Privacy policy
Last updated: May 2025
1. Data controller
Rubience, a sole trader registered in France, is responsible for processing your personal data. For any questions about this policy, please contact us at: rubience.contact@gmail.com.
2. Data collected
We collect the following data when you place an order or contact us:
- First and last name
- Email address
- Delivery postal address
- Phone number (optional)
- Payment data (processed directly by our secure provider Shopify Payments — we have no access to full banking details)
- Browsing data (IP address, pages visited, session duration) via anonymous analytical cookies
3. Purposes of processing
Your data is collected for the following purposes:
- Processing and tracking your order
- Managing returns and after-sales service
- Sending transactional communications (order confirmation, shipping notification)
- Improving our website and services (anonymised data)
- Complying with our legal and accounting obligations
4. Legal basis
The processing of your data is based on the performance of the sales contract (Art. 6.1.b GDPR) for everything relating to your order, and on our legitimate interest (Art. 6.1.f GDPR) for improving our services and preventing fraud.
5. Data sharing
Your data is never sold to third parties. It may be shared only with our sub-contractors necessary for order fulfilment:
- OVHcloud — website hosting
- Shopify Inc. — payment processing
- Carriers (Colissimo, Chronopost or equivalent) — delivery of your parcel
These sub-contractors are contractually bound to maintain the confidentiality of your data and to use it only within the scope of their mission.
6. Retention period
- Order data: 10 years (accounting and tax obligations)
- Inactive customer data: 3 years from the last purchase
- Browsing data (cookies): maximum 13 months
7. Cookies
Our site uses strictly necessary cookies for its operation (session, basket) as well as anonymised analytical cookies to measure audience. You can configure your browser to refuse cookies; this will not affect your ability to place an order.
8. Your rights
In accordance with the GDPR, you have the following rights over your personal data:
- Right of access and copy
- Right of rectification
- Right to erasure ("right to be forgotten")
- Right to restriction of processing
- Right to data portability
- Right to object
To exercise these rights, contact us at rubience.contact@gmail.com. If a dispute remains unresolved, you may lodge a complaint with the relevant data protection authority in your country.
9. Security
We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss or disclosure. Payments are encrypted via TLS protocol and processed on Shopify Payments' PCI DSS certified infrastructure.
10. Policy updates
We reserve the right to modify this policy at any time. In the event of a material change, you will be notified by email or via a visible banner on the site. The update date at the top of the page always indicates the current version.