Privacy Policy
FORESINA SAS processes personal data (“Data”) in the course of its business activities, which includes the Data of individuals using the services of the CASA FORESINA website “www.casaforesina.com”.
Concerned with the rights of individuals, particularly with regard to automated processing, and in a spirit of transparency towards the Website Users and its Clients, FORESINA SAS has implemented a privacy policy (“Policy”) that sets out all such processing, the purposes pursued, and the means available to individuals in order to exercise their rights effectively.
FORESINA SAS may modify or update this Policy at any time, in particular to comply with any legislative, regulatory, case-law or technological developments.
1. Definitions
A “Personal Data” or personal data means any information relating to an identified or identifiable natural person who can be identified, directly or indirectly, from such data.
The term “Processing” means any operation or set of operations performed on Personal Data, regardless of the process used.
The “Service” refers to the services offered by FORESINA SAS.
2. Data Controller – Data Protection Officer
FORESINA SAS is the controller of the Data collected directly or indirectly from Service Clients, Website Users and its Partners.
In order to access and use the Website Services, the provision of certain information is mandatory. Failure to provide such Data will result in FORESINA SAS being unable to process the request for the provision of a Service or information about such Service.
Client and User Data:
Client, User, and Partner Data are collected:
via the Website.
In this context, FORESINA SAS collects the following categories of Data:
Identity and contact data: first name, last name, email address, billing address, phone number, delivery address (if required)
Technical information: IP address, device type (mobile, computer, tablet), resolution, screen size and density, operating system name, version and language, shipping method, marketing ID (IDFA or GAID, if consent is given)
Order data: list of products ordered, order date and amount, total number of orders, subscription status (if applicable), recurring/occasional customers, date of first and last order
Browsing and connection data: login data, browsing history on the site, purchase preferences, abandoned carts, wishlists
Behavioral and marketing data: customer segmentation (e.g. RFM: recency, frequency, monetary value), clicks on sent emails, custom audiences
Transactional data: payment confirmation, transaction success or refusal, type of card or payment method used
Security data: anti-fraud checks, suspicious behavior monitoring, authenticity score, GDPR consent
Communication data: correspondence by email, feedback and complaints, reviews and comments left
Purposes of Data Processing:
Processing No. 1 – Contract performance
Purpose: to enable the purchase of CASA FORESINA products.
Personal Data: name, surname, email address, billing address, delivery address (if applicable), phone number, shipping method, products ordered, communication, transactional data.
Legal basis: Contract performance.
Processing No. 2 – Improving customer experience
Purpose: to improve the customer experience.
Personal Data: name, surname, email, billing address, delivery address (if applicable), phone number, shipping method, products ordered, technical information, order data, behavioral and marketing data, security data, browsing and connection data.
Legal basis: Legitimate interest.
Processing No. 3 – Invoicing
Purpose: management of payments benefiting FORESINA SAS.
Personal Data: name, surname, email, billing address, delivery address (if applicable), phone number, shipping method, products ordered, communication, transactional data.
Legal basis: Contract performance and legal obligation.
Processing No. 4 – Promotion of FORESINA SAS services
Purpose: promoting FORESINA services to its Users.
Personal Data: name, surname, email address.
Legal basis: Legitimate interest.
Processing No. 5 – Newsletter
Purpose: informing FORESINA SAS clients about company news.
Personal Data: name, surname, email address.
Legal basis: Legitimate interest.
3. Security and Confidentiality Measures
FORESINA SAS is committed to preserving the quality, confidentiality, and integrity of Users’ personal and confidential Data. It implements all technical and organizational measures to ensure the security of personal data processing and the confidentiality of personal information.
To this end, FORESINA SAS takes all necessary precautions, considering the nature of the Data and the risks involved, to prevent it from being altered, damaged, or accessed by unauthorized third parties (physical protection of premises, authentication processes with personal and secure access via confidential identifiers and passwords, logging of connections, encryption of certain Data, etc.).
FORESINA SAS maintains physical, electronic, software, and procedural safeguards in connection with the collection, storage, and disclosure of Users’ personal information. Security procedures may require FORESINA SAS to ask the User to verify their identity before personal information is disclosed. Individuals with access to personal Data are bound by confidentiality obligations.
However, despite its best efforts, FORESINA SAS cannot guarantee the infallibility of such protection against any errors that may occur during the transmission of personal Data, due to the inherent risks of internet transmission beyond reasonable control.
4. Disclosure of Data to Third Parties
Data will never be disclosed to third parties except in the cases provided for by this Policy. Personal Data may be disclosed to a third party if FORESINA SAS is legally required to do so, or if such disclosure is necessary in connection with a judicial request or legal proceedings.
5. Who Has Access to the Data?
Within the limits of their responsibilities and for the purposes listed above, the main persons likely to have access to Users’ Data are FORESINA SAS employees responsible for providing services.
To perform these tasks and facilitate Data processing, particularly in terms of analytics, FORESINA SAS relies on several subcontractors, including OVH France as hosting provider and SHOPIFY.
These subcontractors are required to process requests in accordance with this Policy. They are not authorized to sell or disclose Data to other third parties.
6. Data Transfers Outside the European Union
FORESINA SAS undertakes to comply with applicable regulations concerning data transfers to foreign countries, in particular as follows:
FORESINA SAS transfers Users’ personal Data only to countries recognized by the CNIL as providing an adequate level of protection.
When FORESINA SAS transfers Users’ personal Data outside countries recognized by the CNIL as adequate, such transfers are carried out in compliance with GDPR standards and the French Data Protection Act.
7. Data Retention
FORESINA SAS retains Data, for each of the processing activities set out in this Policy, only for the time necessary to achieve the intended purpose.
Processing No. 1 – Contract performance → retention during the contractual relationship + 5 years after termination.
Processing No. 2 – Improving customer experience → retention during the contractual relationship or until objection (opt-out).
Processing No. 3 – Invoicing → retention for 10 years from the closing of the fiscal year to which the invoices relate.
Processing No. 4 – Promotion of FORESINA services → retention for FORESINA SAS clients during the contractual relationship + 3 years; for non-clients, 3 years.
Processing No. 5 – Newsletter → retention for FORESINA SAS clients during the contractual relationship + 3 years; for non-clients, 3 years.
8. Cookie Policy
8.1. Use of Cookies
To enable Website Users to benefit from the services offered, the Website uses cookies. On each first visit, an information banner informs Users that browsing data may be stored in files called “cookies”.
What is a cookie and what is its purpose?
When visiting the Website, browsing information from the User’s device (computer, tablet, smartphone, etc.) may be recorded in text files called “Cookies”, installed on their browser. Cookies are used to recognize the User’s browser during the cookie’s validity period. Only the issuer of the relevant cookie can access or modify the information contained therein.
Cookies placed by FORESINA SAS allow, among others:
maintaining normal Website functionality,
remembering form information or service selections (e.g. registration, account login),
saving display preferences (language, layout, operating system, etc.),
enabling access to reserved/personal spaces such as the personal account,
implementing security measures.
Third-party cookies may also be placed via the Website (analytics tools, audience measurement providers, etc.). Their use is subject to their own privacy policies. Users may at any time disable such cookies.
Analytics cookies help FORESINA SAS monitor traffic, generate statistical data on Website usage, and improve performance and ergonomics.
Cookie management requires prior, clear, and positive consent by the User, except for technical cookies strictly necessary for Website operation. Consent can be modified at any time via the “Cookie management” link on the Website.
9. Purposes of Collected Cookies
(Here you would list the essential cookies, functional cookies, performance cookies, targeting cookies, as already provided in the French version. For clarity, the exact table can be reproduced in English with columns: NAME / TYPE / PROVIDER / PURPOSE / RETENTION.)
Additionally:
Google Analytics is used to analyze site usage.
Google Ads is used for personalized advertising, based on user interactions, behavior, and preferences.
10. User Rights
Whenever FORESINA SAS processes Personal Data, reasonable steps are taken to ensure that the Data is accurate and relevant to the purposes pursued.
In accordance with the amended French Data Protection Act of January 6, 1978, and the EU General Data Protection Regulation (GDPR) of April 27, 2016, Users (and all data subjects) have the following rights:
Right of access (Art. 15 GDPR)
Right to rectification (Art. 16 GDPR)
Right to erasure (Art. 17 GDPR)
Right to restriction of processing (Art. 18 GDPR)
Right to object (Art. 21 GDPR)
Right to data portability (Art. 20 GDPR)
Right to lodge a complaint with the CNIL
Right to withdraw consent at any time (where processing is based on consent)
Exercising rights:
Users may exercise these rights by contacting the Data Controller by email at info@casaforesina.com or by post at:
FORESINA SAS, 8 Rue de l’Industrie – 67114 Eschau, France, indicating their customer number or online account.
FORESINA SAS may request proof of identity (e.g., a copy of an ID) in case of doubt.
