Menu
Menu
Menu
In accordance with the laws and regulations on the protection of personal data, please find below the data that we process on our website.
This site is managed and administrated by Tudo Azul S.A. They develop a continuous work to ensure the protection of the personal data provided by the holder. They treat the information under the Portuguese law numbers 58/2019 and 59/2019 of 8 August 2019 following the Regulation (EU) 2016/679 of 27 April 2016 (“RGPD”), in French law, including, but not limited to the Act n°78-17 of 6 January 1978 on Data Processing, Data Files and Individual Liberties and applying the best practices of cybersecurity and protection of data described on ISO/IEC 27001:2013, ISO/IEC 27701:2019, ENISA, NIST CSF, Cert RMM, among other good practices of the market.
This Privacy Policy describes:
Tudo Azul – Comércio de Produtos Naturais S.A. (“Tudo Azul”) has its head office in Edifício Espace, Alameda dos Oceanos, nº 59 – Floor 3 – Block C, 1900 – 207, Lisbon. Tudo Azul is committed to protecting the users of their products and services and the personal data of the respective holders in all the situations in which there is data management by Tudo Azul. This policy has its basis in the context of its commitment to respecting the law of personal data protection.
| ID | Means of data collection | Personal data category |
| 1 | Registration on the website https://fr.ouiparis.com/ (Newsletter) | Name |
| 2 | Initial registration in the website https://fr.ouiparis.com/ | Password |
| 3 | Complete registration on the site https://fr.ouiparis.com/ | Name Username Phone number NIF Address Location Postal code Shopping history Other possible information provided to the question (that can include information about wellbeing and health) |
| 4 | Purchase registration | Purchase data Consumer Behavior |
| 5 | Registration on the website https://fr.ouiparis.com/ (contact informations) | Name and nickname Phone number Other possible information provided to the question (that can include information about wellbeing and health) |
| 6 | Initial registration on the website https://fr.ouiparis.com/ | Social media profile (if you choose to register through social media) |
| 7 | Registration on the website https://fr.ouiparis.com/ou at annual campaigns (different website than the one shared on social media) | Name Phone number Address Date of birth NIF Shopping history |
| 8 | Registration or search on the website https://fr.ouiparis.com// | IP address |
| 9 | Registration on the website https://fr.ouiparis.com/ | Purchase order information Gender Date of birth Geographic zone Nationality Consumer behavior |
| 10 | Satisfaction survey (via email) | Name Opinions |
Tudo Azul collects your data by telephone, and in writing, through its websites and the Customer Area, guaranteeing, whenever necessary, the prior consent of the holder of the data.
If the holder of the personal data is not a customer of Tudo Azul, their data will only be processed when disclosed by subscribing to receiving newsletters. The rules of this Policy will apply in this case.
The personal data collected can be processed through computers in an automated or non-automated way. There is a guarantee of strict compliance with the protection of personal data legislation in all cases. For safety reasons, personal data is stored in specific databases created for only this purpose. The data collected will not be used for a different purpose than the one they were collected or given the consent of the data subject, in any circumstance.
We may use the information we collect from the holder of personal data for the following purposes:
ID | Personal data | Objective | Legal basis | Data retention period |
1 | Send you marketing communications, including news, sales, and events of interest to you | Consent | 12 months from last contact | |
2 | Password | Investigation of fraud and improper access to the registration account | legitimate interest | 30 days from the completion date |
3 | Name Username Phone number NIF Address Locality Postal code Shopping history | Manage and track your orders, including the delivery of the product to the indicated address. Manage any contact you make with us regarding your order | Execution of a contract | After 3 years of your last purchase and for invoicing purposes for 10 years (if there are VAT adjustments, 10 years from the date of the last adjustment) |
4 | Purchase order information Consumer behavior | Sales analysis (Business Intelligence) | Legitimate interest | 12 months from last contact or if you withdraw your consent |
5 | Name and nickname Phone number Other possible information provided to the question (that can include information about wellbeing and health) | To answer your questions and to comply with legal cosmetovigilance obligations | Participation in contests, award operations, and sales campaigns online or via networks Legitimate interest and for the purpose of cosmetovigilance: comply with the legal obligation to monitor the unwanted effects of the respective products
| After 3 years of inactivity or user deletion request |
6 | Social media profile (If you choose to register through social media) | Form of account creation/registration on the website using your social network to manage and track your orders, including the product delivery to the indicated address. Manage any contact you make with us regarding your order | Execution of a contract | After 12 months from the end of the business relationship and for invoicing purposes for 10 years (if there are VAT adjustments, 10 years from the date of the last adjustment) |
7 | Name Phone number Address Date of birth NIF Shopping history | Participation in contests, award operations and sales campaigns online or via networks | Consent | For winners, after 2 years and 1 year for all competitors |
8 | Name Shopping history | Recovery of extrajudicial debts | Legitimate interest | 12 months |
9 | IP address | Analysis of browsing information | Consent (when accepting cookies) | 12 months |
10 | Purchase order information Gender Date of birth Geographic zone Nationality Consumer behavior | Profiling (consumer targeting); Customized marketing actions | Consent | 12 months from the last contact or if you withdraw your consent |
11 | Name Opinions | Conducting satisfaction surveys regarding services and products | Legitimate interest | 12 months from the last contact or if you withdraw your consent |
The personal data will be stored and preserved for varying periods, depending on the purpose of storing the information. Periods are indicated in the table above, in item 5.
There are obliged minimum periods legally to keep data. Thus, and whenever there is no specific legal requirement, the data will be stored and kept only for the minimum period necessary for the purposes that motivated its collection or subsequent treatment, under the terms defined by law.
Tudo Azul is committed to applying safety practices based on the principles established in the GDPR and all applicable legislation.
Your data will be kept in a secure environment, following current legislation and taking into account the best data protection practices, only be accessed by qualified and/or authorized persons by Tudo Azul.
Because our obligation is to the safety of your data, we apply appropriate security measures to ensure its protection and prevent unauthorized people from accessing it. We implement various cybersecurity and data protection practices based on the references already mentioned, such as vulnerability management; penetration testing of our systems and technologies; employee awareness of cybersecurity and data protection; management and response to security incidents; privacy impact assessment (Privacy Impact Assessment); constant review and improvements in internal processes, among other practices.
We send data to third parties without your consent only when required by law or judicial authority.
Tudo Azul is committed to adopting adequate safeguards to protect your data.
Your data may be transferred to Tudo Azul’s subsidiary, affiliated, and partner companies. To centralize management of resellers, based on our legitimate interest, which implies an international transfer of your data to Brazil or with other subcontractors. have their registered office located outside the EEA.
Countries outside the EU do not offer adequate protection under Regulation (EU) 2016/679 of the European Parliament and the Council on the protection of individuals concerning the processing of personal data. Nevertheless, with a contract concluded for the purpose with contractual clauses of the European Union type, we guarantee secure processing of your data.
The management of the commercial relationship with the user may imply the subcontracting of the processing of their data to service providers (subcontractors). They act on our behalf, marketing agencies, digital and social means of communication, accounting management services, auditors, lawyers, and external entities that provide us with IT services, such as platform providers, hosting services, maintenance, and support of our databases.
Your collected data to manage and track your orders, including the delivery of the product to your address, may also be shared with logistics and transport service providers to execute the contract.
Your data may also be shared with collection companies, in the event of non-compliance with the payment of invoices, based on our legitimate interest.
We may also share your contact details with third parties to conduct satisfaction surveys to improve Tudo Azul’s products and services.
Your collected data to manage and track your orders, including the delivery of the product to your address, may also be transmitted to logistics providers, transport, and graphics services to execute the contract.
Based on legitimate interest, we may transfer your data to third parties in the event of transactions and corporate changes involving Tudo Azul. customer/reseller is considered a commercial asset, and the transfer of information is necessary for the continuity of services. When such sharing occurs, conditions and responsibilities from this Policy will be ensured.
In either case, Tudo Azul S.A. remains responsible for the personal data made available to it.
As the data subject, you can exercise the following rights within the legally established limits:
To exercise these rights, you may send a written request to the contact indicated in item 1 of this Policy.
To exercise your rights, you must indicate in your request your name, citizen’s card number, and the right you are exercising.
Without prejudice, being able to submit complaints directly to Tudo Azul through the contacts made available for this purpose. The holder can complain directly to the Control Authority, the National Data Protection Commission (CNPD) in Portugal, and the Commission Nationale de L’Informatique et Libertés (CNIL), using the contacts provided by these entities for this purpose.
Tudo Azul reserves the right, at any time, to make changes or updates to this Policy, these changes being updated rightfully on our website – https://fr.ouiparis.com/en/contact/privacy-policy/
We suggest that you check them regularly to be aware of any changes.
Last update: June 27, 2022.
Inscription à la newsletter
