Privacy policy

ARTICLE 1: PREAMBLE

This Privacy Policy applies to the website: Expert.poderm.com.

The purpose of this Privacy Policy is to inform users of the website about:

How their personal data is collected and processed. Personal data refers to any information that can identify a user, including but not limited to first and last name, age, postal address, email address, user location, or IP address;
What rights users have regarding their data;
Who is responsible for processing the collected and processed personal data;
To whom this data is transmitted;
Where applicable, the website’s policy on “cookies.”

This Privacy Policy complements the Legal Notice and the General Terms of Use, which users can consult at the following address: https://www.expert.poderm.com/policies/legal-notice

ARTICLE 2: GENERAL PRINCIPLES REGARDING DATA COLLECTION AND PROCESSING

In accordance with the provisions of Article 5 of the European Regulation 2016/679, the collection and processing of data from users of the website comply with the following principles:

Lawfulness, fairness, and transparency: Data may only be collected and processed with the consent of the data-owning user. Each time personal data is collected, the user will be informed that their data is being collected and the reasons for which it is collected.
Purpose limitation: Data collection and processing are carried out to achieve one or more objectives specified in these General Terms of Use.
Data minimization: Only the data necessary for the proper execution of the objectives pursued by the website are collected.
Limited storage: Data is retained for a limited period, of which the user is informed. If this information cannot be communicated, the user will be informed of the criteria used to determine the retention period.
Integrity and confidentiality: The data controller undertakes to ensure the integrity and confidentiality of the collected data.

To be lawful, and in accordance with the requirements of Article 6 of European Regulation 2016/679, the collection and processing of personal data may only occur if at least one of the following conditions is met:

The user has explicitly consented to the processing;
The processing is necessary for the proper performance of a contract;
The processing is required to comply with a legal obligation;
The processing is necessary to protect the vital interests of the data subject or another natural person;
The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority;

The processing and collection of personal data is necessary for the legitimate and private interests pursued by the data controller or by a third party.

ARTICLE 3: PERSONAL DATA COLLECTED AND PROCESSED DURING WEBSITE NAVIGATION

A. COLLECTED AND PROCESSED DATA AND METHODS OF COLLECTION

The personal data collected on the website Expert.poderm.com are as follows:

Subscription form data such as your first and last name, date of birth, contact details, email address, postal address, telephone number;
Data allowing you to be identified and authenticated (login logs, IP address), data relating to purchases, locations and times of orders and purchases, your navigation path on the website, dates and times of site visits, location data.

These data are collected when the user performs one of the following actions on the website:

When the user purchases a product on the website;
When the user registers on the website as a professional or private individual;
When the user uses the contact form to send an inquiry.

Furthermore, when a payment is made on the website, proof of the transaction, including the order form and invoice, will be stored in the IT systems of the website operator.

The data controller will retain all collected data in the website’s IT systems under reasonable security conditions for the following periods:

Data concerning you will be retained for the duration necessary to fulfill the purposes described above, i.e., 3 years from the end of the commercial relationship, which corresponds to the date of the last contact from the client;
6 years for tax documents;
10 years for accounting documents;
For the entire duration of legal disputes and until all legal remedies are exhausted.

B. TRANSMISSION OF DATA TO THIRD PARTIES

The personal data collected by the website are not transmitted to any third party and are only processed by the website operator.

C. DATA HOSTING

The website Expert.poderm.com is hosted by:
Shopify Inc. – 151 rue O’Connor, Ottawa, Ontario K2P 2L8, Canada

ARTICLE 4: DATA CONTROLLER

A. THE DATA CONTROLLER

The data controller of personal data is Maud Falconnet. She can be contacted as follows:

Phone: +41(0) 22.342.53.39
Email: contact@poderm.com
Address: Swiss Footcare Laboratories - Chemin du Pré-Fleuri 1-3 – 1228 Plan-les-Ouates, SWITZERLAND

The data controller is responsible for determining the purposes and means used for the processing of personal data.

B. OBLIGATIONS OF THE DATA CONTROLLER

The data controller undertakes to protect the collected personal data, not to disclose them to third parties without informing the user, and to respect the purposes for which these data were collected.

The website uses an SSL certificate to ensure that information and data transfers via the website are secure.

An SSL (“Secure Socket Layer”) certificate is designed to secure the data exchanged between the user and the website.

Furthermore, the data controller undertakes to notify the user in case of correction or deletion of their data, unless doing so would involve disproportionate formalities, costs, or efforts.

In the event that the integrity, confidentiality, or security of the user’s personal data is compromised, the data controller undertakes to inform the user by any appropriate means.

ARTICLE 5: USER RIGHTS

In accordance with the regulations concerning the processing of personal data, the user has the following rights.

To enable the data controller to comply with a request, the user must provide their first and last name, email address, and, if relevant, their account number, personal area, or subscriber number.

The data controller is required to respond to the user within a maximum of 30 (thirty) days.

A. PRESENTATION OF USER RIGHTS REGARDING DATA COLLECTION AND PROCESSING

a. Right of access, rectification, and erasure

The user may access, update, modify, or request the deletion of their data by following the procedure below:

The user must send an email to the data controller specifying the subject of the request at the contact email address.

If the user has a personal area, they have the right to request its deletion by following this procedure:

The user must send an email to the data controller specifying their personal area number. The request will be processed within 10 working days.

b. Right to data portability

The user has the right to request the portability of their personal data held by the website to another site, by following the procedure below:

The user must submit a request for data portability to the data controller by sending an email to the address indicated above.

c. Right to restrict or object to data processing

The user has the right to request the restriction of or object to the processing of their data by the website, which may only be refused if the website can demonstrate compelling legitimate grounds that override the interests, rights, and freedoms of the user.

To request restriction or object to data processing, the user must:

Send an email to the data controller requesting the restriction of the processing of their personal data.

d. Right not to be subject to decisions based solely on automated processing

In accordance with Regulation 2016/679, the user has the right not to be subject to a decision based solely on automated processing if the decision produces legal effects concerning them or similarly significantly affects them.

e. Right to determine the fate of data after death

The user is reminded that they may determine the fate of their collected and processed data after their death, in accordance with Law No. 2016-1321 of October 7, 2016.

f. Right to contact the competent supervisory authority

If the data controller decides not to respond to the user’s request, and the user wishes to contest this decision or believes that one of their rights has been violated, they have the right to contact the CNIL (Commission Nationale de l’Informatique et des Libertés, https://www.cnil.fr) or any competent court.

B. PERSONAL DATA OF MINORS

In accordance with Article 8 of European Regulation 2016/679 and the French Data Protection Act, only minors aged 15 or older can consent to the processing of their personal data.

If the user is under 15, the consent of a legal representative is required for personal data to be collected and processed.

The website operator reserves the right to verify by any means that the user is over 15 or has obtained the consent of a legal representative before browsing the site.

ARTICLE 6: USE OF “COOKIES” FILES

The website may use “cookies” techniques.

A “cookie” is a small file (less than 4 KB) stored by the website on the user’s hard drive, containing information about the user’s browsing habits.

These files allow the website to process statistics and traffic information, facilitate navigation, and improve the service for the user’s comfort.

For the use of “cookies” involving the storage and analysis of personal data, the user’s consent is always required.

This consent is considered valid for a maximum period of 6 (six) months. At the end of this period, the website will ask the user again for authorization to store “cookies” on their hard drive.

a. User objection to the use of “cookies” by the website

Cookies that are not essential to the operation of the website are only deposited on the user’s device after obtaining their consent. This consent is collected via the Axeptio cookie management platform, which allows the user to choose the types of cookies they wish to enable or disable.

Withdrawal of consent to cookies:

The user may withdraw consent or change their cookie preferences at any time by clicking the dedicated icon (usually located at the bottom of the page) to reopen the Axeptio module. This allows them to deactivate previously accepted non-essential cookies or review their choices in a simple and intuitive way.

More generally, the user is informed that they can oppose the storage of these “cookies” by configuring their browser software.

For reference, the user can find instructions for configuring their browser to block the storage of cookies at the following addresses:

Chrome: https://support.google.com/accounts/answer/61416?hl=fr
Firefox: https://support.mozilla.org/fr/kb/enable-and-disable-cookies-website-preferences
Safari: http://www.apple.com/legal/privacy/fr-ww/
Internet Explorer: https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies
Opera: http://www.opera.com/help/tutorials/security/cookies/

If the user decides to disable cookies, they may continue browsing the website. However, any malfunction caused by this action cannot be considered the responsibility of the website operator.

b. Description of the “cookies” files used by the website

The user is informed that these platforms have their own privacy policies and terms of use, which may differ from those of the website. The website operator encourages users to consult the privacy policies and terms of use of these platforms.

Axeptio uses cookies to store the visitor’s consent so that it does not need to be requested at each visit to the site. These are purely technical cookies that only store anonymized visitor consent data.

Cookies we set:

Nom du cookie	CMP for brands	CMP for publishers
axeptio_cookies	Contains all information about the visitor’s consent, such as the date, their unique anonymous ID, and whether they have already given consent.	Contains all information about the visitor’s consent (personalized cookies only, excluding IAB TCF), such as the date, their unique anonymous ID, and whether they have already given consent
axeptio_all_vendors	Contains the list of all cookies declared in your Axeptio widget.	Contains the list of all personalized cookies (excluding IAB TCF) declared in your Axeptio widget.
axeptio_authorized_vendors	Contains the list of cookies accepted by the visitor.	Contains the list of personalized cookies accepted by the visitor
_ax_token	Not set for this CMP	Anonymous visitor ID, randomly generated and not based on any personal data

In our CMP for publishers, the following elements are stored in the browser’s local storage:

_ax_token: the anonymous visitor ID (the same as stored in the cookies)
_ax_expiration: timestamp indicating the expiration date of the given consent
_ax_tcstring: the TCF or tcString consent string, according to standards defined by the IAB

These cookies expire after 6 months by default, in accordance with CNIL. Consent will therefore be requested again from the visitor every 6 months.

ARTICLE 7: CONDITIONS FOR AMENDING THE PRIVACY POLICY

This privacy policy can be consulted at any time at the following address: https://www.expert.poderm.com/policies/privacy-policy

The website operator reserves the right to modify it in order to ensure compliance with applicable law.

Therefore, users are encouraged to regularly review this privacy policy to stay informed of any changes made.

Users are informed that the latest update of this privacy policy took place on 12/08/2025.

ARTICLE 8: USER ACCEPTANCE OF THE PRIVACY POLICY

By browsing the website, the user confirms that they have read and understood this privacy policy and accepts its terms, particularly regarding the collection and processing of their personal data, as well as the use of “cookies.”