Blooom undertakes, within the framework of its activities and in accordance with the legislation in force in France and in Europe, to ensure the protection, confidentiality and security of the personal data of the users of its services, and to respect their privacy.
This Policy informs you about how Blooom processes your personal data.
This Policy applies in particular to customers and users of the offers and services and to visitors to the Byblooom.co websites.
It may be supplemented by specific information brought to the user’s attention in connection with a particular offer or service.
Why does Blooom process your data?
Blooom only processes personal data for specific, explicit and legitimate purposes. Blooom shall not process such data in a way that is incompatible with these purposes.
Blooom processes your data in the context of the performance of a contract
To this end, the purposes pursued by Blooom are the following:
- To manage the identity of the customer or user and to authenticate him
- To manage the order
- To invoice and collect payments
- To provide pre-sales service and sales
- Provide after-sales service
- Manage personal data, characteristics and rights of a contract
- Handle complaints
- Communicate in customer management
- Handle incoming mail
- Handle disputes
- Manage data subject rights requests
- Store customer or user data
- Provide authentication services
Your data is kept for the time necessary to fulfil the purposes mentioned above. In the case of processing relating to the execution of the contract, the data may be kept for a maximum of three years from the end of the relationship.
Blooom also processes data for purposes other than the strict performance of contracts. In this case, Blooom shall ensure that it has a legitimate interest in carrying out the processing. Furthermore, processing may be subject, as far as necessary, to the collection of your consent, which you may withdraw at any time.
To this end, the purposes pursued by Blooom are the following:
- Organise direct marketing operations.
- Organise events
- Organise competitions
- Collect personal data subject to consent
- Make personalised recommendations
- Analyse the use of offers to make proposals to the customer
- Improve our offer and customer relations
- Ensure the security of platforms and services
- Supervise the billing system
- Avoiding fraud and preserving turnover
In this case, all the data is first made anonymous.
What data is processed?
Depending on the case, Blooom processes your personal data, either collected directly from you or resulting from the use of products or services.
Blooom only processes data or a category of data if it is strictly necessary for the intended purpose. You can find information on these purposes above.
Blooom processes the following categories of data:
Identification data: name, first name, identifier, …
Contact data: postal address, email, telephone number…
Economic and financial data: means of payment, payment history, etc.
Connection, service usage and interaction data: connection and usage logs, intervention reports, etc.
Products and services held or used
Who will receive your data?
The data collected is intended for the internal services of Blooom.
The data may also be processed by partners of Blooom. This concerns situations where partners are involved in the provision of services. This may also involve processing to which you are asked to consent.
Finally, the processed data may be transmitted to the competent authorities, at their request, in the context of legal proceedings, in the context of legal investigations and requests for information from the authorities or in order to comply with other legal obligations.
Is your data processed outside the EU?
The data collected may be processed outside the European Union.
In this case, Blooom takes the necessary steps with its subcontractors and partners to ensure an adequate level of protection of your data in full compliance with the applicable regulations.
If the subcontractors and partners concerned are not members of the Privacy
Shield agreement for transfers to the United States of America, or are not located in a country with legislation considered to offer adequate protection, they will have signed the European Commission’s “standard contractual clauses” or will be subject to binding internal rules approved by the authorities.
What are your rights?
You have the right to access, rectify and delete data concerning you. You may request the portability of this data. You also have the right to object to the processing carried out or to request its limitation.
You can issue directives on the conservation, deletion or communication of your personal data after your death.
How to exercise your rights?
You may exercise your rights at any time, and contact Mr Khalid Medaghri in his capacity as Data Protection Officer at the address below: dpo@byblooom.co
Possibility of referring to the CNIL
If your exchanges with Blooom have not been satisfactory, you have the possibility of lodging a complaint with the Commission Nationale de l’Informatique et des Libertés (CNIL), the supervisory authority in charge of compliance with personal data obligations in France.
How is your data secured?
Blooom ensures that your data is processed in complete security and confidentiality, including when certain operations are carried out by subcontractors. To this end
Blooom ensures that your data is processed in complete security and confidentiality, including when certain operations are carried out by subcontractors. To this end, appropriate technical and organisational measures are put in place to prevent the loss, misuse, alteration and deletion of your personal data. These measures are adapted according to the level of sensitivity of the data processed and the level of risk presented by the processing or its implementation.
Changes to the Data Protection Policy
This Privacy Policy may be subject to change.
Last updated on 26/02/2021