Privacy policy


This Privacy Policy provides users (the "Site") with the most complete and clear information regarding the processing of their personal information on the Site under the General Data Protection Regulation (GDPR). or General Data Protection Regulation (EU 2016 / 679) and the Italian Privacy Code (DL 196 / 2003).

In accordance with regulatory requirements, this Privacy Policy states:

• The nature of the personal information processed;

• Objectives and methods of processing personal information;

• The identity and contact information of the data controller (s);

• The contact details of the Data Protection Officer (DPO);

• Third parties involved in treatment activities;

• The period of retention of personal information;

• Security measures adopted to protect personal information;

• Users' rights in the protection of privacy.

This privacy policy applies to the site only and does not apply to the websites or platforms to which the site is linked.

Users under the age of 16 (sixteen) are not allowed to provide their consent for the processing of personal information without the permission of their parents.


In the context of the GDPR, the data controller is the person who, alone or in conjunction with others, determines the purposes and methods of processing personal information.

The controllers jointly carrying out the data processing related to the activities of the site are:

• SASU CATT LANDA, CDV 44436, 350 Chemin du Pré Neuf, 38350 La Mure FRANCE

Regarding the personal information of non-registered users who have requested to receive newsletters and marketing communications, Catt Landa acts as sole controller.


"Personal Information" means user-related information that is personally identifiable, used individually or in conjunction with other data.

Personal information is collected automatically by the site or received via many sources: forms, discussion, email, applications, devices, social media and other modes of communication.

The site processes personal information in various formats for the following purposes:


The site collects non-sensitive navigation data using automatic means to enable and improve user navigation (eg IP address, date / time and length of visit, URL, pages viewed on the site). site, the device used and any other information).

Processing this information allows users to access the site and take full advantage of its features and services. In addition, navigation data can be used to verify that the site is functioning properly.

From time to time, navigation data is processed anonymously for statistical purposes.

Navigation data is unlikely to allow identification of the data subject. However, by their nature, browsing data can be used to identify users if they are associated with other data.

The navigation data described above is only temporarily saved in accordance with the applicable laws.


At the time of the final payment, the site asks users to provide their personal information for the sole purpose of completing their purchase orders and to respect contractual obligations (eg name and surname, email address, delivery address, etc.). .

This personal information also allows the customer service to assist customers who have submitted inquiries or questions related to their orders, before or after the conclusion of the sale (for example, order status or related conditions). upon return of products).

The order information will be stored for as long as necessary to comply with the contractual obligations and obligations in force regarding tax and financial reporting.

The site can also check the means of payment used by customers when they buy on the site (eg credit card, debit card, etc.) mainly in order to avoid any fraudulent activity or in accordance with the laws on fight against money laundering. Since third-party payment service providers are fully responsible for the payment verification, the controllers do not process or store any financial information belonging to the customers.

Failure to provide the personal information required at the time of final payment will prevent users from completing their orders on the site.

On the basis of legitimate interests to improve its relationship with customers, the site will send email communications to customers containing product recommendations, discounts, feedback requests or other updates. Customers remain free to unsubscribe from these electronic communications (for example by clicking on the "unsubscribe" link at the bottom of each email).


When users choose to create a personal account on the site, they are asked to provide their personal information (date of birth, gender, etc.). The site clearly indicates the personal information that is required (or optional) to create an account on the site.

Users must provide personal information that is accurate and accurate at the time of registration and are encouraged to keep their personal information (if changed) up-to-date by logging into their personal account and updating the relevant data.

Users choosing to activate or connect to their account via social media should be aware that when they connect to their account on social media, the site collects certain personal information that users have already provided to that site. social media (eg the email address and public profile on Facebook).

Controllers do not supervise or control the services offered by these social media nor the user profiles included in these media. They also do not establish privacy settings or rules about how personal information is used on these social media. Users are urged to read all relevant social media services policies and information to learn more about how they handle personal information.


On the site, users can choose to receive newsletters and commercial communications.

The site always obtains the explicit, free and explicit consent of users before sending them newsletters and marketing communications or, more generally, before setting up electronic marketing projects addressed to them.

In such cases, users may be invited to submit their personal information in addition to their email address (eg gender, country of residence, etc.) in order to receive newsletters and marketing communications tailored to their profile. user.

Users can always easily withdraw their consent to receive newsletters and commercial communications in the following ways:

• By going to the settings of their account;

• By clicking on the "unsubscribe" link found in each email;

• By contacting our customer service.

Regarding the personal information of non-registered users who have requested to receive newsletters and marketing communications, Catt Landa acts as sole controller.


Consistent with the explicit consent of users, newsletters and marketing communications may be tailored to the users' "profile" based on the personal information that the site collects or receives about the individual.

Regarding the customers of the site, it is in the legitimate interest of the site to treat personal information in order to offer more interesting products, improve the site and customize the products offered on the site.

The primary goal of profiling is to offer products, services and initiatives that better reflect the preferences, buying habits and interests of users and customers.

Personal information may also be used for remarketing, retargeting or profiling, including through third parties (eg social networks, etc.).

Neither the site nor the controllers will perform profiling activities related to children.


The information related to the cookies used on this site can be consulted by clicking on the following link: Cookie Policy.


Controllers may transfer customer personal information to third-party primary suppliers who act as "data managers" (the "managers"), for business purposes and for the purpose of fulfilling their contractual obligations.

Controllers will make every effort to ensure that all managers apply best practices to protect personal information and that they will not use personal information for purposes other than those agreed upon with the controllers.

For example, controllers can share personal information with managers in the following categories:

• Couriers and postal operators;

• Distribution centers and warehouses;

• Advertising, digital, marketing and social media services agencies;

• IT service providers;

• Providers of customer support services;

• Payment service providers.

In such cases, the sharing of personal information with managers is essential to enable controllers to fulfill their contractual obligations and to improve the products and services of the site.

Users can request to receive an updated list of managers involved in the processing of personal information related to the activities of the site by sending an email to:

Controllers should always reserve the right to disclose users' personal information that is required by law (for example, in response to requests for compliance with the law), and when necessary to protect the rights of controllers or their controllers. affiliates or third parties.

In addition, personal information may be disclosed to other companies within the same organizational group of each controller, or to third parties in the event of organizational restructuring, in accordance with applicable laws.

In other cases, the sharing of personal information will be subject to the prior and explicit consent of the user, unless the treatment is authorized under another legal basis.

Controllers will not transfer personal information outside the European Economic Area (EEA) unless the user has explicitly authorized such transfer or if the transfer of personal information outside the EEA is permitted by the GDPR. under another legal basis.


Users' personal information is processed by controllers using computer, automated and electronic tools and, in a limited number of cases, using documentary means. In accordance with the GDPR, specific security measures have been implemented to prevent data loss, illegal and inappropriate use of data and unauthorized access to data.

Only authorized employees of controllers and authorized employees of third-party providers acting as managers on behalf of controllers have access to personal information related to site activities. Data processing agreements have been put in place with managers to ensure that they consistently adopt the level of security required by the GDPR when processing personal information related to site activities.

Although the site primarily adopts security measures to prevent loss, destruction or dissemination of personal information, it can not exclude security risks that are naturally associated with online data transmission. The user accepts the risks of providing his personal information on the Internet and will not hold the site liable for any breach of security, unless this breach is the result of negligence or willful misconduct on the part of the site.


Controllers will store personal information as long as necessary to provide users and customers with the services required or to fulfill their legal or tax obligations, or for the minimum period of time required by law.

In order to determine the appropriate period for the retention of personal information stored by the site in accordance with the user's consent, controllers will consider several factors to ensure that personal information is not kept longer than necessary or longer than the period deemed appropriate. These criteria will also include:

• The purpose for which the site holds the personal information;

• The legal, tax and regulatory obligations related to this personal information;

• The type of ongoing relationship maintained with the relevant user or customer (how often does the user log in to their account on the site? How often does he / she visit or buy from the site?);

• Any specific request from a user regarding the deletion of personal information;

• legitimate business interests.

The site will promptly delete or anonymize personal information that is no longer required or retained by law.


The site may contain banners, advertisements and other links to third party websites or platforms. Controllers can not supervise or be held responsible for the conduct of third party websites or platforms with respect to privacy. Users are encouraged to read their privacy policies to verify how they collect and process personal information.


Users are entitled to receive confirmation that the controllers do or do not have personal information about them.

If this is the case, under the GDPR, users also have the right to:

• Be informed about the collection and use of their personal information;

• Access their personal information free of charge;

• Request that erroneous personal information be corrected or completed (when incomplete);

• Request the removal of personal information ("the right to be forgotten");

• under specific conditions, obtain the restriction or deletion of their personal information;

• Obtain and reuse their personal information for their own account in different services when the processing is based on a contract or consent and the processing is done using automatic means ("the right to data portability") ;

• under specific conditions, challenge the processing of their personal information;

• Challenge at any time the use of personal information for the purposes of "profiling" or "automated decision making";

• Submit complaints related to the collection and processing of personal information to the relevant supervisory authority;

• Withdraw their consent to the processing of their personal information at any time.

Users can contact the site for any questions and to exercise their rights of confidentiality by sending an email to the following address:


Any changes made in the future to this privacy policy will be published on the site and, where appropriate, reported to users by email. Users are encouraged to periodically review this Privacy Policy to check for updates or changes.

Last updated: July 2019

Back to top