Privacy Policy
Last updated: [date]
The protection of your personal data is a priority for Manga District. This policy describes what data we collect, why we collect it, and what your rights are, in accordance with the General Data Protection Regulation (GDPR) and the French Data Protection Act (Loi Informatique et Libertés).
🔒 Your data is never resold. It is only used to process your orders and improve your experience.
Data Controller
The data controller is [company name or first/last name], [legal form], with its registered office at [full address] — SIRET: [SIRET number].
Contact: [contact email address] or via our contact page.
Data Collected
- Identity and contact data: name, first name, email address, telephone number, shipping and billing address — collected when creating an account or placing an order.
- Order data: products purchased, order history, and order amount.
- Payment data: processed exclusively by our secure payment providers (Shopify Payments, PayPal…). Manga District never has access to your credit card numbers.
- Browsing data: pages visited, device, browser, IP address — via cookies and similar technologies.
Purposes and Legal Basis
- Processing and delivery of your orders (contract performance);
- Customer service and follow-up — responses to your requests, delivery information (contract performance);
- Accounting and tax obligations (legal obligation);
- Shop improvement and statistics (legitimate interest);
- Commercial communications, only if you have consented (consent, withdrawable at any time).
Data Recipients
Your data is only transmitted to the providers necessary for the shop's operation:
- Shopify (shop hosting and order processing);
- Payment providers (Shopify Payments, PayPal…);
- Logistics partners and carriers, who receive your name and address to ship and deliver your orders;
- Emailing and customer service tools, where applicable.
Some of these providers may be located outside the European Union; in such cases, the transfer is governed by appropriate safeguards (standard contractual clauses of the European Commission).
Retention Period
- Customer account data: for the duration of the account's life, then 3 years after the last contact;
- Order and billing data: 10 years (legal accounting obligation);
- Browsing data / cookies: 13 months maximum.
Cookies
Cookies are used to ensure the proper functioning of the site (cart, session), measure audience, and, with your consent, personalize your experience. You can configure your browser at any time to refuse non-essential cookies.
Your Rights
In accordance with the GDPR, you have the following rights regarding your data: right of access, rectification, erasure, restriction of processing, data portability, and objection, as well as the right to define directives concerning the fate of your data after your death.
To exercise these rights, contact us at [contact email address] or via our contact page. We will respond within one month.
If you believe your rights are not being respected, you can lodge a complaint with the CNIL (www.cnil.fr).
Security
All transactions are encrypted (SSL/TLS protocol) and our providers comply with industry security standards (PCI-DSS standard for payments). We implement appropriate technical and organizational measures to protect your data against unauthorized access.
Changes to this Policy
We may update this policy at any time, particularly in the event of legal developments or changes to our services. The last update date is shown at the top of this page.