Delivery area & language

Location selection allows Jérôme Dreyfuss to deliver to you the best services with respect to your localisation.

Country :
Language :

Privacy policy

1. Purpose and scope of the policy

JEROME DREYFUSS attaches the greatest importance and care to the protection of privacy and personal data, as well as to the respect of the provisions of the applicable Legislation.

The General Data Protection Regulation (EU) 2016/679 (hereinafter "GDPR") states that Personal Data must be processed lawfully, fairly, and transparently. Thus, this privacy policy (hereinafter the "Policy") aims to provide you with simple, clear information on the Processing of Personal Data concerning you, in the context of your browsing and the operations carried out on our website.

2. Data Controller

In the course of your activity on the website, we collect and use personal data relating to you, an individual (hereinafter "Data Subject").

For all the Processing activities, The Jérôme Dreyfuss website – SARL108 is a Limited Liability Company with a share capital of € 100,000, registered with the Trade Register of Paris under number 501 408 173 00059, whose registered office is located at 31 rue Charlot, 75003 Paris, FRANCE, determines the means and purposes of the Processing. Thus, we act as a Controller, within the meaning of the Regulation on Personal Data, and in particular Regulation (EU) 2016/679 on the protection of individuals with regard to the Processing of Personal Data and on the free movement of such Data.

3. Quelles Données à caractère personnel collectons-nous et comment ?

By using our website, or when you contact our customer service, you provide us with a certain amount of information about yourself, some of which may identify you ("Personal Information"). This is the case when you fill in online forms, when you contact our customer service or simply when you place an order.

The nature and quality of the Personal Data collected about you will vary depending on the relationship you have with JEROME DREYFUSS, the main ones being:

-        Identification data: This includes all information that would allow us to identify you, such as your name, first name, telephone number. We may also collect your e-mail address, as well as your postal address, your delivery address and your billing adress (in case of payment, the postal address will be necessary to generate an invoice).

In case of subscription, a proof of identity may also be requested.

-        Authentication data: This is all the information we need to access your personal account, such as password, and other information necessary to authenticate and access an account.

We also collect your IP address for maintenance and statistical purposes.

-        Financial data: this corresponds to banking data such as bank details.

-        Documents of different kinds (PDF, Microsoft Office, Image) with titles, contents, folder names, or information related to a document, such as comments written in the documents, alert and reminder dates. In the event of a dispute, you may also be asked to provide proof of identity and a handwritten sworn statement.

-        Browsing information: by browsing our website, you interact with it. As a result, some information about your browsing is collected.

4. Why do we collect your Personal Information and how?

We collect your Personal Data for specific purposes and on different legal grounds.

In the context of the execution of the contract or pre-contractual measures, your Data is processed for the following purposes:

-        Order management, purchasing.

-        Contract management.

-        Management of your customer account.

-        Management of your customer service requests.

-        Complaints and after-sales service management.

-        Management of your requests linked to your personal data.

-        Management of purchases delivery.

-        Management of web order returns.

-        Management of complains link with our carriers

On the basis of your consent, your Data is processed for the following purposes:

-        Carrying out commercial and marketing prospecting operations.

-        Transmission of your Data to our commercial partners.

-        Management of the newsletter.

-        Management of cookies requiring your consent.

-        Management of customers events.

-        Invitation to special sales from our partners (Arlettie).

In the framework of the legitimate interest of JEROME DREYFUSS, your Data are processed for the following purposes:

-        Establishment of statistics for the improvement of products and services.

-        Customer journey and customer lifecycle analysis.

-        Carrying out satisfaction surveys and polls.

-        Management of pre-litigation and litigation.

Within the framework of the legal and regulatory obligations to which JEROME DREYFUSS is subjected, your Data are processed for the following purposes:

-        Fight against Fraud.

-        Fight against money laundering and the financing of Terrorism.

-        General and auxiliary accounting.

5. Do we share your personal data?

Your Data are intended for the authorized JEROME DREYFUSS collaborators in charge of the management and the execution of the contracts and legal obligations, according to the purposes of the collection and within the limits of their respective attributions. 

It may be transmitted for certain tasks related to the purposes, and within the limits of their respective missions and authorizations, to the following recipients:

-        Entities of the JEROME DREYFUSS Group within the framework of an outsourcing of activity to another entity of the group.

-        Service providers and subcontractors that we use to carry out a range of operations and tasks on our behalf, including :

o Provider of payment services and fraud protection: Alma, Adyen, Paypal

o Logistics provider: Nippon Express

o Transport service provider: Colissimo, DHL, Chronopost

o Third parties providing IT services: Antadis, Code4IS, Superspace

-        Commercial partners only when you have expressly consented to this through a checkbox on our Data collection forms.

-        Jérôme Dreyfuss Vintage with our partner FAUME

-        Duly authorized public authorities (judicial, control...), in the framework of our legal and regulatory obligations.

-        Regulated professions (lawyers, bailiffs, etc...) who may intervene in the context of the implementation of guarantees, collection or litigation.

When your Data is provided to our service providers and subcontractors, they are also required not to use the Data for purposes other than those originally intended. We make every effort to ensure that these Third Parties maintain the confidentiality and security of your Data.

In all cases, only the necessary Data is provided. We make every effort to ensure the secure communication or transmission of your Data.

We do not sell your Data.

6. Is your Personal Data transferred to third countries?

JEROME DREYFUSS strives to keep the Personal Data in France, or at least within the European Economic Area (EEA).

However, it is possible that the Data we collect when you use our platform or services may be transferred to other countries. This is for example the case if some of our service providers are located outside the European Economic Area.

In the event of such a transfer, we guarantee that it will be carried out:

-        To a country ensuring an adequate level of protection, i.e. a level of protection equivalent to what the European Regulations require.

-        Within the framework of standard contractual clauses.

-        Within the framework of internal company rules.

7. How long do we keep your Personal Data?

We retain your Personal Data only for as long as is necessary to fulfill the purpose for which we hold the Data and to meet your needs or our legal obligations.

Retention times vary depending on several factors, such as:

-        JEROME DREYFUSS business needs.

-        Contractual requirements.

-        Legal requirements.

-        Recommendations from regulatory authorities.

The retention periods for your Data are as follows:

  • Order management, purchasing: 5 years from the date of the first purchase
  • Contract management: For the duration of the contract, then 5 years
  • Management of your customer account: 5 years from the date of creation of the customer account
  • Management of your customer service requests: For the duration of the contractual relationship, then 5 years
  • Complaints and after-sales service management: For the duration of the contractual relationship, then 5 years
  • Management of your requests to exercise a right: For requests to exercise rights under the RGPD, data is kept for the duration of the processing of your request and then a further 6 years
  • Management of purchases delivery and web order returns: For the duration of the contractual relationship, then 5 years
  • Management of complains link with our carriers: For the duration of the contractual relationship, then 5 years
  • Carrying out commercial and marketing prospecting operations: 3 years
  • Transmission of your Data to our commercial partners: 3 years
  • Newsletter management: 3 years
  • Management of cookies requiring your consent: 6 months
  • Management of customer events and invitations to partner sales (Arlettie): 1 year following the end of the event then 3 years from the last contact
  • Establishment of statistics for the improvement of products and services: For as long as is necessary to achieve the purpose of the statistics or until you exercise your right to object.
  • Customer journey and customer life cycle analysis: For the entire duration of the commercial relationship.
  • Carrying out satisfaction surveys and polls: For as long as is necessary to achieve the objective of the survey or until the right to object is exercised or consent withdrawn.
  • Management of pre-litigation and litigation: 5 years
  • Fight against Fraud: 5 years
  • Fight against money laundering and the financing of Terrorism: 5 years
  • General and auxiliary accounting: 10 years
  • Invoicing management: 10 years

8. How do we ensure the security of your Personal Information?

JEROME DREYFUSS is committed to protecting the Personal Data we collect, or that we process, from loss, destruction, alteration, unauthorized access, or disclosure.

Thus, we implement all appropriate technical and organizational measures, depending on the nature of the Data and the risks that their Processing entails. These measures must preserve the security and confidentiality of your Personal Data. They may include practices such as limited access to Personal Data by persons authorized by their functions, pseudonymization or encryption.

In addition, our practices, and policies and/or physical and/or logical security measures (secure access, authentication process, backup, software, etc.) are regularly reviewed and updated as necessary.

9. What are your rights?

The GDPR provides Data Subjects with rights that they can exercise. Thus, are provided:

  1. Right to information: the right to have clear, precise, and complete information on the use of Personal Data by JEROME DREYFUSS.
  2. Right of access: the right to obtain a copy of the Personal Data that the Data Controller holds on the applicant.
  3. Right to rectification: the right to have Personal Data rectified if they are inaccurate or obsolete and/or to complete them if they are incomplete.
  4. Right to erasure / right to be forgotten: the right, under certain conditions, to have the Data erased or deleted, unless JEROME DREYFUSS has a legitimate interest in keeping it.
  5. Right of opposition: the right to object to the Processing of Personal Data by JEROME DREYFUSS for reasons related to the particular situation of the applicant (under conditions).
  6. Right to Withdraw Consent: the right at any time to withdraw Consent where Processing is based on Consent.
  7. Right to restriction of processing: the right, under certain conditions, to request that the Processing of Personal Data be temporarily suspended. 
  8. Right to Data Portability: the right to request that Personal Data be transmitted in a reusable format that allows it to be used in another database.
  9. Right to Avoid Automated Decision-Making: the right of the applicant to refuse fully authorized decision-making and/or to exercise the additional safeguards offered in this regard.
  10. Right to define post-mortem directives: the right for the applicant to define directives concerning the fate of Personal Data after his/her death.

Additional rights may be granted by the Local Regulations to affected Persons.

To this end, JEROME DREYFUSS has implemented a procedure for the management of individuals’ rights in accordance with the requirements of the applicable Legislation. This procedure establishes:

-        The standards to be respected to ensure the transparent information of the data subject

-        Legal requirements that must be met

-        The authorized means of applying for each right, depending on the category of Persons concerned

-        The business processes for handling these requests in accordance with the above requirements

-        The stakeholders involved in these processes, their roles and responsibilities.

To exercise your rights, you may contact the Data Protection Officer (DPO):

When you send us a request to exercise a right, you are asked to specify as far as possible the scope of the request, the type of right being exercised, the Personal Data Processing concerned, and any other useful information, in order to facilitate the examination of your request. In addition, in case of reasonable doubt, you may be asked to prove your identity.

You also have the right to complain to the Commission Nationale de l'Informatique et des Libertés (CNIL), 3 Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07, about the way in which JEROME DREYFUSS collects and processes your data.

10. Updating of this policy

This Policy may be updated from time to time to reflect legal and regulatory changes.

Date of last update the 15th of March 2024.