Privacy and

Cookies Policy

Last update date: 13/09/2023

www.moto-tour-inde.com, is a site owned by Narmada Gopala Private Limited registered in India under number U74999RJ2021PTC075077 (hereinafter referred to as the “Data Controller“). www.moto-tour-inde.com is greatly concerned about the privacy of your personal data as Users who visit our Online Shop and request the services we provide. For this reason, we, thewww.moto-tour-inde.comOnline Shop,strive to respect your rights set out in the General Data Protection Regulation 2017/679 (GDPR) and the ePrivacy Directives of the European Parliament and the Council.

Article 1 – Definitions

1. “Personal data” or “personal data“means any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”); an “identifiable natural person” is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity;
§2 “processing“means any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
§3 “controller“means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing; where the purposes and means of such processing are determined by Union law or by the law of a Member State, the controller may be designated or the specific criteria applicable to his designation may be laid down by Union law or by the law of a Member State;
§4 “processor” means the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
§5. “recipient” means the natural or legal person, public authority, department or other body which receives personal data, whether or not it is a third party. However, public authorities 4.5.2016 L 119/33 Official Journal of the European Union EN which are likely to receive communication of personal data in the context of a particular investigative task in accordance with Union law or the law of a Member State are not considered recipients; the processing of such data by the public authorities in question complies with the applicable data protection rules according to the purposes of the processing;
§5 “consent” of the data subject means any free, specific, informed and unambiguous expression of will by which the data subject accepts, by a declaration or by a clear positive act, that personal data concerning him or her may be processed;
§6. “personal data breach” means a breach of security resulting in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to personal data transmitted, stored or otherwise processed;
§7 “cookie“, a cookie is a text file automatically saved in the browser of any User when visiting a website. This text file may contain personal data and/or information relating to the User’s navigation.

Article 2 – Purpose

The purpose of this Privacy and Cookie Policy (hereinafter the “ Policy “) is to define the procedures for collecting, storing, processing and deleting the personal data (hereinafter ” personal data “) of any individual (hereinafter the ” User “) who, in the context of a strictly personal or domestic activity, simply uses or browses this Boutique en ligne..

The Data Controller assures the User that it implements all necessary means to ensure compliance with the provisions of the General Data Protection Regulation 2017/679 of the European Parliament and of the Council dated 14 April 2016 by ensuring compliance with retention periods, the need to collect the personal data, and the confidentiality of the personal data collected (hereinafter the ” Regulation ” or the ” GDPR »).

Article 3 – User consent

This Policy must be read and accepted by all Users visiting the Online Shop. By clicking on the “read and accepted” box referring to this Policy when entering the Online Shop, the User acknowledges that he/she has read it and gives his/her free, informed and unambiguous consent to the processing of his/her personal data.

The User may, at any time and without justification or prejudice, withdraw his/her consent to this Privacy and Cookie Policy. The User may exercise his/her right to withdraw consent to this Policy by notifying the Data Controller at the following e-mail address: [email protected].

This withdrawal of consent will take effect at the time the Data Controller receives notification of the User’s withdrawal of consent.

Article 4 – Collected data

In the context of visiting and using the Online Shop, certain personal data of Users may be collected by www.moto-tour-inde.com, in its capacity as Data Controller, or by one or more subcontractors acting in the name of and on behalf of the Data Controller.

§1 – Means of collection

The User’s personal data is collected in the following ways:

When communicated by the User

By filling in the reservation form or newsletter registration form on the Online Shop.

By automated collection

During the User’s browsing of the Online Shop, the Data Controller automatically records certain information relating to the User’s preferences and use of the Online Shop. Cookies are used during the User’s browsing of the Online Shop to collect this information automatically.

§2 – Type of data collected

The personal data that may be collected are :

the User’s e-mail address
the User’s surname, first name, postal address and telephone number
The User’s payment information
the User’s order history on the Online Shop
-The User’s browsing preferences on the Online Shop.

§3 – Data recipients

The recipients of personal data are:

The Data Controller;
Internal employees of the Data Controller acting on its behalf;
Any legally or administratively authorized person (e.g. judicial authorities);
The following subcontractors of the Data Controller:

Function	Subcontractor
Website host	O2Switch, 222-224 Boulevard Gustave Flaubert, 63000 Clermont-Ferrand, FRANCE – RCS Clermont Ferrand 510 909 807
Website data analysis	Google Ireland Limited – RCS Dublin 368047

Article 5 – Data processing

1 – Legal basis for processing

The processing of Users’ personal data via the Online Shop must necessarily be justified by one of the conditions set out in Article 6 §1 of the Regulation. In accordance with the Regulations, Users’ personal data will only be processed if one of the following conditions is met:

The User has given his/her consent: the User concerned has consented to the processing of his/her personal data for one or more specific purposes;

The performance of the contract requires it:processing is necessary for the performance of a contract to which the User concerned is a party or for the performance of pre-contractual measures taken at the User’s request;

Compliance with the law requires it: processing is necessary to comply with a legal obligation to which the data controller is subject;

A legitimate interest justifies it:processing is necessary for the purposes of the legitimate interests pursued by the data controller or by a third party, unless the interests or fundamental rights and freedoms of the User concerned require protection of personal data, in particular where the User concerned is a minor.

2 – Data processing purposes and retention periods

In accordance with Article 13 of the Regulation, the reason and duration for storing and processing personal data must be justified by a valid purpose, in addition to one of the legal bases listed above.

Purpose of processing	Legal basis	Retention period	Archiving
Commercial prospecting by the Data Controller	Consent	3 years from the date of communication by the User	N/A
Order management and payment, access to dematerialized content and billing	Contract performance	3 years from the date of communication by the User	5 years
Fraud prevention	Legitimate interest	3 years from the date of communication by the User	5 years
Accounting and tax obligations	Compliance with applicable laws	3 years from the date of communication by the User	7 years
Facilitating the User’s navigation and promoting products/services related to the User’s preferences	Consent	13 months from the date advertising cookies are deposited on the User’s browser	N/A

Article 6 – Data protection measures

In accordance with Article 5 and Article 32 of the Regulation, the Data Controller is under an obligation to guarantee the security of Users’ personal data that it stores and processes.

The Data Controller maintains a register of all personal data collected from Users. The Data Controller affirms that it implements all necessary security measures to protect the User’s personal data contained in this register and to avoid any violation of the User’s personal data.

To this end, the Data Controller asserts to Users that it has undertaken a study of the risks associated with the storage and processing of Users’ personal data in order to implement adequate security measures as follows:

Allowing pseudonymization and encryption of the User’s personal data;
By implementing means to guarantee the confidentiality, integrity, availability and resilience of processing systems and services;
Implementing means to restore availability and access to personal data within an appropriate timeframe in the event of a physical or technical incident;
By guaranteeing the use of a procedure aimed at regularly testing, analyzing and evaluating the effectiveness of technical and organizational measures to ensure the security of processing.

The Data Controller transfers personal data outside the European Union (India) and assures Users that the data it holds and processes is stored securely on a password-protected operating system.

In the event of a breach of the User’s personal data, the Data Controller undertakes to notify the competent supervisory authority of the breach within 72 hours in accordance with Articles 33 and 34 of the Regulation.

Article 7 – Cookies

1 – Purpose of using cookies

As explained above, a cookie is a text file automatically stored in the User’s browser when visiting a website. This text file may contain personal data and/or information relating to the User’s navigation.

The sole purpose of the cookies used on the Online Shop is to improve your browsing experience as a User. The cookies used facilitate your browsing by storing some of your personal data when you access and browse the Online Shop. Three types of cookies are used on the Online Shop, their purpose varying according to their type:

Functional cookies: these cookies are used to remember your data entered during authentications or searches carried out on the Shop.
Advertising cookies: these cookies make it possible to identify the consumption and search habits and preferences of Users in order to offer them advertising content in line with their personal preferences.
Security cookies: these cookies ensure the security of Users’ personal data by guaranteeing the encryption of data contained in other cookies.
2 – Cookies used, lifetime and function

Each cookie used in the Online Shop is identified by a name. Each cookie has a lifetime, i.e. a period of time after which it disappears and ceases to be active, forgetting any personal data it stored. Each cookie also has a function, i.e. a purpose that justifies its installation on the Online Shop.

Here is the list of cookies used on the online shop with their name, lifetime and function:

Cookie name	Service life	Function	Supplier
cookiefirst-id	Persistent	Determines whether the user has accepted the cookie consent box.	consent.cookiefirst.com
CookieConsent	1 year	Stores the user’s cookie consent status for the current domain	moto-tour-inde.com
o2s-chl	1 day	This cookie is used to distinguish between humans and robots.	moto-tour-inde.com
wc_cart_hash_#	Persistent	Saves items selected by the user in the shopping cart for future visits to the online shop.	moto-tour-inde.com
wc_fragments_#	Session		moto-tour-inde.com
callbell_uid	1 year	Stores a unique ID string for each chat-box session. This allows the website-support to see previous issues and reconnect with the previous supporter.	moto-tour-inde.com
wp-wpml_current_language	Session	Designates the country code that is calculated based on the user’s IP address. Used to determine what language should be used for the visitor.	moto-tour-inde.com
visit	Session	Assigns a specific ID to the visitor. This allows the website to determine the number of specific user-visits for analysis and statistics.	analytics.callbell.eu
_ga	2 years	Registers a unique ID that is used to generate statistical data on how the visitor uses the website.	moto-tour-inde.com

3 – Managing cookies: activation and deactivation

It is possible for the User to manage Cookies on the browser he/she is using at any time. The User can activate or deactivate them at any time. The means of managing cookies depends on each browser. To make it easier for Users to manage their cookies, below is an explanatory guide to managing cookies on the main browsers used by Users:

Google chrome : https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDesktop&hl=fr

Safari : https://support.apple.com/fr-fr/guide/safari/sfri11471/mac

Mozilla Firefox : https://support.mozilla.org/fr/kb/activer-ou-desactiver-les-cookies on-firefox-for-android

Internet explorer : https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies

Article 8 – Users’ rights

The User has the right to ask the Data Controller for access to his/her personal data, for the rectification or deletion thereof, or for a limitation of the processing relating to the User concerned, or the right to object to the processing and the right to data portability.

Users have the right to withdraw their consent to the processing of their personal data at any time. This withdrawal of consent will take effect when the Data Controller receives notification of the User’s withdrawal of consent.

The User has the right to lodge a complaint regarding the Data Controller https://www.cnil.fr/frwith its relevant National Supervisory Authority. https://www.economie.gouv.fr/dgccrf.

The User may also exercise the rights set out above in relation to this Policy by notifying the Data Controller at the following e-mail address: [email protected].