BRUME GALLERY
BRUME GALLERY
Privacy Policy
Introduction
This Privacy Policy explains how La Galerie Brume collects, uses, and protects personal data in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and other applicable data protection laws.
By using this website, you agree to the practices described below.
2. Data Controller
The data controller is La Galerie Brume
+33(0) 7 49 36 13 82 / 102 rue Saint-Léonard 14600, Honfleur
3. Personal Data Collected
We may collect the following categories of personal data:
Identification and contact details (name, email, telephone),
Browsing data (IP address, cookies, log data),
Information provided voluntarily through contact forms or newsletter subscriptions.
4. Purpose of Processing
Personal data is collected and processed for the following purposes:
Responding to inquiries via contact forms,
Sending newsletters and updates (if you subscribe),
Improving the browsing experience and website functionality,
Compliance with legal obligations.
5. Legal Basis for Processing
Processing is carried out on the following legal grounds:
User consent (newsletter subscription, contact forms),
Legitimate interest (website security, prevention of fraud),
Legal obligations (record keeping, regulatory compliance).
6. Data Retention
Personal data will be retained only as long as necessary for the purposes for which it was collected, and in accordance with applicable legal obligations.
7. Data Sharing
Personal data will not be sold or rented.
Data may be shared with service providers strictly necessary for website operation (hosting, mailing systems), under contractual obligations ensuring GDPR compliance.
8. User Rights
In accordance with GDPR, users have the following rights:
Right of access to personal data,
Right of rectification,
Right to erasure (“right to be forgotten”),
Right to restrict or object to processing,
Right to data portability.
To exercise these rights, please contact: [Insert email address].
9. Security Measures
La Galerie Brume implements technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction.