Privacy Policy

Privacy Policy – Dilya's Art

Last updated: February 21, 2025

We reserve the right to modify this Privacy Policy at any time, based on legal or regulatory developments or adjustments to our services. We encourage you to regularly consult this page to stay informed of any updates.

____________________

At Dilya's Art, protecting your privacy and personal data is a priority. This Privacy Policy aims to inform you transparently about how we collect, use, store and protect your data when you access our Dilya's Art website (hereinafter "the Site").

By using our Site, you acknowledge that you have read this Privacy Policy and agree to the processing of your personal data in accordance with the conditions described here.

Commitment to the Security of Your Data

This Privacy Policy is established in accordance with the General Data Protection Regulation (GDPR) as well as current French legislation regarding the protection of personal data.

The entity responsible for processing personal data collected on this site is:

Company Name: Dilya's Art
Head office: 12 Rue Sylvain Vigneras, 92380 Garches
Registration number: 90434027000027
Contact email: dilya.art.serviceclient@gmail.com

We are committed to ensuring the confidentiality and security of your personal data by implementing appropriate safeguards to prevent unauthorized access, disclosure, alteration or destruction.

Privacy Information

1. Protection of Personal Data

1.1 Collection of Personal Data

We only collect information that is essential to the proper management of our platform and services. The following data may be collected:

Name, first name or pseudonym : in order to identify and recognize users and contributors.
Email address : to contact you, respond to your requests, and follow up.
Purchase Information : When you make a purchase, we collect information necessary to manage your order, such as your shipping address, products purchased, and payment details. This information is essential for the processing and delivery of your order.
Information voluntarily provided when submitting an idea, proposal or other content to our site.

We are committed to collecting only the information that is strictly necessary and to respecting the confidentiality of your data at all times.

1.2 Purposes of Data Processing

The personal data collected is used strictly within the framework of the services we offer, in particular for:

Identify and promote contributors whose ideas have been retained.
Facilitate exchanges in the event of a need for clarification on a submitted proposal.
Ensure clear and effective communication throughout contributor participation.
Process and manage orders : Information collected during purchases (delivery address, products purchased, payment information) is used to process, ship and track your order, as well as to manage after-sales service.
Improve your shopping experience : Purchase data allows us to personalize our services and provide you with relevant information about your orders or special offers that may be of interest to you.

We ensure that your information is used only for the purposes mentioned above, with full respect for your privacy.

1.3 Rights of Contributors

In accordance with current regulations, you have the following rights regarding your personal data:

Right of access : You have the possibility to request access to the information we hold about you, whether it is data submitted when proposing ideas or information relating to your purchases.
Right of rectification : You can request the correction of inaccurate or incomplete data, whether for your contact information or for any other data associated with your order.
Right to erasure : You can request the deletion of your personal data, unless their retention is necessary for legal or contractual obligations (for example, for processing orders or managing guarantees).
Right to object : You may object to the processing of your data in certain specific situations, in particular for reasons related to commercial prospecting or the use of your data for purposes other than those necessary for processing your orders.

If you wish to exercise any of these rights or if you have any questions, please do not hesitate to contact us at the following address: dilya.art.serviceclient@gmail.com .

We are here to support you and ensure the protection of your information! 😊

1.4 Security, Data Retention and Visibility of Contributions

We implement appropriate security measures to protect your personal data from unauthorized access, disclosure, alteration or destruction. These measures include high-level encryption protocols, secure backup systems and restricted access to your personal information.

Dilya's Art website is hosted on Shopify, an e-commerce platform known for its advanced security measures. Shopify uses technologies like Secure Socket Layer (SSL) encryption to protect your data during transmission. Additionally, Shopify adheres to strict security standards, including the Payment Card Industry Data Security Standard (PCI-DSS) to protect payment information.

The personal data collected, whether it is information related to your submitted ideas or your purchases, is kept only for the period necessary to fulfill the purposes for which it was collected. After this period, your data will be deleted or anonymized, except in the case of mandatory retention for legal or contractual reasons, in particular for order processing or warranty management.

1.4.1 Visibility of Contribution Information

When submitting your ideas, you have the option to choose whether you would like your first and last name to appear publicly when presenting your completed idea or proposal. If you would prefer that this information not be visible, we will fully respect your wish.

However, regardless of your decision regarding the visibility of your first and last name, we ask that you provide a pseudonym to properly credit yourself. This pseudonym (or username) will be used to identify you and recognize your contributions, whether or not you choose to make your first and last name public.

Additionally, we offer you the possibility to indicate the country of origin from where you are proposing your idea. This information is entirely optional and will be used only for the purpose of presenting your ideas. It can be useful to better understand the context of your contribution and thus enrich the community experience.

This measure helps ensure that all contributions are attributed correctly while giving contributors full control over the visibility of their personal information, as well as the use of their country of origin.

1.4.2 Retention and Deletion of Information

The information you submit, including your first name, last name, pseudonym, and country of origin, may be retained on our site as part of the submission of your ideas. This information will be displayed to acknowledge and credit your contribution for as long as you maintain your consent to make it public.

You have the possibility to request the deletion of this information at any time. If you choose to remove your pseudonym, first name and last name, this will also result in the deletion of the recognition of your contribution as well as your rights. Concretely, your idea will no longer be credited. However, if you leave your pseudonym (username) visible, your contribution will continue to be recognized.

If you wish to have all of your information, including your screen name, removed, we will remove that data only from the Site, which will remove the visibility of your contribution and the associated credit. However, data relating to your contribution may be retained in our internal systems for administrative purposes. This information will no longer be publicly accessible on the Site.

To make this request, you can contact us directly at the following address: dilya.art.serviceclient@gmail.com .

We are committed to respecting your right to privacy and giving you complete control over the management of your information. If you request the removal of information visible on the site, it will effectively be removed from any public visibility.

1.5 Sharing and Transmission of Data

We are committed to not selling or renting your personal data to third parties. However, as part of our operations, some of your data may be shared with trusted service providers, such as Shopify, which hosts our site and provides technical services necessary for its proper functioning. These providers are contractually required to guarantee the confidentiality and security of your data.

Shopify, as a hosting platform, processes your personal data on our behalf to manage transactions, payments, and provide related services. Shopify implements rigorous security measures to protect your information, including strict standards such as Payment Card Industry Data Security Standard (PCI-DSS), and uses encryption technologies such as Secure Socket Layer (SSL) to secure your data during transmission.

Additionally, we may share your information with other third-party providers, such as suppliers, to facilitate services such as product delivery, customer service, and returns processing. We only share your information with providers who adhere to strict data protection obligations and only to the extent necessary to provide our services to you. For example, your shipping information (name, address, etc.) may be shared with a shipping provider to ensure the safe delivery of your products.

If we need to transfer your personal data outside the European Union, we undertake to take all necessary measures to guarantee the security and confidentiality of your information, using appropriate security mechanisms such as standard contractual clauses or other legal guarantees.

2. Data Collected

As part of the use of our site, we collect several types of personal data in order to offer you a more personalized experience and to guarantee the proper functioning of our services. This data may be collected voluntarily by you, or automatically when you browse our site.

2.1. Data provided voluntarily by the user

When you interact with our site (for example, by submitting an idea, placing an order, or filling out a contact form), you may provide us with certain personal information. This data is collected in order to facilitate your experience on our site and to ensure the proper functioning of our services. Here are the types of data we may collect:

Identification data : When you submit information or create an account, we collect data such as your first name, last name, nickname (if chosen), email address and telephone number. This information is used to identify you, communicate with you and respond to your requests.
Idea or Proposal Submission Data : If you submit an idea or proposal on our Site, we collect additional information, such as the title, description of your idea, and any other content associated with your proposal.
Billing Information : When you make a purchase, we collect information about your billing address, such as your mailing address. This information is used to issue a correct invoice and to properly process your order.
Payment Data : For payments, we collect information about the payment method (credit card, chosen payment method) but this information is processed by Shopify, our payment service provider, and is not stored directly on our site . Shopify uses strict security measures to protect your payment information, including PCI-DSS and SSL encryption protocols.
Order Data : In the event of a purchase, we collect information regarding the products purchased, your order history and your product preferences. This information is necessary for the proper processing and shipping of your orders.
Communications with our customer service : If you contact our customer service, the messages exchanged (by email or via our contact form) may also be collected for the follow-up and management of your request.

2.2. Data collected automatically

When you browse our site, we automatically collect certain technical and navigation information in order to guarantee a smooth, optimized and secure user experience. This data includes:

Connection data : IP address, approximate location information (country, city) and connection type. This information is collected to manage and secure your connection to our site.
Technical data : Browser type, operating system version, type of device used (computer, smartphone, tablet), as well as information about the pages you visit. This information helps us to adapt the display of our site according to the device you use.
Browsing data : Pages visited, duration of visit on each page, interactions with elements of the site (clicks, scrolling, etc.), as well as the history of actions carried out during your visit. This data allows us to improve the user experience and make our site more efficient.

This information is collected through cookies and other tracking technologies. They help us better understand how you interact with our site, and constantly improve our services to offer you a smoother and more personalized browsing experience.

2.3 User Consent and Submission of Ideas

We collect your personal data only after obtaining your explicit consent. By submitting your information, you agree that we process it for the purposes set out in this policy. If you choose not to provide certain information, it may affect your ability to use certain features of our site (e.g., submit an idea, place an order, etc.).

When submitting an idea through our form, you must give your prior consent for the collection and use of your personal data. By submitting your idea, you agree that it will be supported, realized and added to the store. Your idea will be presented with the pseudonym, first and last name (if you choose to make them visible), as well as the country of origin, if you mention it.

Idea Credits:
To be credited for your idea, it is mandatory to provide a legally compliant pseudonym and/or a first and last name. This information will be used to credit you appropriately. If you prefer that your first and last name not be visible, you can choose to make only your pseudonym visible, provided that you fill out the appropriate form.

If you do not wish to be publicly credited, you can specify this preference when submitting. In this case, your idea will still be considered and implemented, but it will not be publicly credited . You then agree that your participation will not be visible on the site.

Important: If you choose not to be publicly credited, you waive any form of public recognition of your contribution and, consequently, any intellectual property rights on the submitted idea . In this case, the idea becomes the exclusive property of Dilya's Art and you will no longer be able to claim rights to it, including later. However, even if you lose all rights to the idea, you will be followed throughout the creation process, as with any submitted idea. Your idea will be taken into account and realized, but all associated rights will be transferred to Dilya's Art, author of the site and the creations.

By submitting your idea, you confirm that you have read these terms and agree that your personal data will be collected and used in connection with this submission, in accordance with Dilya's Art's Privacy Policy.

2.4 Cookies and Similar Technologies

We use cookies and other similar technologies on our site to improve your user experience and personalize our services. These technologies allow us to collect certain information about your navigation on our platform.

For more details on the cookies we use, the types of data collected, their purpose, as well as how you can manage your preferences, we invite you to consult our Cookies Policy .

2.5. Sensitive Data

In accordance with the General Data Protection Regulation (GDPR) and applicable laws, we do not collect any sensitive data, such as information relating to health, race, religious beliefs, sexual orientation, or any other data deemed sensitive. We ask that you do not submit this type of information when interacting with our site.

If such sensitive data is inadvertently collected, we undertake to delete it immediately and take the necessary measures to protect your privacy.

2.5.1. Definition of Sensitive Data

Sensitive data is personal information the disclosure or processing of which could result in a risk to the privacy, security or fundamental rights of individuals. Under the General Data Protection Regulation (GDPR), sensitive data includes, but is not limited to, the following categories:

Racial or ethnic origin : For example, membership in a specific community or ethnic group.
Political views : For example, affiliation with a political party or support for a particular ideology.
Religious or philosophical beliefs : For example, membership in a religion, sect or philosophical belief.
Union membership : For example, involvement or affiliation with a trade union organization.
Health Data : For example, information about medical history, disabilities or health conditions.
Data on sexual life or sexual orientation : For example, information regarding sexual orientation or practices.
Biometric or genetic data : For example, fingerprints, facial recognition data or DNA-related information.

We do not collect any of this sensitive data on our site, and we ask that you do not submit such information when interacting with our platform.

2.5.2 Policy on Non-Collection of Sensitive Data

We do not require , collect , or process the sensitive data mentioned in the previous section under any circumstances.

If a user mistakenly transmits sensitive data to us, we reserve the right to immediately delete this information in order to ensure compliance with confidentiality and applicable laws.

All forms, fields and submission areas on our site are designed to prevent the inadvertent collection of such data. Should sensitive data be submitted in error, we will act quickly to remove it from our systems, in accordance with privacy principles and legal obligations.

2.5.3 User Responsibility

By using our site and submitting ideas, you agree not to include any sensitive data in your submissions.

If you mistakenly share sensitive data, you can request its deletion by contacting us at the following address: dilya.art.serviceclient@gmail.com . We undertake to immediately delete any reported sensitive data, in order to ensure compliance with confidentiality and applicable regulations.

In summary, we attach great importance to the protection of our users' privacy. We exclude any processing of sensitive data and ensure their rapid deletion in the event of accidental transmission.

2.6. Links to Third Party Sites

Our site may contain links to third-party websites (e.g. partner platforms, social networks or external service providers). These links are provided to improve your experience and allow you to access additional services or content.

We would like to emphasize that we have no control over these third party sites and their content. We are not responsible for the privacy practices, policies or content of these sites. When you click on a link to a third party site, you leave our platform and are subject to the privacy policy and terms of use of this external site.

We encourage you to carefully read the privacy policies and terms of use of third-party sites before providing your personal data or interacting with their services.

2.6.1 Lack of Control over Third Party Sites

When you click on a link to a third-party site, you leave our site and go to an external platform. We have no control over the privacy, data collection or use practices of these third-party sites.

Therefore, we disclaim any liability regarding:

Personal data you provide to these third-party sites : We are not responsible for the information you choose to share with external sites.
How these sites collect, process or secure your information : Each third-party site has its own privacy policies and practices regarding the management of your personal data.
The use of your data by these sites , in particular for marketing, advertising or other commercial activities: We have no control over how your data is used by external platforms, and they may have different purposes than ours.

We recommend that you carefully read the privacy policies and terms of use of third-party sites before interacting with them and providing your personal information.

2.6.2 Recommendation to Users

Before providing your personal data on a third-party site, we strongly recommend that you carefully review their privacy policy and general terms of use.

We advise you to pay particular attention to the following points:

The purpose of collecting your data : Make sure you understand why this information is being collected and how it will be used.
Possible sharing of your information with other entities : Check whether your data may be shared with other companies, partners or organizations.
The rights you have over your data : Find out about your rights to access, delete, modify or port your personal data on these sites.
Security measures in place to protect your information : Make sure the third-party site has adequate protocols to ensure the security of your personal information.

We encourage you to take the time to understand the privacy practices of external sites before interacting with them, in order to protect your data and privacy.

2.6.3 Examples of Potential Third Party Sites

Our site may contain links to external platforms. Here are some examples of third-party sites to which we may redirect users:

Shopify : Hosting platform for our online store, which processes your personal data for order and payment management.
Other Vendors : We work with third-party service providers who produce and ship the products you order. These vendors also process some of your personal information in connection with order fulfillment.
Social networks (Instagram, Facebook, etc.): These platforms may collect and process your personal data according to their own privacy policies and terms of use.

We are not responsible for the privacy and data handling practices of these third party sites. We encourage you to exercise caution and review their privacy policies before providing any personal information when browsing outside our domain.

2.7. Data Retention

We retain your personal data only for the period strictly necessary for the purposes for which they were collected, in accordance with the legal and regulatory requirements in force. The retention period varies depending on the types of data collected and the purposes for which they were obtained.

2.7.1 Retention Period

The duration of data retention varies depending on their nature and use:

Data related to your participation (ideas submitted, pseudonym, etc.) : This data is kept as long as your contribution is visible on the site. In the event of a deletion request, this information will be removed in accordance with our privacy policy. If you choose not to be publicly credited, your idea will remain in the creation process, but it will not be publicly visible.
Contact and identification data : This data (name, first name, email address, telephone number, pseudonym, etc.) is kept until your account is deleted or after a period of prolonged inactivity, unless otherwise required by law. In the event of deactivation or deletion of your account, your information will be deleted, unless longer retention is required to meet legal obligations.
Transaction data (payments, billing, etc.) : This data is retained for a period of time consistent with tax and accounting requirements. Typically, this means that billing and payment information will be retained for up to 10 years, depending on applicable regulations. Payment information is handled by third-party providers (such as Shopify) and is not stored directly on our site.
Technical data (cookies, browsing logs, etc.) : The retention period for technical data depends on their purpose and is detailed in our cookie management policy. Cookies can have a lifespan ranging from a few hours to several months, depending on the type of cookie and your browser settings. You can manage cookies and delete those you do not wish to keep by adjusting your browser settings.

After the necessary retention period, your personal data will either be deleted or securely anonymized, unless we have another legal obligation to retain it. If you have any questions about the retention period of specific data or would like to request the deletion of your data, you can contact us at any time at the following address: dilya.art.serviceclient@gmail.com .

2.7.2 Deletion or Anonymization of Data

Once the retention period has expired, your personal data will be securely deleted or anonymized, unless there is a legal obligation requiring us to retain it for longer (for example, for tax or accounting reasons).

If you wish to request the deletion of your personal data before the end of the standard retention period, you can contact us at the following address: dilya.art.serviceclient@gmail.com . We undertake to process your request as soon as possible, in accordance with the regulations in force.

Please note that some data, such as that related to your transactions or participation on our site (for example, ideas submitted), may be retained for a longer period if necessary to comply with our legal obligations or if they are part of the process of creating products on our platform.

2.8. Minors’ Data

2.8.1 Participation and Protection of Minors

Minors under the age of 18 may submit an idea on our site, under the following conditions:

Use of a pseudonym : Minors must use a pseudonym to submit an idea. No personal information, such as real first or last name, will be displayed publicly.
No personal information : Minors must not under any circumstances provide personal information such as their name, first name, address, telephone number or any other data that allows them to be directly identified.

While we do not require prior parental consent to submit an idea, we welcome submissions from minors whose parents or legal guardians give their consent. We encourage minors to share their submission with their parents or guardians.

Minors are not allowed to make purchases on our site. In accordance with current laws on consumer and minor protection, all transactions must be carried out by a responsible adult.

2.8.2 Deletion of a Minor’s Data

If a parent or legal guardian discovers that his or her minor child has submitted an idea to our site without his or her permission, he or she may request deletion of the contribution and associated data by contacting us at dilya.art.serviceclient@gmail.com .

If a minor wishes to no longer be credited for his or her idea, he or she may also request the deletion of his or her pseudonym. However, this deletion will result in the loss of any recognition as a contributor and his or her idea will no longer be publicly credited. For more information on the consent required to submit ideas, please see section 2.3 "User Consent and Idea Submission" .

3. Purposes of Data Processing

This section explains why we collect and use your personal data. These are the purposes for which this data is necessary for the proper functioning of the site and services.

3.1. Provision and management of services

We use your information to ensure the smooth running of the services offered on the site, including order management, idea submissions and communication with you.

Managing Idea Submissions

When you submit an idea via our form:

We collect your email address so that we can communicate with you if any clarification is required before validating and implementing your proposal.
We use your pseudonym , and/or your first and last name if you have authorized it, to credit you when your idea is realized and added to the store.
If you choose not to be credited, your contribution will be anonymized, and you will not be able to claim credit on the project.
We may need to validate and moderate your idea to ensure that it meets our conditions before integrating it into our catalog.

Management of orders, payments and deliveries

When you place an order, we collect your contact details ( name, address, email, telephone ) to ensure delivery.
Payments are processed through secure services like Shopify , Stripe or PayPal ; we do not have access to your banking information.
If we use external providers (eg Printful for print on demand), some of your data ( shipping address, order contents ) may be transmitted to these providers in order to ensure delivery.

Communication with you regarding your orders or requests

We send you order confirmation and tracking emails or idea submission emails.
In the event of a problem (out of stock product, payment issue, modification of a submitted idea), we must be able to contact you to inform you and find a solution.
If you have a question or complaint , we must process your request and respond to it through our customer service.

Assistance and customer support

If you contact us for assistance (e.g. technical problem, request to modify a submitted idea, order tracking), we use your information to identify your request and respond to you efficiently.
We keep exchanges with customer support to ensure follow-up and improve the quality of service .

3.2. Improving user experience

We use some of your data to optimize your navigation on our site and personalize your experience. These treatments allow us to adapt our platform to your preferences and improve interaction with our services.

Content Personalization and Recommendations

We analyze your interaction with the site (pages visited, time spent, products viewed) to offer you relevant content.
If you have submitted ideas, we may suggest similar creations or notify you of achievements related to your contributions.
If you accept personalization cookies, we adapt the display of the site according to your preferences.

Analysis of attendance and interactions

We collect technical information through tools like Google Analytics or Facebook Pixel to understand how users interact with our platform.
These analyses allow us to improve navigation, correct any usability problems and optimize the site's performance.
The data collected is anonymized as much as possible and does not allow you to be directly identified.

Technical tests and improvements

We regularly make technical updates and improvements to the site to ensure proper operation.
User testing can be performed to assess usability and adjust features based on feedback.

These treatments are carried out within the framework of our legitimate interest to improve our services. You can however limit certain data collections by managing your cookie preferences .

3.3. Security and fraud prevention

We implement several measures to guarantee the security of your personal data and protect our site against any attempt at fraud.

Data Protection and Transactions

Our site is hosted by Shopify , which has strict security standards.
All communications and transactions are secured using SSL (Secure Socket Layer) encryption , ensuring the confidentiality of exchanges.
Shopify is PCI-DSS (Payment Card Industry Data Security Standard) certified, which ensures enhanced security for payments made on the platform.
Payments are processed through secure providers (Shopify Payments, Stripe, PayPal, etc.), which use advanced protocols to protect your banking information.

Fraud detection and prevention

We use advanced tools and settings to prevent suspicious or fraudulent behavior on our site:

Monitoring of suspicious orders : Any order presenting a high risk of fraud may be subject to manual verification before validation.
Administrative access control : Only authorized persons have access to sensitive data and transactions.
Automatic fraud detection : Shopify has a built-in suspicious activity detection system that can block certain risky transactions.

User Account Security

We encourage our users to adopt good practices to secure their account:

Use strong and unique passwords to avoid any risk of hacking.
Never share your login details with a third party.
Report any suspicious activity to our customer service immediately.

In the event of attempted fraud or suspected breach of security, we reserve the right to suspend an account or cancel an order in order to carry out additional verifications.

3.4. Marketing and Communications

We use your personal information as part of our marketing efforts to provide you with relevant information and keep you informed about our store and services. The processing of your data in this context is subject to your explicit consent. You always have control over how you wish to receive our communications.

Sending promotional emails and newsletters

When you sign up for our newsletter or agree to receive our marketing communications, we use your email address to send you information about our products, special offers, discounts, upcoming events, or news about our store.

Purpose : To keep you informed of our store's latest news and promotions.
Unsubscribe : You can unsubscribe at any time by clicking the unsubscribe link in every email we send. You can also contact us directly if you wish to change your preferences.

Once you unsubscribe, we will no longer send you marketing messages unless you have expressly reactivated your preferences or in the case of important communications related to your order or account.

Targeted advertising and personalized advertising campaigns

We use your data to offer personalized advertising, based on your preferences and purchasing behavior.

Tools Used : We may use third-party services such as Facebook Ads or Google Ads to adjust the ads you see on these platforms based on your visits to our site.
Personalized advertisements : These advertisements are based on your previous interactions with our site (pages visited, products viewed, etc.) in order to offer you products that may interest you.

You have the ability to manage or disable the use of these cookies by adjusting your browser settings or using the preference management tools offered by advertising services.

Personalization of the user experience

We personalize the shopping experience on our site to provide you with product recommendations that match your interests and needs.

Purpose : To help you discover relevant products based on your previous actions on the site.
Examples : Recommendations based on your previous purchases or the pages you have viewed.

This personalization aims to offer you a smoother browsing experience, by presenting you with products that are likely to interest you more.

Respecting your consent and managing your preferences

We respect your right to privacy and to manage your communication preferences.

Managing your preferences : You can choose at any time to no longer receive marketing messages, change your preferences or unsubscribe completely from our commercial communications.
Impact : Refusing or managing your preferences will not prevent you from using our site to submit ideas or make purchases.

We are committed to protecting your personal information and respecting your choices, ensuring a personalized experience while respecting your preferences.

Data Retention Period

Order data : Kept for 5 years after the last transaction, in accordance with legal obligations (tax and commercial).
Browsing data : Kept for 13 months from collection, in accordance with cookie legislation.
Marketing communications data : Retained for as long as you maintain your consent. You can withdraw your consent at any time.

Deletion or Anonymization of Data

Upon expiry of the retention periods mentioned above, your data will be securely deleted. If certain data is used for statistical or historical purposes, it will be anonymized so that it can no longer be associated with your identity.

4. Sharing Data with Third Parties

We never sell your personal data, but in the context of operating our site and providing you with our services, some information may be shared with third-party providers or partners. These shares are limited to cases where it is necessary for the proper functioning of the services you request and according to the laws in force.

4.1. Service Providers

We work with third-party service providers to help us deliver our services. These partners have specific roles and may have access to some of your personal data, only as part of their duties. They are required to strictly respect the confidentiality and security of your data.

Site hosting : The Dilya's Art site is hosted by Shopify, which ensures the security and integrity of your personal data.
Payment Processing : We use third-party payment processors, such as Stripe and PayPal , to secure your transactions. These providers handle your payment information according to their own privacy policies, independent of our site.
Printing and Shipping : Some services like Printful are used to print and ship products. They may have access to your information needed for these operations, such as the shipping address.

4.2. Marketing and Advertising Partners

To improve your experience and provide you with relevant offers, we use partners for advertising and analytics. These services may collect data about your interactions with our site.

Google Analytics and Facebook Pixel : These tools are used to analyze site performance, improve user experience, and personalize ads. These partners collect information such as your activity on our site and your interactions with our ads.
Targeted advertising : Some external partners may use your data to present you with advertisements tailored to your preferences. These partners also respect the privacy standards in force.

4.3. Legal Obligations

In some cases, we may be required to share your data with legal authorities or regulatory bodies. For example, if a request is made as part of a legal, judicial or administrative investigation, we must respond to that request and share the requested information.

5. Your Rights

In accordance with the General Data Protection Regulation (GDPR) , you have the following rights over your personal data:

5.1. Right of access

You have the right to request a copy of the personal data we hold about you. This right allows you to check:

The types of data we collected,
The purposes for which we use your data,
The recipients or categories of recipients to whom your data has been shared,
The duration of retention of your data or the criteria used to determine this duration.

This request for access is free of charge, unless it is excessive or repeated, in which case we may apply a reasonable fee or refuse to respond.

5.2. Right of rectification

You may request that your personal data be corrected or updated if it is inaccurate or incomplete. For example, if your contact information (email address, postal address, etc.) changes, you may ask us to amend it.

5.3. Right to erasure (“right to be forgotten”)

You have the right to request the deletion of your personal data under certain conditions. This includes in particular:

If your data is no longer necessary for the purposes for which it was collected,
If you withdraw your consent (where the processing of your data was based on that consent),
If your data has been processed unlawfully,
If we are required to delete your data to comply with a legal obligation.

However, certain data may be retained if their processing is justified by a legal obligation, in particular in tax, accounting or commercial matters.

5.4. Right of opposition

You have the right to object to our processing of your personal data for reasons relating to your particular situation. This right applies specifically when your data is used to:

For direct marketing purposes (for example, sending you commercial emails),
The management of your contractual relationship with us if you consider that this processing is not justified by our legitimate interests.

Where we use your information for marketing purposes, you have the opportunity to opt out of these communications at any time, free of charge.

5.5. Right to portability

You have the right to request the portability of your personal data in a structured, commonly used and machine-readable format, so that you can transfer this information to another service provider. This right only applies to data that you have provided directly and that is processed on the basis of your consent or a contract with us.

5.6. Right to withdraw consent

Where we process your personal data based on your consent (for example, to receive marketing emails), you have the right to withdraw your consent at any time. Once you withdraw your consent, we will stop processing your data for this purpose. Please note that this withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

5.7. How to exercise your rights

To exercise any of these rights, you can contact us via the following means:

Email : dilya.art.supportclient@gmail.com

You may be asked to prove your identity (for example, by providing a copy of an ID document) to ensure the security and confidentiality of your data.

5.8. Processing time for requests

We undertake to respond to your request within a maximum of 30 days . This period may be extended by an additional two months if the request is particularly complex or if we receive a large number of requests. In this case, we will inform you within 30 days of receiving your initial request.

5.9. Right to lodge a complaint

If you believe that your data protection rights have not been respected, you have the possibility to contact the competent data protection authority.

6. Guarantees and Data Security

We implement appropriate technical and organizational measures to ensure the security of your personal data and prevent unauthorized access, disclosure, modification or destruction.

Specific security measures:

All communications and transactions on our site are secured by SSL (Secure Socket Layer) encryption, guaranteeing the confidentiality of exchanges.

Payments are processed through secure providers such as Shopify Payments, Stripe, and PayPal, which use advanced protocols to protect your banking information.

Personal data is accessible only by authorized persons and only to the extent necessary for the management of the services offered.

Protection against unauthorized access:

We limit access to your personal information within our organization to only those employees and contractors who have a legitimate need for access, and these individuals are subject to strict confidentiality obligations.

We use access control systems, firewalls and intrusion detection tools to protect the site and the information stored therein from any malicious access attempts.

In the event of a security breach:

If we detect a security breach affecting your personal data, we undertake to take all necessary measures to limit the impacts and to inform you as soon as possible, in accordance with legal requirements.

These guarantees are regularly re-evaluated and updated to ensure compliance with the most recent safety standards.

7. Changes to the Privacy Policy

We reserve the right to modify this privacy policy at any time. If we make any changes, we will update the revision date at the bottom of this page. These changes may be made to reflect changes in our data protection practices, legal requirements, or technological developments.

Notification of changes:

If the changes are material, we will proactively notify you. This may include sending you an email notification or posting a prominent message on our site to alert you of the update.
Regular Review: We encourage you to review this Privacy Policy periodically for updates and to understand how we protect your personal data. By accessing our site or using our services after any changes, you agree to the revised terms.

By continuing to use our site after the policy has been updated, you agree to the new terms. If you do not agree with these changes, you have the option to request the deletion of your personal data by contacting us.

8. Contact

If you have any questions, concerns or requests regarding this Privacy Policy or the way we treat your personal data, please do not hesitate to contact us at:

Contact email:
dilya.art.serviceclient@gmail.com

We are committed to responding to your concerns promptly and ensuring the confidentiality of your personal information.

8.1 Links to other policies or documents

To better understand the use of your personal data and the management of your experience on our site, we encourage you to also consult the following documents:

9. Processing of Data by Subcontractors

As part of our activities, we may use subcontractors to carry out certain data processing operations. These subcontractors are carefully selected and must comply with strict data confidentiality and security standards, in accordance with the General Data Protection Regulation (GDPR).

Subcontractors may intervene in the following areas:

Website and data hosting
Payment Processing
Printing and shipping of products

Sending marketing communications (e.g., mailing services)

We ensure that all subcontractors we work with respect our data security and confidentiality commitments. They are also subject to specific contracts stipulating the conditions of data processing and their obligations with regard to the protection of personal data.

If you would like to obtain an updated list of our subcontractors, or if you have specific questions regarding their data processing practices, you can contact us at the following address: dilya.art.contact@gmail.com .

10. Guarantees and Data Security

While we take precautions to protect your personal information, our site is hosted on Shopify, an e-commerce platform known for its security. Shopify has strict security standards to protect your data.

Security measures implemented by Shopify:

Data encryption : Shopify uses Secure Socket Layer (SSL) encryption to protect sensitive data, including during transactions and information exchanges.
Payment Security : All transactions are processed by certified payment providers such as Shopify Payments, Stripe, or PayPal, which comply with PCI-DSS (Payment Card Industry Data Security Standard) security standards.
Attack Protection : Shopify implements measures to protect against malicious attacks, such as intrusion detection software and firewalls.

Shopify’s Responsibility:

As Shopify is our site's hosting provider, it is responsible for the security of the platform's technical infrastructure. We rely on Shopify to ensure the protection of our users' personal data, including information related to payments and order management.

Limitation of our role:

As a site manager, we are committed to using Shopify securely, but we do not have direct control over the security systems and practices that Shopify has in place. We encourage you to review Shopify's security policy directly for more information on how your data is protected at the hosting level.

Data Breach Notification:

In the event of a personal data breach, Shopify is required to comply with legal notification obligations. We will follow established procedures to notify you if such a breach occurs, in accordance with the requirements of the GDPR.

Country/region

Language

Privacy Policy – ​​Dilya's Art