SHOP NOW

Privacy Policy

Effective Date: March 20, 2026

Last Updated: March 26, 2026

1. Introduction and Welcome

Welcome to MA BELLE SALLE DE BAIN (“we,” “us,” “our,” or “the Company”). We operate the website www.bellesalledebain.com (the “Site”). We are a company registered in France, with our contact address at 568 Avenue Jean Moulin, 60880 Jaux, France.

We are committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our Site, make a purchase, subscribe to our newsletters, or otherwise interact with our services. It also outlines your privacy rights under applicable laws, including the European Union’s General Data Protection Regulation (“GDPR”) and the French Data Protection Act (Loi n° 78-17 relative à l’informatique, aux fichiers et aux libertés).

We urge you to read this policy carefully. By using our Site, you consent to the data practices described herein. If you do not agree with the terms, please do not access or use the Site.

For any questions regarding this policy or your personal data, please contact us at:
Privacy Officer
Email:‌ specarian@bellesalledebain.com
Phone:‌ +33344950081
Address:‌ 568 Avenue Jean Moulin, 60880 Jaux, France

2. Information We Collect

We collect information that identifies, relates to, describes, or could reasonably be linked, directly or indirectly, with you (“Personal Data”). The collection is limited to what is necessary for the purposes we have identified. We collect data in the following ways:

A. Information You Provide Directly:

  • Account and Purchase Information:‌ When you create an account, place an order, or express interest in our products, we collect your name, billing/shipping address, email address, phone number, and payment information. We use secure third-party payment processors (e.g., Stripe, PayPal). We do not store your full credit card number on our servers, but may receive and retain limited transaction details (e.g., last four digits, payment method) for record-keeping and customer service.
  • Communications:‌ When you contact our customer service via email, phone, or contact forms, we collect your communication content and contact details.
  • Marketing Preferences:‌ When you voluntarily subscribe to our newsletters or marketing communications, we collect your email address and subscription preferences.
  • Reviews and User Content:‌ Any information you post publicly on the Site, such as product reviews or comments.
  • Surveys and Promotions:‌ Information you provide when participating in contests, surveys, or promotional activities.

B. Information Collected Automatically:
When you visit our Site, we and our service providers may use cookies, web beacons, log files, and other tracking technologies to collect certain information about your device and browsing actions. This may include:

  • Device and Usage Data:‌ Your IP address, browser type, operating system, referring URLs, pages viewed, links clicked, time spent on pages, and other usage statistics.
  • Location Data:‌ General geographic location derived from your IP address.

C. Information from Third Parties:
We may receive information about you from business partners, advertising networks, analytics providers, or social media platforms, to the extent permitted by law and their policies.

3. How We Use Your Information

We use your Personal Data for the following business purposes, relying on legal bases such as performance of a contract, consent, legitimate interest, or compliance with legal obligations:

  • To Fulfill Your Orders and Requests:‌ To process and ship your purchases, manage your account, and provide customer support (Performance of Contract).
  • To Communicate With You:‌ To send you transactional emails (order confirmations, shipping updates), respond to your inquiries, and provide requested information (Performance of Contract / Legitimate Interest).
  • For Marketing and Advertising (with your consent):‌ To send you newsletters, promotional offers, and updates about new products or services, ‌only if you have willingly subscribed‌. You may opt-out at any time. We may also use your data for personalized advertising on our Site and third-party platforms (Consent / Legitimate Interest).
  • To Improve Our Site and Services:‌ To analyze trends, administer the Site, track user movements, conduct audits, and gather demographic information to improve our website functionality, product offerings, and user experience (Legitimate Interest).
  • For Security and Fraud Prevention:‌ To detect, prevent, and address technical issues, fraud, security breaches, or potentially prohibited/illegal activities (Legitimate Interest / Legal Obligation).
  • To Comply with Legal Obligations:‌ To comply with applicable laws, regulations, legal processes, or enforceable governmental requests (Legal Obligation). This includes cooperating with data protection authorities like the French National Commission on Informatics and Liberty (CNIL).

We adhere to the principle of ‌data minimization‌ and do not use your Personal Data for purposes materially different than those disclosed at the time of collection.

4. Legal Basis for Processing (GDPR and French Law)

For users in the European Economic Area (EEA) and France, our processing of your Personal Data is based on the following grounds as required by the GDPR:

  • Consent:‌ When you voluntarily sign up for our marketing communications. You can withdraw consent at any time.
  • Contractual Necessity:‌ To perform the contract of sale when you purchase a product.
  • Legal Obligation:‌ To comply with tax, accounting, or data protection laws.
  • Legitimate Interests:‌ For our operational purposes (e.g., site security, analytics, fraud prevention), provided your interests and fundamental rights do not override those interests.

In accordance with French law, we respect your right to privacy as a fundamental right, as enshrined in the French Civil Code (Article 9).

5. Cookies and Similar Tracking Technologies

A. What Are Cookies:
Cookies are small text files placed on your device to enhance site functionality, analyze usage, and support our marketing efforts.

B. How We Use Them:

  • Strictly Necessary:‌ Essential for the Site to function (e.g., shopping cart).
  • Performance/Analytics:‌ Help us understand how visitors interact with the Site.
  • Functionality:‌ Remember your preferences (e.g., language).
  • Targeting/Advertising:‌ Used to deliver relevant ads on our and other sites.

C. Your Cookie Choices:
We are committed to complying with the strict requirements of the GDPR and French data protection laws regarding cookies. ‌Your consent is required‌ for all non-essential cookies.

  • Upon your first visit, a ‌clear and comprehensive cookie banner‌ will allow you to accept, reject, or customize your cookie preferences.
  • We do not use pre-ticked boxes or “cookie walls” that condition site access on cookie acceptance.‌ Providing “accept” and “reject” options with equal ease is a core requirement.
  • You can change your preferences at any time via the cookie settings link in the website footer.
  • You can also manage cookies through your browser settings. Please note that disabling certain cookies may affect site functionality.

6. Sharing and Disclosure of Your Information

We ‌do not sell your personal data to third parties‌. We may share information in the following limited circumstances:

  • Service Providers:‌ With trusted vendors who perform services on our behalf (payment processing, order fulfillment, shipping, IT services, email delivery, analytics, marketing). These partners are contractually bound to use your data only as necessary to provide services to us and in accordance with this policy.
  • Business Transfers:‌ In connection with a merger, sale, acquisition, or other transfer of our assets.
  • Legal Requirements:‌ If required to do so by law or in response to valid requests by public authorities (e.g., CNIL, courts).
  • Protection of Rights:‌ To protect our rights, privacy, safety, or property, and/or that of our users or others.
  • With Your Consent:‌ For any other purpose disclosed to you at the point of collection with your permission.

We ensure any sharing is conducted with appropriate safeguards and only for the purposes stated.

7. Data Transfers and Storage

Your Personal Data is primarily processed and stored within the European Economic Area (EEA). If we transfer data outside the EEA to countries not deemed by the European Commission to provide an adequate level of data protection, we will implement appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, to ensure the protection of your data.

8. Data Security

We implement appropriate technical and organizational security measures to protect your Personal Data against unauthorized access, alteration, disclosure, or destruction, in line with the principles of confidentiality and integrity. Our measures include encryption, secure socket layer (SSL) technology for data transmission, access controls, and regular security assessments.

However, no internet transmission or electronic storage is 100% secure. We encourage you to use strong passwords and protect your login credentials.

9. Data Retention

We retain your Personal Data only for as long as necessary to fulfill the purposes for which it was collected, including for satisfying any legal, accounting, or reporting requirements. Our retention periods are determined by considering:

  • The amount, nature, and sensitivity of the data.
  • The potential risk of harm from unauthorized use or disclosure.
  • The purposes for which we process the data.
  • Applicable legal requirements (e.g., tax laws require retention of invoice data for 10 years in France).

Once the retention period expires, we will securely delete or anonymize your data.

10. Your Privacy Rights (GDPR and French Law)

Under the GDPR and French data protection law, you have the following rights regarding your Personal Data:

  • Right of Access:‌ To request copies of your Personal Data we hold.
  • Right to Rectification:‌ To request correction of inaccurate or incomplete data.
  • Right to Erasure (“Right to be Forgotten”):‌ To request deletion of your data under certain conditions.
  • Right to Restrict Processing:‌ To request restriction of processing under certain circumstances.
  • Right to Data Portability:‌ To receive your data in a structured, commonly used, machine-readable format and to transmit it to another controller.
  • Right to Object:‌ To object to processing based on our legitimate interests, including direct marketing. You can opt-out of marketing emails instantly via the unsubscribe link in every email.
  • Right to Withdraw Consent:‌ To withdraw your consent at any time where processing is based on consent.
  • Right to Lodge a Complaint:‌ You have the right to complain to a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of the alleged infringement. In France, this is the ‌Commission Nationale de l’Informatique et des Libertés (CNIL)‌.

To exercise any of these rights, please contact us using the details in Section 1. We may need to verify your identity before responding. We will respond to your request within one month as required by law.

11. Children’s Privacy

Our Site is not intended for individuals under the age of 16. We do not knowingly collect Personal Data from children. If you are a parent or guardian and believe your child has provided us with data, please contact us. If we learn we have collected data from a child without verification of parental consent, we will delete that information promptly.

12. Links to Third-Party Websites

Our Site may contain links to other websites not operated by us. We are not responsible for the content or privacy practices of those sites. We encourage you to review the privacy policies of every site you visit.

13. Privacy by Design and Impact Assessment

In line with best practices and regulatory guidance from CNIL, we incorporate ‌Privacy by Design‌ principles into our projects and systems. For processing activities that are likely to result in a high risk to your rights and freedoms, we will conduct a ‌Data Protection Impact Assessment (DPIA)‌ prior to processing, as mandated by the GDPR.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. The “Last Updated” date at the top will be revised. We will notify you of any material changes by posting the new policy on the Site and, where appropriate, via email. We encourage you to periodically review this page for the latest information on our privacy practices.

15. Contact Us

If you have any questions, concerns, comments, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us:

MA BELLE SALLE DE BAIN
Attn: Data Protection Officer / Privacy Officer
Address:‌ 568 Avenue Jean Moulin, 60880 Jaux, France
Email:‌ specarian@bellesalledebain.com
Phone:‌ +33344950081