?
Your personal data is used internally by BOEHM and we undertake not to divulge any information about you without your consent.
You have the right to access and rectify this data by logging into your account or by contacting us directly by phone (+33 4 77 30 10 23), email(contact@boehm.fr) or by using the site’s contact form.
You can also request the deletion of your personal data by contacting us directly by telephone or e-mail.