Privacy Policy
Last update on 20 January 2025
Roneljake - Privacy Policy
This Privacy Policy explains how RONELJAKE SAS collects, uses, stores, and protects your personal data when you visit our website, create an account, make a purchase, or interact with our content.
RONELJAKE acts as the data controller within the meaning of the GDPR. For full legal and hosting details, see our Legal Notice.
What Data We Collect
We only collect data that is adequate, relevant, and limited to what is necessary.
- Identity & contact:
First and last name, title, email address, phone number, billing and delivery addresses. - Account data:
Login email, hashed password, language preferences. - Order & delivery data:
Ordered items, amounts, order history, delivery tracking, and customs details . - Payment data:
Payment status, transaction IDs, and the last 4 digits of your card (if provided by the payment service).
We never store full card numbers. Payments are processed by secure third-party providers (e.g., PayPal, Stripe, or Apple Pay). - Customer service:
Messages, attachments (e.g., photos for defects), and return/refund details. - Marketing & analytics:
Consent choices, campaign interactions, device and usage data (IP address, device type, pages viewed, session events). - Cookies and online identifiers:
Please refer to our Cookie Policy for more details. - Recruitment (optional):
CV/resume, experience, and contact details (if you apply for a position). - Social media :
Public username and message if you contact us via social platforms. - Children:
We do not knowingly offer services to children. In France, we do not process data based on consent for minors under 15 without verified parental consent.
Why We Use Your Data
We process your personal data only for specific, legitimate purposes and under lawful bases defined in Article 6 of the GDPR.
We use your data to:
- Perform and deliver your orders — to process purchases, handle payments, shipping, returns, and apply legal guarantees.
Legal basis: Contract performance - Create and manage your customer account — to secure your login, respond to your requests, and prevent misuse or fraud.
Legal basis: Contract / Legitimate interest - Comply with legal obligations — to meet invoicing, accounting, tax, and consumer-law requirements.
Legal basis: Legal obligation - Send newsletters and promotional offers — to provide updates and special offers.
Legal basis: Consent (for non-customers) / Legitimate interest (for existing customers, with opt-out option) - Measure traffic and improve our services — to analyze usage, enhance user experience, and ensure site security.
Legal basis: Consent (for non-essential cookies) / Legitimate interest - Assess job applications — to review and manage recruitment processes.
Legal basis: Consent / Legitimate interest
You may withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
- Perform and deliver your orders — to process purchases, handle payments, shipping, returns, and apply legal guarantees.
Who Receives Your Data
We share personal data only with trusted third parties and service providers, as needed to operate our business:
- Payment processors: e.g., PayPal, Stripe, ApplePay
- Logistics and carriers: e.g., Mondial Relay, Colissimo, Chronopost
- IT, hosting, and analytics: web hosting provider, consent management platform (CMP), analytics tools (Google Analytics or equivalent), Cloudflare, Security, Wordfence,
- Customer support tools: ticketing and email platforms
- Anti-fraud and security services
- Authorities or regulators: only when legally required (e.g., customs, tax, police, courts)
All partners act under data-processing agreements and apply appropriate security measures.
International Transfers
- An adequacy decision by the European Commission, or
- EU Standard Contractual Clauses (SCCs) or UK IDTA/Addendum with supplementary protection measures, or
- The provider’s participation in the EU–US Data Privacy Framework.
Retention Periods
We retain personal data only for as long as necessary for their intended purposes:
- Customer accounts and relationship data: while the account is active and up to 3 years after the last contact
- Invoices and accounting data: 5–10 years
- Orders and warranties: up to 2–5 years
- Customer support cases: duration of the case plus up to 3 years
- Marketing consents: until withdrawn, then recorded in a suppression list
- Analytics cookies: up to 13 months per CNIL guidance
- Recruitment files: up to 2 years after the last contact
After these periods, your data is securely deleted or anonymized.
Your Rights
Under the GDPR, UK GDPR, and French data-protection law, you have several rights regarding your personal data. You may access your personal data, correct any inaccurate or incomplete information, and request its erasure (“right to be forgotten”). You also have the right to restrict or object to certain types of processing, and to receive a copy of your data in a portable format.
You may withdraw your consent at any time, particularly for marketing communications or cookies, without affecting the lawfulness of processing based on consent before its withdrawal.
To exercise any of these rights, please contact us at [email protected].
You may also lodge a complaint with your local data-protection authority.
In France, this is the CNIL – 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07 – www.cnil.fr.
Marketing Choices
Email or SMS marketing is opt-in where required.
You may unsubscribe using the link in our communications or by contacting contact@roneljake.com.
You can also modify your cookie preferences anytime via the “Manage Cookies” link on our site or through your browser settings.
Cookies and Similar Technologies
Security Measures
We apply appropriate technical and organizational measures to protect your data, including:
- HTTPS encryption and secure servers
- Access control based on the principle of least privilege
- Regular backups and monitoring
- Incident response procedures
If a breach likely to pose a high risk to your rights occurs, we will notify you and the competent authority as required by law.
Regional Notices
United Kingdom:
We comply with the UK GDPR and PECR. Your rights mirror those under EU GDPR.
United States (California / CCPA–CPRA):
We do not sell personal data for monetary value. Some analytics or advertising cookies may be considered “sharing.”
US residents can opt out via the “Do Not Sell or Share My Personal Information” link or by emailing [email protected].
Australia & New Zealand:
We follow the applicable privacy laws (Privacy Act 1988, Privacy Act 2020) regarding access and correction rights.
Other Regions:
Where local laws do not provide equivalent protections, we apply GDPR-level transparency and safeguards.
Social Media and Third-Party Links
We publish content on third-party platforms (such as Facebook, Instagram, TikTok, Pinterest, and LinkedIn). Any personal data collected on or through these platforms is processed by the respective platform under its own privacy policy. RONELJAKE is not responsible for how these third parties handle your data.
Updates to This Policy
We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes.
We will post the new version on this page with an updated “Last update” date.
If required, we will request new consent for significant changes (e.g., cookie or marketing updates).
Contact
For customer support inquiries:
📧 [email protected]
Postal address:
RONELJAKE SAS
18 Rue de la Chapelle, 94800 Villejuif, France
