Princs (Beijing) Co., Ltd., a Chinese company registered at the Beijing Trade and Companies Register under the number 91110105MA0021318G, located at Rm 301, F/3, Bd 70, No. 1 San Jian Fang East Road, Chaoyang District, 100024 Beijing, China, email : firstname.lastname@example.org, (hereinafter referred to as “AAS”, the short form of “A. A. Spectrum 光谱”)
Date: July 12, 2023. This document has been updated to comply with the requirements of the General Data Protection Regulations (GDPR) which came into force on 25 May 2018.
1.1. Aim of this policy
AAS is determined to respect your privacy and protect your personal data.
This Confidentiality and Data Protection Policy (the “Confidentiality Policy”) is designed to inform you about our use of your personal data that we gather when you access the website www.aaspectrum.com (the “Website”), when you purchase any goods at AAS points of sale or when you contact AAS.
The Website is hosted by Zoho Commerce. Its publication director is Mr. Kevin TALLON.
This Confidentiality Policy will enable you to determine the origin and the use of the information that we gather, as well as your rights and options under the applicable data protection rules and regulations.
We therefore ask you to read this document carefully.
1.2. Modification of the Confidentiality Policy
AAS may modify this Confidentiality Policy from time to time depending on the legal and regulatory context, and to keep you informed about changes in our personal data processing practices.
AAS therefore recommends that you always become acquainted with the latest version of this Confidentiality Policy whenever you plan on having any interaction with AAS, by visiting this section or by clicking on the “Confidentiality Policy” link at the bottom of the home page of the Website (see Section 3.9 “Modifications and updates of the Confidentiality Policy”).
1.3. AAS’s role and responsibility
Unless otherwise specified in separate provisions regarding specific instances of processing of personal data, the processing of your personal data that is described in this Confidentiality Policy shall be performed by the company AAS, publisher of the Website and which is thus the “data controller” under the applicable data protection laws.
However, when you purchase a AAS product (hereinafter “Product”) in any point of sale (whether physical or online) other than those owned by AAS, the boutique where you place your orders or purchase the Products shall be solely and fully responsible for any processing of your personal data performed for purposes of transaction management and invoicing in connection with your purchases.
2. The key points of this Confidentiality Policy
2.1. Data gathered
AAS gathers your personal data when you use the Website, interact with AAS or make purchases in the AAS stores.
In addition to the information that you actively provide (e.g. when creating an account, indicating your address), information is likely to be automatically gathered or generated by our systems (e.g. in order to determine your favourite Products).
2.2. How your data is used
The data that we gather enables us:
To provide you with the Products and services that you requested;
To send you information about AAS’s Products and events that we consider most likely to be of interest to you.
To understand how you may oppose such use and withdraw your consent, please consult section 3.11 below.
Besides, controls are carried out in order to ensure the security of the Website and of the payments made on the Website, in accordance with article 3.2 below.
2.3. Who receives your personal data, and to whom is it transferred
Your personal data is only accessible to authorised personnel working for AAS and, if necessary, to our subcontractors and service providers, in order, notably, to ensure transportation and delivery of the Products ordered on the Website.
2.4. Storage of your data
In general, your personal data will be kept by AAS in accordance with article 3.6 below, as long as you remain a client and until the expiry of the applicable warranties. It will only be kept beyond that time with your permission or to meet our legal obligations.
2.5. Your rights and options
You have a right to access, to amend, to request the erasure and to exercise other rights over your personal data, under the data protection laws and regulations, and in accordance with the conditions set forth in articles 3.10 and 3.11 below.
You may also contact us at any time at the address and details featured in the “Contact” section of the Website.
3. Conditions of use of your personal data and enforcement of Confidentiality Policy
3.1. Use of your personal data
Your personal data is only gathered when AAS has a legal basis for doing so.
We therefore process your personal data only when necessary:
3.1.1. To deal with your requests, e.g.
To send you information about our offers, news and events (newsletter, invitations and other publications via the channels that you will have specified beforehand – post, e-mail, telephone, SMS, instant messaging);
To manage your requests for information, to deal with your requests and complaints;
To improve the operation of the Website by generating statistics, to personalise the interface of the Website based on your preferences, and for the purpose of targeted advertising or promotional material, in keeping with our Cookies Policy, as set out hereafter.
3.1.2. To provide you with services and fulfil the orders that you place, and to comply with our contractual obligations, and in particular:
To enable you to create a “my account” personal space and purchase AAS Products online;
To manage your orders and their delivery as well as the corresponding warranties;
To manage any other service, whether current or future, in accordance with the corresponding Terms of Service.
3.1.3. For the pursuit of the legitimate interests of AAS:
To manage our relationship with you by keeping an up-to-date centralised database of our existing and potential clients, enabling us to proactively manage the monitoring of our commercial relationship;
To ensure that we provide high-quality services by conducting surveys;
To create survey reports and statistics, after anonymising the underlying data or after implementing processes designed to prevent the erroneous attribution of data to an identified person.
To ensure the security of your transactions online, to prevent fraud and payment defaults.
For all these purposes founded on our legitimate interest, we take into consideration any potential impact that the gathering of this data may have upon you and upon the users of the Website in general. Should we believe that your interests or your fundamental rights and freedoms transcend our legitimate interests, we will refrain from using your personal data on this basis and may ask you for your consent on a case by case basis.
3.2. Processing of personal data for purposes of prevention and management of payment defaults
In order to combat fraud over the Internet, information concerning your order and concerning the terminal used to place the order (such as the operating system used, the location of the machine, whether or not a proxy was used, etc.) is gathered automatically and used, subject to your consent, to analyse your transactions for purposes of fraud detection and prevention of payment defaults. The information may be transmitted to our payment service provider and to any third party that is duly authorised by law for the sole purposes of checking your identity, the validity of the order, of the payment method used and of the requested delivery address.
3.3. Categories of data gathered by AAS
3.3.1. Information that you provide to us directly
We gather the information that you disclose to us directly when you use our Website and our services.
This is for instance the case when you create an account online, you register to receive our news, you make a purchase online or from our stores.
The categories of personal data that we gather directly from you include:
Your identification and contact data (such as your family name and first name, e-mail address, telephone number, date of birth, mother tongue, preferred means of contact) needed to identify you or to contact you;
Transaction-related information needed to process your order (items chosen, delivery and billing address, telephone number, means of payment, including your bank card details in order to enable billing – account holder name, number and expiry date – in case of payment by bank card);
Data concerning the monitoring of our commercial relationship, for instance your order number, the chronology of your purchases, your contacts and requests or your correspondence with our Customer Service unit (hereinafter the “Customer Service unit”);
Socio-demographic data (such as your age, your profession, etc.);
Data concerning your preferences and your person (preferred style, size, favourite colours, etc.).
The personal data that is indispensable for AAS to fulfil the purposes described above is highlighted in the various pages of the Website. Should you not disclose this data in the mandatory fields, AAS may not be able to respond to your requests and/or supply you with the Products and services that you want. All other data is merely optional and enables us to know you better and to improve the way in which we communicate with you and the services that we provide to you.
In our stores or during the events that we organise (for instance: fashion shows or private sales in your local store), we may gather additional personal data under terms and for uses that shall be specifically notified to you on this occasion.
3.3.2. Information automatically gathered by AAS
Other data is gathered automatically when you access the Website, use our services or perform a transaction with us:
Connection data concerning the terminal used: your IP address, the type of browser you use and various information about your browsing of our Website are also gathered for purposes of administration and/or to generate statistics, as detailed in our Cookies Policy;
Recording of your calls to AAS’s Customer Service unit: should you get in touch with one of our advisors, the conversation may be recorded in order to ensure the quality of the service. You will be informed about this in the message that is played while you wait.
3.3.3. Information regarding third parties
In some cases, AAS will gather information that you provide about other people, for instance when you decide to buy and send Products to someone else. This information is only used to fulfil your requests and never to send marketing communications to your contacts, unless they personally choose to receive information from AAS.
3.4. The recipients of your personal data
3.4.1. Management of the Website and the Services
Your personal data is processed by AAS. It will not be transferred or made accessible to any third party other than (i) AAS’s subcontractors and service providers (for example, our Customer Service unit) who are involved in a purely technical or logistical capacity (carriers, providers of hosting and maintenance services to the Website, payment and fraud prevention service providers, etc.), and (ii) upon any reorganisation of our company, including a total or partial disposal of our assets, merger, takeover, acquisition, de-merger, and in general any reorganisation operation, in order to ensure the continuity of the services provided.
3.4.2. Personalised client management, prospecting
Your personal data is accessible to the authorised personnel working in AAS’s stores and entities with which you are in contact, as well as to our Customer Service and sales promotion teams.
You may thus receive from them, subject to your consent, information about the offers, news and events of our company in Switzerland and abroad.
3.4.3. Protection and defence of AAS’s interests
Finally, AAS may disclose your personal data to third parties when such disclosure is required by a law, a regulatory provision or a court ruling, or if this disclosure is necessary to ensure the protection and the defence of its interests (for instance to our external agents and counsels in case of debt recovery; to our insurance companies in case of the loan of a Product).
3.5. Transfers of your data abroad
Your personal data may be transferred to our service providers located inside the European Union (and/or the European Economic Area, and/or in countries acknowledged as adequate by the European Union regarding personal data protection), in charge, among others of the delivery of your orders and the process of your requests.
These transfers shall only occur, to the necessary extent, to deal with your requests and provide you with the same level of service in all the stores you may be in contact with.
Your personal data may also be transferred to service providers located outside the European Union or the European Economic Area, and non-acknowledged as adequate by the European Union regarding personal data protection, especially the United States. Should the case arise, such transfers shall only take place subject to appropriate guarantees designed to ensure a sufficient level of protection to your privacy and fundamental rights, such as the signature of the standard contractual terms adopted by the European Commission. A document detailing the guarantees implemented by AAS shall be disclosed immediately upon receipt of a request sent to AAS.
Moreover, your personal data may also be transferred as part of your orders to our service providers based outside the European Union that are involved in delivering your orders.
3.6. Duration of retention
AAS shall not retain your personal data beyond the duration that is strictly necessary for the accomplishment of the purposes for which it was gathered.
3.6.1. Newsletter, contacts and complaints
The identification data of the client that is used with the client’s consent to send out promotional messages, newsletters and other AAS publications shall be kept for a period of three years as of its gathering or as of the last contact initiated by the client.
Any personal data and general information about your requests (for example, opening date, closing date, subject of the request) that is gathered and processed under the section entitled “Contact us” or pursuant to contact with the Customer Service unit will be kept for 5 years in our unique customer repository. Call recordings are kept for 6 months by our Customer Services unit.
AAS may also keep for archiving purposes copies of its correspondence with the users of the Website and any response to the questions or comments sent to the users by our Customer Service unit.
3.6.2. Data concerning orders, past purchases and “Know your customer”
AAS will keep the data concerning your orders for as long as you remain a client (i.e. have an active client account or are a regular contact of our stores) and until the expiry of the applicable warranties. This data will only be kept beyond that time with your consent or for accounting and evidential purposes or to meet our legal obligations, or, after having been anonymised, for purposes of studies and statistics.
3.6.3. Payment data
Your payment data will be kept securely for the duration that is needed to confirm your order and payment and will then be immediately destroyed. In case of a problem with payment, your data will be kept throughout the duration of the management of the incident, then for a period of three (3) to five (5) years, depending on the severity of the incident.
3.6.4. Client account data
Your client account on our Website will remain active until you decide to close it and for as long as you make purchases on our Website. In case of protracted inactivity on your part over a period of 3 years, this account will be deactivated.
After the expiry of this three-year period, AAS may get in contact with its clients to find out whether or not they want (i) to continue to receive promotional messages, newsletters and other publications from AAS and/or (ii) to retain their client account on the Website. Your data will be destroyed within 2 working days as of your sending us a request to unsubscribe.
Clients may close their accounts and/or unsubscribe from our promotional communications, announcements, newsletters, etc. at any time. In order to do so, please contact our Customer Service unit by sending an e-mail to email@example.com or by clicking on the “unsubscribe” link featured in each message. You may also exercise this right by sending a request to the contact address featured on the homepage of the Website.
The connection logs that are gathered with your consent by the Cookies and other tracers implemented on our Website will be kept in accordance with the applicable regulations for a period of time that shall not exceed thirteen (13) months. For more details, see our Cookies Policy.
The Website may contain links to third party websites. AAS has no control over the content, the confidentiality policy and the data protection policy or the actions of these third party websites. The use of the information that you may provide to third parties on other sites or that these third parties may gather on those other websites is not governed by this Confidentiality Policy. You should carefully examine the confidentiality and data protection policies of any third party web sites and contact the publishers of these websites should you have any questions about the way they use your personal data. AAS hereby disclaims liability for any failure by a third party to use your personal data in accordance with their confidentiality policy or in accordance with any contractual or legal obligation that is binding upon them.
AAS has implemented appropriate technical and organisational measures to guarantee the confidentiality and the security of your personal data against any loss, destruction, alteration, unauthorised access or disclosure.
3.9. Modifications and updates of the Confidentiality Policy
This Confidentiality Policy is in keeping with the prevailing practices at AAS. It may be modified and updated to reflect the changes in AAS’s practices, to provide more information or to ensure compliance with the applicable regulations.
In case of a modification or update, the revised Confidentiality Policy shall be put online on the Website, with a statement indicating the date of the latest update. You will also be informed by a message on the Website urging you to read the updated Confidentiality Policy.
3.10. Your rights and options
3.10.1. Access and rectification
You have the right to access your personal data and to request the rectification or the destruction of any data that would turn out to be inaccurate. If you have a client account with AAS, you may directly access the data contained in your online account and rectify/eliminate it where applicable, as well as access the chronology/log of your transactions and your choices in terms of sales prospection.
Where applicable, you must ensure that you disclose to AAS any updates or changes to your personal data, including your postal and/or e-mail address, in order to enable us to dispatch your orders to the right address and to contact you about your orders if necessary.
3.10.2. Other rights
Erasure: You may also request the erasure of your personal data provided that it is no longer necessary for AAS to keep it.
Opposition: You can also oppose the processing of your personal data or request the imposition of limitations on such processing, unless the processing is necessary for the management of the Services that you request.
Withdrawal of consent: Where the processing of your data is based on your consent, you may withdraw this consent at any point in time.
Portability: You may moreover exercise your right to portability, i.e. obtain, in a structured, machine-readable form, the personal data that you provided to us directly on the basis of your consent or of a contract drawn up and signed with you and that that is undergoing automated processing.
Directives: You may also let us know your instructions regarding the preservation, erasure and disclosure of your personal data after your death, and modify these directives at any point in time.
These rights may be exercised directly with AAS, by contacting us in accordance with the terms of the section 4 below. You may be asked for proof of your identity.
3.11. Unsubscribing from our communications, requesting an end to targeted advertising
You may also oppose to AAS’s use of your personal data for purposes of marketing or drawing up your client profile; in that case, however, you will no longer benefit from customised offers or services.
4. Contact us
Should you be unhappy about the way in which AAS gathers and processes your personal data, you may file a complaint with the [the shop’s hosting platform provider’s country from where the shop is operated] Switzerland’s FDPIC [data protection watchdog] by visiting https://www.edoeb.admin.ch/edoeb/en/home/datenschutz/grundlagen/ndsg.html or by writing to the following address: Office of the Federal Data Protection and Information Commissioner FDPIC, Feldeggweg 1, 3003 Berne, Switzerland.