WAU

Premium Fantasy Fiction

Privacy Policy

Last updated: [insert date]

1. Controller

The controller responsible for processing personal data on this website within the meaning of the General Data Protection Regulation (GDPR) is:

  • Owner: KIMFOKO Amos
  • Trade name: 25MARIE
  • SIREN: 911149888
  • Business address: 3 Allée Jean Cocteau, 37100 Tours, France
  • Email: amos.kimfoko@rennes-sb.com
  • Phone: 07 68 38 96 90

2. Data we collect

We may process the following categories of personal data when you use the Site:

  • Identification data: name, email address, billing address, country of residence
  • Order and payment information: products purchased, price, date, limited payment metadata
  • Technical data: IP address, browser type, device information, approximate location (country/region)
  • Communication data: content of messages you send via the contact form or email

We do not store full credit card numbers on our servers. Payments are processed by third‑party payment providers.

3. Purposes and legal bases

We process your personal data for the following purposes and on the following legal bases:

  • Order processing and customer account management (performance of a contract, Art. 6(1)(b) GDPR): to process your purchases, deliver digital files, manage invoices, and provide customer support.
  • Compliance with legal obligations (Art. 6(1)(c) GDPR): to comply with accounting, tax, and consumer protection laws.
  • Fraud prevention and security (legitimate interest, Art. 6(1)(f) GDPR): to prevent abuse, secure our systems, and protect our rights.
  • Marketing communications (consent, Art. 6(1)(a) GDPR): if you subscribe to a newsletter or opt in to receive promotional emails. You may withdraw consent at any time.

4. Data retention

We retain order‑related data for the duration required by applicable tax and accounting laws in France (generally up to 10 years). Contact and support messages are kept for the time necessary to respond and to document our communications.

Marketing data (e.g. newsletter subscriptions) is stored until you unsubscribe or request deletion. Technical log data is kept only for a limited period necessary for security and troubleshooting.

5. Recipients and processors

We may share personal data with carefully selected third‑party service providers acting as processors on our behalf, such as:

  • Payment gateways (e.g. Stripe, PayPal) for processing card and wallet payments
  • Email service providers for sending transactional and support emails
  • Hosting and infrastructure providers for operating the Site
  • Analytics and error‑monitoring tools, where used

These providers are contractually required to process data only on our instructions and to implement appropriate security measures.

6. International transfers

Some service providers may be located outside the European Economic Area (EEA). In such cases we ensure that appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses approved by the European Commission.

7. Your rights

Under the GDPR you have the following rights, subject to conditions and limitations:

  • Right of access to your personal data
  • Right to rectification of inaccurate or incomplete data
  • Right to erasure ("right to be forgotten")
  • Right to restriction of processing
  • Right to data portability, where applicable
  • Right to object to processing based on legitimate interests
  • Right to withdraw consent at any time (for consent‑based processing)

To exercise these rights, please contact us at amos.kimfoko@rennes-sb.com. You also have the right to lodge a complaint with the competent data protection authority (in France, the CNIL).

8. Cookies and tracking technologies

We use cookies and similar technologies for essential site functionality, analytics, and (where enabled) marketing. Details are provided in our Cookie Policy. Where required by law, we will obtain your consent before storing or reading non‑essential cookies on your device.

9. Data security

We implement appropriate technical and organizational measures to protect your data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. This includes the use of HTTPS/TLS, access controls, and security monitoring.

10. Changes to this Policy

We may update this Privacy Policy from time to time. Any material changes will be indicated on this page with an updated "Last updated" date. We encourage you to review the Policy regularly.