PROTECTION AND MANAGEMENT OF PERSONAL DATA
With this declaration, we would like to inform you about the processing of personal data when using our website.
Personal data means information relating to an identified or identifiable person. They mainly include information that can help identifies you, such as your name, telephone number, postal address, or e-mail address. Statistical data such as those collected during your visit to our website and which cannot be linked to your identity, are not issued as personal data.
1. Contact person
The contact responsible for processing your data when you visit this website within the meaning of the General Data Protection Regulation (GDPR) is K2I S.A.S (Company registration ID: 892 336 348) owner and operator of the registered trademark ZUFO.
K2I S.A.S
15 rue du Docteur Darrigan
33680 Lacanau
France
E-Mail: happy.feet@zufo.ski
If you have any questions about data protection in connection with our products or the use of our website, you can also contact our data protection officer at any time. The latter can be reached at the postal address above or at the e-mail address indicated above (please specify the subject: “for the attention of the data protection officer”).
2. Data processing on our website
2.1 Visiting our website/access data
Each time you visit our website, your browser automatically transmits data that we collect, this data includes in particular:
- the IP address of the device sending the request,
- the date and time of the request,
- the addresses of the website consulted and of the referring website,
- data relating to the browser used and the operating system,
- online identifiers (e.g., device identifiers, session identifiers).
The processing of this access data is necessary to enable the visit to the website and to ensure the functioning and long-term security of our systems. This personal data in the context of the use of the website and the services is processed for the following purposes:
– When we collect Personal Data necessary to improve the user experience
– When we carry out statistical studies and audience measurements of visits to our websites
Per Article 6, paragraph 1, line 1, point b) of the GDPR, insofar as the consultation of the site takes place in the context of obtaining or performing a contract, and otherwise Article 6 (1) line 1 (f) GDPR due to our legitimate interest in ensuring the long-term functionality and security of our systems.
2.2 Newsletter
You have the possibility of subscribing to our newsletter, in which we inform you of news related to our products and our company, and through which we communicate on promotional actions.
We keep your e-mail address and the information relating to your identity that you will have filled in on the form (optional information), the date and time of your registration and the IP address used during your registration until you unsubscribe from our mailing list.
The only purpose of keeping this data is to be able to send you newsletters and prove your registration. You can unsubscribe at any time, an unsubscribe link is in each of our e-mail communications.
You can also send us a message to the contact mentioned in point 1, to request the withdrawal of your e-mail, and the deletion of your information from our mailing list.
We use common technologies in our newsletters to measure interactions with it (for example, opening of the e-mail, and clicked links). We use this data for general statistical evaluations as well as for the optimization and development of our content and communication with our customers. (Per Art. 6 (1) line 1 (a) GDPR).
Through our newsletter, we want to share relevant content with our customers and better understand what readers are interested in. The links contained in the newsletters are therefore also equipped with parameters so that we can associate your interaction (links clicked) with the corresponding campaign. This information is correlated with your profile for analysis purposes. If you do not want your user behaviour to be analysed, you can unsubscribe from newsletters. Data on interaction with our newsletters is kept for 13 months and then deleted.
2.3 E-mail advertising to our customers
If you purchase from us, we will also use your contact details to email you other information about our products which may be of interest to you. This may include news, promotional actions and offers, as well as satisfaction surveys and other polls. To be able to offer you exclusively targeted offers as part of our customer newsletter, customer segmentation is also carried out using the data you provide to us when ordering. (Per Article 6(1)(f) GDPR).
You can object at any time to the use of your data for advertising purposes by clicking on the corresponding link in the e-mails or by sending a request to the contact details indicated above.
2.4 Job applications
To receive and process your application, we collect the following data in particular: first and last name, e-mail address, application file (e.g. diplomas, curriculum vitae), possible start date and salary expectations.
We store your data upon receipt of your application. If we hire you as an employee, we will keep your application data for a maximum period of three years after the possible end of the employment relationship. If we reject your application, we will keep your application data for a maximum period of six months following the rejection, unless you authorize us to keep it longer or the storage of this data is required for legal reasons or obligations, in any case, this duration will not exceed two years.
(Per Art. 6 (1) line 1 (b) and Art. 88 (1) GDPR).
3. Processing of your data for advertising purposes
In addition to the processing of data necessary for the performance of the contracts you have concluded with us, we also use your data to facilitate communication concerning your orders, to inform you about specific products and marketing initiatives, as well as to offer you products and services that may match your interests.
3.1 Surveys and polls
You may receive a limited number of product recommendations, surveys, polls and product review requests from us, even if you have not subscribed to the newsletter. Product recommendations are based on data from your previous orders in compliance with legal provisions. In the case of product evaluations, they are of course done voluntarily. (Per article 6, paragraph 1, point f) of the GDPR).
3.2 Online marketing
As part of digital marketing campaigns, we may need to use the data of our customers and/or members of our mailing list and share them with one of the third-party companies named below in the context of optimizing targeting (lookalike audience). Data processing can thus be partly outsourced to our service providers.
When we transmit data to our service providers, they are only authorized to use it within the framework of the execution of their tasks. These service providers have been carefully selected and commissioned by us. They are contractually bound to our guidelines, implement appropriate technical and organizational measures to safeguard the rights of data subjects and are subject to regular checks by us.
In addition, data sharing may also take place in response to requests from authorities, judicial decisions, and legal procedures, when this proves necessary to initiate legal proceedings or to enforce the law.
(Per article 6, paragraph 1, subparagraph 1, point f) of the RGPD, based on our legitimate interest to communicate effectively with the users and to exchange with them, or article 6, paragraph 1, subparagraph 1, point b) of the GDPR to maintain contact with our customers, inform them, as well as to implement pre-contractual actions with potential customers and interested parties.)
To find out the legal basis for the processing of data carried out by third-party companies under their responsibility, you can refer to the data protection declaration of each of the actors:
| Entreprise | Utilisation | Politique de confidentialité |
| OVH | Hosting of the website | https://www.ovhcloud.com/en/terms-and-conditions/privacy-policy/ |
| Meta Inc. | Community animation, advertising (Facebook, and Instagram). | https://www.facebook.com/privacy/center/ |
| Alphabet Inc. | Analysis service (google Analytics) and advertising (google Ads). | https://policies.google.com/privacy |
| Community animation, advertising | https://www.linkedin.com/legal/privacy-policy | |
| X (formerly Twitter) | Community animation, advertising | https://twitter.com/en/privacy |
| Brevo | Relationship Marketing, CRM | https://www.brevo.com/legal/privacypolicy/ |
| MailChimp | Relationship Marketing, CRM | https://mailchimp.com/fr/legal/data-processing-addendum/ |
| HotJar | User behavior analysis service on the web interface | https://www.hotjar.com/legal/policies/privacy/ |
| Clearbit | Sales intelligence service | https://clearbit.com/privacy-policy/ |
4. Use of cookies and similar technologies
This website uses cookies and similar technologies (hereinafter collectively referred to as “tools”) provided either by us or by third parties. A cookie is a small text file stored by your browser on your device.
Cookies are not used to run programs or to load viruses onto your computer. Similar technologies include web storage (local/session storage), fingerprinting, beacons or pixels. Most browsers are configured by default to accept cookies and similar technologies. However, you can generally adjust your browser settings to refuse cookies and similar technologies or to save them only with your prior consent. If you reject cookies or similar technologies, you may not be able to fully use all of our services.
Our cookie policy lists the tools we use by category, informing you about the providers of these tools, the retention period of cookies and the transfer of data to third parties. It also explains in which cases we obtain your voluntary consent to use the tools and how you can revoke it.
If you wish to delete or block cookies from your browser, the help menu allows you to know how to modify your choices concerning the use of cookies:
- For Internet Explorer™: http://windows.microsoft.com/fr-FR/windows-vista/Block-or-allow-cookies
- For Safari™: https://support.apple.com/en-gb/guide/safari/sfri11471/mac
- For Chrome™: https://support.google.com/chrome/answer/95647?hl=fr&hlrm=en
- For Firefox™: http://support.mozilla.org/fr/kb/Activer%20et%20d%C3%A9sactiver%20les%20cookies
- For Opera™: http://help.opera.com/Windows/10.20/fr/cookies.html
Note that the deletion of cookies necessary for proper functioning will lead to a degraded use of our website. This list does not include all browsers, it is your responsibility as a user to inform yourself about the management of cookies for your browser.
5. Online presence on social networks
We maintain an online social media presence to facilitate communication with our customers and interested parties, as well as to inform them about our products and our company. User data is usually processed by relevant social media platforms for market research and advertising purposes. This makes it possible to create user profiles based on user interests. To do this, cookies and other identifiers are stored on users’ computers. These profiles are then used to deliver advertisements, for example, on social media and third-party websites. As part of managing our online presence, we may have access to information provided by social networks about the use of our pages. This statistical information is aggregated and may include demographic data as well as data about the interaction with our pages and the content shared. (Per article 6, paragraph 1, subparagraph 1, point f) of the RGPD, based on our legitimate interest to communicate effectively with the users and to exchange with them, or article 6, paragraph 1, subparagraph 1, point b) of the GDPR to maintain contact with our customers, inform them, as well as to implement pre-contractual actions with potential customers and interested parties.)
For more details on the social network specific information to which we have access as administrators of the pages, and to find out more about the privacy policies of each platform, please consult the links below:
| Entreprise | ||
| Facebook (META) | Use of data | https://www.facebook.com/legal/terms/page_controller_addendum https://www.facebook.com/privacy/policy/ |
| Change ad targeting | https://www.facebook.com/help/568137493302217 | |
| Instagram (META) | Use of data | https://privacycenter.instagram.com/policy/ |
| Change ad targeting | https://www.facebook.com/help/instagram/2885653514995517 | |
| X (formerly Twitter) | Use of data | https://twitter.com/fr/privacy |
| Change ad targeting | https://twitter.com/settings/account/personalization | |
| Use of data | https://legal.linkedin.com/pages-joint-controller-addendum https://www.linkedin.com/legal/privacy-policy |
|
| Change ad targeting | https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out | |
| Youtube (groupe Alphabet/Google) | Use of data | https://policies.google.com/privacy |
| Change ad targeting | https://myadcenter.google.com/home?sasb=true&ref=ad-settings |
6. Data Transfer
As mentioned in the previous points, the use of certain service providers generates a transmission of the data that we have collected, this only takes place in the following cases:
- You have given your explicit consent in accordance with Article 6(1) line 1 point (a) GDPR,
- The transmission is necessary for the establishment, exercise or defence of legal claims under Article 6 (1) line 1 (f) GDPR and there is no reason to assume that you have a major legitimate interest in not having your data transmitted,
- We are legally obliged to pass them on according to Art. 6 (1) line 1 (c) GDPR
- This is permitted by law and required for the execution of contractual relations with you or pre-contractual measures carried out at your request, per Article 6, paragraph 1, line 1, point b) of the GDPR.
In addition to the service providers mentioned in this statement, this may include data centres responsible for hosting our website, databases and applications, software providers who develop the corresponding applications for us, IT specialists responsible for maintaining our systems, agencies, market research companies, group subsidiaries, payment service providers, newsletter senders, logistics professionals and advice.
7. Transfer of data to third countries
As explained in this data protection declaration, we make use of services provided in part by actors located in third countries (outside the European Union or the European Economic Area), where personal data are also processed. These countries have different levels of data protection than the European Union. In such situations, where the European Commission has not issued an adequacy decision for these countries (per Article 45 of the GDPR), we have undertaken the necessary measures to ensure an appropriate level of data protection when any data transfers. Among these measures, European Union standard contractual clauses and internal company rules are included.
Where these options are not feasible, we base the transfer of data on the exceptions provided for in Article 49 of the GDPR. This may include your explicit consent or the necessity of the transfer for the performance of a contract or the implementation of pre-contractual measures.
In cases where a transfer of data to a third country is envisaged without an adequacy decision or appropriate safeguards, there is a possibility and a risk that the authorities of the third country in question (such as intelligence services) may gain access to the transferred data for inspection and analysis purposes. It is possible that the application of your data protection rights cannot be guaranteed. You will also be informed of this when you give your consent via the cookie banner.
8. Data retention period
Unless you oppose or revoke your data, your data is kept for a maximum of 3 years after your last interaction with our website or our services.
9. Your rights, about revocation and opposition
At any time, you can exercise the rights of the data subject (individuals) as set out in Articles 15 to 21 as well as Article 77 of the GDPR:
- Right to revoke your consent
- Right to object to the processing of personal data concerning you (Article 21 of the GDPR)
- Right to obtain information about the personal data concerning you processed by us (Article 15 of the GDPR)
- Right to rectify personal data concerning you if these prove to be inaccurate (Article 16 of the GDPR)
- Right to erasure of your data (right to be forgotten) (Article 17 of the GDPR)
- Right to limit the processing of personal data concerning you (Article 18 of the GDPR)
- Right to the portability of personal data concerning you (Article 20 of the GDPR)
- Right to complain with a supervisory authority (Article 77 of the GDPR).
If you wish to exercise the rights detailed in this declaration, do not hesitate to refer to the contact details provided above in point 1. This is also valid if you wish to obtain copies of the guarantees demonstrating an adequate level of data protection. We will respond to your request as soon as the relevant legal requirements are met.
Requests to exercise your data protection rights, as well as our responses, will be archived for documentation purposes for a maximum of three years. In certain cases, this period may be extended if necessary for the recognition, exercise or defence of legal rights. Per Art. 6 (1) lit. 1 (f) GDPR, based on our interest in defending ourselves against possible legal claims under Art. 82 GDPR, to avoid penalties under Article 83 of the GDPR and to comply with our obligations under Article 5(2) of the GDPR.
At any time, you have the right to withdraw the consent you previously granted to us. As a result, the processing of your data, which was based on this consent, will be interrupted. However, the withdrawal of consent does not affect the lawfulness of the processing carried out before the withdrawal, which was based on the consent.
In situations where we process your data based on legitimate interests, you also have the right to object at any time to the processing of your data on grounds relating to your particular situation. If you object to the processing of your data for prospecting purposes, you have a general right of opposition that we will respect without requiring justification.
If you wish to exercise your right to withdraw consent or object, informal communication to the contact details provided in paragraph “1 – Contact person” will be sufficient.
10. The obligation to provide data
As a general rule, no contractual or legal obligation forces you to provide us with personal data. However, if you choose not to provide us with the personal data required as part of the registration and sales process, and which are identified as mandatory fields, we may not be able to complete the conclusion of a contract with you.
11. Security measures
Since Personal Data is confidential, K2I limits access to it only to company employees, and service providers who need it in the context of processing.
All persons having access to Personal Data are bound by a duty of confidentiality and expose themselves to disciplinary measures and/or other sanctions if they do not respect these obligations.
12. Changes to the data protection declaration
This declaration may be updated, in particular in the event of a modification of our website or changes in the legal provisions.
Last update: August 18, 2023
