Art Gallery AR is a mobile app and an e-commerce site accessible via the links below:
- Website: https://artgalleryar.com
- iOS App: https://apps.apple.com/us/app/augmented-wall-art/id1565390964
- Android App: https://play.google.com/store/apps/details?id=com.artgalleryar.app
It is published by the company NEXDNA SAS, whose registered office is 48 rue du Poteau, 75018 Paris, France, registered with the Paris Trade and Companies Register under number 821 077 732.
Through the site www.artgalleryar.com, the NEXDNA company offers for sale augmented prints and their associated services.
NEXDNA SAS - Art Gallery AR
48 rue du Poteau,
75018 Paris, France
Phone: + 33 (0) 767 88 49 72
RCS PARIS: 821 077 732
The site accessible by the following url: https://artgalleryar.com is operated by NEXDNA SAS in compliance with French law. Use of this site is governed by these terms and conditions. By using the site, you acknowledge having read and accepted these conditions. These can be modified at any time and without notice by the company. Art Gallery AR and its owner company NEXDNA SAS can in no way be held responsible for the misuse of its services.
To all our users in the European Economic Area (“EEA”), the processing of your personal data is in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, known as the General Data Protection Data Regulation (“GDPR”).
We are committed to recognising and respecting your privacy rights by keeping you informed and processing and protecting your personal data in compliance with applicable law.
LIMITATION OF LIABILITY
The information contained on this site is as accurate as possible and the site is periodically updated, but may however contain inaccuracies, omissions or gaps. If you notice a gap, an error or what seems to be a malfunction, please let us know by email (email@example.com) describing the problem as precisely as possible (problematic page, triggering action, type of computer and browser used, etc.).
§ 1. INFORMATION RELATING TO THE COLLECTION OF PERSONAL DATA
(1) This page informs you about the use of personal data collected on our website. Personal data includes all data concerning you directly, such as your name, your address, your email addresses and your preferences and consumption habits.
We also inform you about data processing when using our mobile applications that you can download from our website (see § 7).
(2) According to the European Data Protection Regulation (GDPR) art. 4 para. 7, Art Gallery AR, which is operated by NEXDNA SAS, 48 rue du Poteau, 75018 Paris, France, firstname.lastname@example.org is legally responsible.
External Data Protection Officer:
NEXDNA SAS, 48 rue du Poteau, 75018 Paris, France, email@example.com.
You can contact our Data Protection Officer by email at: firstname.lastname@example.org.
(3) When you contact us by email or by means of a contact form, we store the data that you transmit to us in order to answer your questions. The data thus collected are then erased when their retention is no longer necessary, or failing that, we restrict their use when we are legally obliged to keep them.
(4) In the event that part of our service offer requires us to use third-party service providers, or if we wish to use your data for advertising purposes, we will inform you in detail about the corresponding procedures. Finally, we also specify the conditions relating to the retention period of your data.
§ 2. YOUR RIGHTS
(1) You have the following rights regarding the personal data concerning you:
- Permission to access,
- Right of rectification or right to erasure (“right to be forgotten”),
- Right to restriction of processing,
- Right of opposition,
- Right to data portability.
(2) You also have the right to complain to an independent supervisory authority about the use we make of the data concerning you.
§ 3. COLLECTION OF PERSONAL DATA
(1) When you simply browse our website, i.e. without identifying yourself or transmitting any other information to us, we only collect the personal data provided to our server by your Internet browser. When you wish to consult our website, it is necessary for us to collect the following data, for technical reasons, in order to provide you with a stable and secure service (art. 6 al. 1 p. 1 point f of the GDPR):
- IP adress
- Date and time of the request
- Time zone offset from the Greenwich meridian (GMT)
- Content of the request (page requested)
- Access status / HTTP status code
- Amount of data transmitted
- Website of origin of the request
- Operating system and interface
- Language and version of the navigation software.
(2) In addition to the collection of the aforementioned data, the use of our website results in the storage of cookies on your computer. Cookies are light textual data stored on your hard drive by your dedicated Internet browser, which allow their issuer (in this case us) to transmit targeted information. Cookies can in no way access your programs or be vectors of viruses on your computer. In general, they contribute to making your browsing experience more pleasant and efficient.
a) This website uses the following types of cookies, the nature and operation of which are explained below:
- Transient cookies (see b)
- Persistent cookies (see c).
b) Transient cookies are automatically deleted when you close your browser. The most common transient cookies are session cookies. The latter keep in memory a session identifier allowing your browser to classify the different requests belonging to the same session. This allows your computer to be recognised when you return to our website. These so-called “session” cookies are deleted when you close your session or your browser.
c) Persistent cookies have a set expiry date which may vary for each cookie, on which they are automatically deleted. You can manually delete them at any time in your browser's security settings.
TYPE OF COOKIES
These cookies are strictly necessary for the website to function as intended. This includes enabling pop-ups and help features, facilitating payments and transactions, and navigation and basic operation of the website.
These cookies are used to provide a personalised user experience and to inform us about how we can improve our website. Features like language preferences, dynamic forms, and record remembering fall into this category. These cookies also allow you to share on other social media sites.
We do not use any marketing cookies at this time and simply rely on users' direct actions when they visit our platform.
Additionally, we do not sell your personal information to third parties.
COOKIES USED ON OUR PLATFORM
- Website engine
- Google Analytics
- No cookies
§ 4. USE OF OUR ONLINE SHOP AND PERSONALISED OFFERS
(1) When you wish to place an order in our online store, it is imperative that you provide your personal data so that we can manage your order. Fields necessary to complete your order are marked as mandatory, while additional fields are optional. We use the data you provide to us to fulfill your order. This data allows us to transmit your payment information to our bank. This policy of use of your data is established according to art. 6 para. 1 p. 1 point b of the GDPR.
You can if you wish create a customer account by means of which we store your payment information for your future orders. The information provided when creating your account in the "My Account" section is stored on a revocable basis. You can delete all of your personal data, including your user account, from your customer area at any time.
(2) We process your data in order to improve our offers and ensure that they are personalised and appropriate to your needs. This policy is in accordance with art. 6 para. 1 p. 1 point f of the GDPR.
If you are not subscribed to the newsletter, please note that you will receive information by e-mail on products similar to those you have ordered. You can opt out of receiving these emails at any time by unsubscribing using the link at the bottom of each email you receive or by emailing email@example.com
We inform you that we can occasionally analyse your consumption habits, especially when we distribute our newsletter. This analysis is done using the "web-beacons" contained in our emails, such as "Tracking-pixel". These take the form of pixel-sized image files and are stored on our website. For our analyses, these web-beacons, as well as the other data collected and detailed in § 3 are linked to your email address and an individual identifier.
The data thus collected may be used to establish a user profile in order to target your personal interests in a relevant way. This data is associated with the actions you perform on our website in order to adapt our offer to your needs. This policy is in accordance with art. 6 para. 1 p. 1 point f of the GDPR.
You can object to this evaluation of your user behavior at any time by clicking on the link provided in each e-mail or by informing us of your objection via other means. The information is stored until you manifest yourself in writing. Then we store the data purely statistically and anonymously.
Furthermore, an evaluation of your user behaviour is not possible if you have deactivated the display of images in your default e-mail program. In this case, the email will not be displayed completely and you may not be able to use all the features. If you display the images manually, the evaluation described above will take place.
(3) We are legally required by the tax code and the commercial code to retain your address, as well as your payment and order information, for a period of ten years. However, we restrict its use after a period of two years. This means that beyond the first two years, your data is kept only by legal obligation.
(4) In order to prevent access to your personal data, and in particular your financial information, by undesirable third parties, the payment procedure is secured by the SSL encryption protocol.
§ 5. EXTERNAL NEWSLETTER SERVICE
(1) For the subscription to our newsletter, we use double opt-in. This means that upon registration, you will receive a confirmation email to the email address you provided, asking you to confirm your wish to subscribe. Without confirmation from you within 24 hours, your information is locked and then automatically deleted after one month. We also store the IP address and time of your registration and your registration confirmation. This allows us to record your registration and to clarify the situation in the event of possible misuse of your data.
(2) To send the newsletter, we only need your e-mail address. The other separately marked fields are optional and we only use them to address you personally. Once your registration has been confirmed, we will keep your email address to send you the newsletter, in accordance with art. 6 para. 1 p. 1 point a GDPR.
(3) You can revoke and terminate your newsletter subscription at any time. Termination can be done by simply clicking on the link provided in each of the newsletters we send, by email to the address firstname.lastname@example.org, or by mail to the contact details located in our "Terms and Conditions".
(4) We inform you that we analyse your consumption habits when we distribute our newsletter. This analysis is done using the "web-beacons" contained in our emails, such as "Tracking-pixel". These take the form of pixel-sized image files and are stored on our website. For our analyses, these web-beacons, as well as the other data collected and detailed in § 3 are linked to your email address and an individual identifier.
§ 6. THIRD-PARTY SERVICES
We use third-party application services such as plug-ins or APIs (Application Programming Interface) for our website to extend its functionality. Here is the list:
You can prevent the use by Google of your data collected using cookies and as part of your navigation on our site by downloading and installing a browser extension available by following this link: http://tools.google.com/dlpage/gaoptout?hl=en.
You can also prevent the collection of your data by Google Analytics by clicking on the link below. This will place an opt-out cookie on your computer preventing any attempt to analyse your data on future visits to our website: Disable Google Analytics.
The legislative framework relating to the use of Google Analytics is detailed in art. 6 para. 1 p. 1 point f of the GDPR (Lawfulness of processing). Our processing is lawful because it meets the need for anonymous analysis of user behaviour on our website for the purpose of improving the presentation of our online offer.
The legislation relating to the use of your data within the framework of the Google APIs service is detailed in art. 6 para. 1 p. 1 point f of the GDPR (Lawfulness of processing). The processing is lawful insofar as it meets our legitimate need to provide a uniform presentation of our service offer, and more generally a presentation of our website that is efficient and impeccable from a technical point of view.
(2) Google AdWords
We occasionally use Google's "AdWords" advertising service. This service allows us to promote our offer on third-party sites. The tool also allows us to assess the effectiveness of our various advertising campaigns. This AdWords information is transmitted by Google to their “Ad Server”. We also use “Ad Server Cookies” (see “Cookies” section) through which we can determine the various parameters involved in the success of an advertising campaign. Personally, we do not collect or use data from these advertising campaigns. We only use the statistical evaluations made available by Google. These evaluations allow us to determine which of our advertising campaigns are particularly effective. We do not have access to any other information relating to the advertising means used, and under no circumstances can we identify you using this information.
However, when using these marketing tools, your browser automatically establishes a direct connection to a Google server. We have no influence on this interaction or on any subsequent use of your data collected by this Google tool. Also, we communicate to you all the information that we are able to give you: by means of the integration of AdWords, Google obtains the information that you transmit by browsing our website or by clicking on one of our announcements. As long as you are identified with a Google service, Google can access the information resulting from browsing from your user account. Even if you are not identified with a Google service (i.e. on our website), it is still possible that the service provider in question accesses your IP address and stores it.
Several solutions are available to you if you wish to object to this tracking device:
1. Choose the "Do not accept cookies" setting on your browser (in which case you will not be able to access all the features of our online service).
2. Disable conversion tracking cookies by following this link: https://www.google.fr/settings/ads (this setting is reset when you delete your cookies).
3. Permanently disable cookies on your Firefox, Internet Explorer or Google Chrome browser by following the link: https://support.google.com/ads/answer/7395996?hl=en (in which case you will not be able to access to all the functionalities of our online service).
The legislation relating to the use of your data within the framework of Google AdWords is detailed in art. 6 para. 1 p.1 point f of the GDPR (Lawfulness of processing). The processing is lawful insofar as it meets our legitimate need to place effective advertisements online, which make our site more interesting both for you and for other customers, and allow us to optimise our advertising expenditure.
(3) Google Fonts
Our website uses the third-party font service "Google Fonts" from Google. This service allows us to preserve the integrity and uniformity of the presentation of our website on the different computers of our users, all of which have different configurations. This preservation is done by downloading the different fonts from a remote server, rather than from user terminals. Downloading these different fonts generally requires sending a request to a proprietary Google server located in the United States. Sending this request involves the transmission of the following information to the Google server: which pages of our website have been consulted and the IP address of the terminal used. The legislation relating to the use of your data within the framework of the “Google Fonts” service is detailed in art. 6 para. 1 p. 1 point f) GDPR (Lawfulness of processing). The processing is lawful insofar as it meets our legitimate need to provide a uniform and attractive presentation of our online service offer.
(4) Google reCAPTCHA
Our website uses Google's "Google reCAPTCHA" misuse protection service. reCAPTCHA helps us protect against cyberattacks and other violations by "Bots" (artificial users), by integrating an input field to verify that the browsing attempt comes from a real person. This service allows us to protect ourselves from misuse of our website and to guarantee its stability. For this purpose, the data entered is generally transmitted to a Google server in the United States where the verification is carried out. The information thus entered and transmitted to this server is generally kept there for several months and is as follows: which of our pages you have consulted and the IP address of your device. The legislation relating to the use of your data within the framework of the reCAPTCHA service is detailed in art. 6 para. 1 p. 1 point f) GDPR (Lawfulness of processing). The processing is lawful insofar as it meets our legitimate need to effectively protect our service offer from cyberattacks and misuse.
(5) Email Newsletter - TurboSMTP
We use TurboSMTP server services, https://serversmtp.com/ to send our emails and newsletters under SSL protection.
§ 7. ORDER DATA PROCESSING
You can make payment for our products through our payment provider, contractually linked to us. We transmit personal data to our payment provider. The personal information that we collect is transmitted to our payment provider, as well as to our carrier (when the good in question needs to be delivered) in accordance with the terms of the contract that binds us. If necessary, we also transmit your payment data to the credit institution with which we are under contract (when necessary for the execution of the order). When third parties linked to the payment of your order are involved, you are explicitly informed, in accordance with the applicable legislation detailed in art. 6 para. 1 point b of the GDPR.
When you pay via the Paypal service, wether it is using a credit card or making a transfer, as part of the execution of your order, we transmit your personal data to Paypal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “Paypal”) in accordance with the legislation in force detailed in art. 6 para. 1 point b of the GDPR, and only when necessary for the execution of the order. When you pay, use a credit card, make a transfer, make a fixed or instalment purchase via Paypal, Paypal reserves the right to carry out a credit investigation. For this purpose, we transmit your personal information to Paypal in accordance with the legislation in force detailed in art. 6 para. 1 point f of the GDPR, on the basis of Paypal's legitimate interest in confirming your creditworthiness. The result of this solvency investigation determines the means of payment made available to you by Paypal on the basis of the statistical probability of a payment default. The credit investigation may refer to a “credit note”. The credit rating allocated to the result of this credit investigation is the result of a scientifically approved statistical formula. Your address (among others but not exclusively) is likely to be taken into account for the establishment of this note. For more information on the use of your data by Paypal, you can consult its privacy statement by following this link: https://www.paypal.com/fr/webapps/mpp/ua/privacy-full
You can at any time oppose the processing of your data by sending a simple message to Paypal. However, Paypal remains entitled to use your personal data as long as it is necessary for the execution of a contractual financial transaction.
(2) Mollie B.V.
When you pay via the Mollie B.V. service, wether it is using a credit card or making a transfer, as part of the execution of your order, we transmit your personal data to Mollie B.V. Keizersgracht 126, 1015 CW Amsterdam, the Netherlands (hereinafter “Mollie”) in accordance with the legislation in force detailed in art. 6 para. 1 point b of the GDPR, and only when necessary for the execution of the order. When you pay, use a credit card, make a transfer via Mollie, Mollie reserves the right to carry out a credit investigation. For this purpose, we transmit your personal information to Mollie in accordance with the legislation in force detailed in art. 6 para. 1 point f of the GDPR, on the basis of Mollie's legitimate interest in confirming your creditworthiness. The result of this solvency investigation determines the means of payment made available to you by Mollie on the basis of the statistical probability of a payment default. The credit investigation may refer to a “credit note”. The credit rating allocated to the result of this credit investigation is the result of a scientifically approved statistical formula. Your address (among others but not exclusively) is likely to be taken into account for the establishment of this note. For more information on the use of your data by Mollie, you can consult its privacy statement by following this link: https://www.mollie.com/en/privacy
You can at any time oppose the processing of your data by sending a simple message to Mollie. However, Mollie remains entitled to use your personal data as long as it is necessary for the execution of a contractual financial transaction.
§ 8. RIGHTS OF THE PERSON CONCERNED
If personal data relating to you is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible:
1. Right of access
2. If your personal data is processed, you have the right to obtain information from the controller about the data stored about you (Art. 15 GDPR).
3. Right of rectification
4. If inaccurate personal data is processed, you have a right to rectification (Art. 16 GDPR).
5. Right to erasure or restriction and right to object
6. If the legal requirements are met, you can request erasure or restriction of processing and object to processing (Articles 17, 18 and 21 GDPR).
7. Right to information
8. If you have asserted your right to rectification, erasure or restriction of processing with the person responsible, the latter is obliged, in accordance with Article 19 of the GDPR, to communicate this rectification, erasure of data or limitation of processing to all recipients to whom the personal data concerning you have been communicated, unless this proves impossible or involves a disproportionate effort.
9. Right to data portability
10. If you have consented to the data processing or if a data processing contract exists and if the data processing is carried out using automated methods, you have, where applicable, a right to data portability (Article 20 GDPR).
11. Right of objection
12. In accordance with Article 21 of the GDPR, you have the right to object at any time, for reasons relating to your particular situation, to the processing of personal data concerning you, in accordance with Article 6, paragraph 1, subparagraph 1 letter e or f GDPR; this also applies to profiling.
13. Right to revoke the data protection declaration of consent
14. If you have given your consent to the processing by the person responsible by means of a corresponding declaration, you can revoke this consent at any time for the future. The legality of the data processing carried out on the basis of the consent until the revocation remains unaffected by this.
15. Automated decision in individual cases, including profiling
16. In accordance with Article 22 of the GDPR, you have the right to object to any decision based exclusively on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
17. Right to lodge a complaint with a supervisory authority
You also have a right of appeal to a supervisory authority (Article 77 of the GDPR).
§ 9. CONTACT
Art Gallery AR is at your disposal for any comments or suggestions. You can reach us by email at: email@example.com.