Privacy Policy

Effective 05/02/2025

Article 1 – Preamble and definitions

The sole proprietorship Delta V Créations (Laura Sofía Urbina EI), mindful of the rights of individuals, particularly with regard to automated processing, and with a view to transparency with its customers, has drawn up a policy setting out all such processing, the purposes for which it is carried out and the means of action available to individuals to enable them to exercise their rights as fully as possible.

Continued browsing of this site implies unreserved acceptance of the following provisions and conditions of use.

The version of these terms of use currently online is the only version that can be invoked during the entire period of use of the site and until a new version replaces it.

Capitalized terms have the meanings specified below:

Company or Seller

Refers to the sole proprietorship Delta V Créations – Laura Sofía Urbina EI, a sole proprietorship in the capacity of micro-enterprise, registered with the Toulouse Trade and Companies Register (Registre du Commerce et des Sociétés – R.C.S.) under number SIREN 902967371, APE Code: 1391Z, whose registered office is located at 5 Amelia Earhart C1-307.

Site

Refers to the website accessible via the URL https://deltavcreations.com/, as well as the sub-site https://academy.deltavcreations.com/.

In particular, it enables the presentation and marketing of its Goods and Services; access to a Content consultation area, access to an area reserved for Clients, and any other Service provided by the Company.

User

Refers to any individual or legal entity accessing, browsing or using the Site on a non-contractual basis.

Good or Product

Refers to any item, whether physical or digital, offered for sale on the Site – available to Order – including in particular:

• Embroidery projects (PDF or other downloadable formats);
• Custom digital embroidery patterns;
• Embroidery kits, accessories and tools.

Service

Refers to the set of services offered for sale on the Site – available on Order – and in particular the:

• On-line training (access to a variety of digital resources: documents, videos, presentations, etc., making up the teaching aids);
• Face-to-face embroidery classes, workshops and courses.

Order

Refers to any purchase or subscription made by a Client to the Company via the Site, relating to a Product or Service.

Client or Buyer

Refers to any natural person or legal entity, professional or otherwise, who has placed an Order with the Company via the Site.

General Terms and Conditions of Sale or GTCS

Means this document, including any other content expressly referenced on the Site, which governs the contractual relationship between the Company and its Clients.

Partner

Refers to any professional or third-party organisation working with the Company to provide a Service, and to which the Client may be directed in this context.

Contents

Refers to all digital data and information provided by the Company, whether free of charge or for a fee, as part of access to the Site, including in particular: texts, images, illustrations, videos, graphics, logos, icons, sounds and audio recording software, teaching aids and digital documents.

Personal Space

Means the online interface made available to the Client by the Company, accessible via the Client’s Identifiers, and enabling the Client to access the Services or information relating to the Order.

Identifiers

Refers to the confidential information (user name and password) provided by the Company to the Client, enabling the latter to access his Personal Space or the subscribed Service.

Policy

Refers to this Privacy Policy document, including any other content expressly referenced on the Site, which governs the collection, use and protection of Users’ Personal Data by the Company.

Data

Refers to any information that makes it possible to identify a User (‘person concerned’). This may include, but is not limited to: first and last names, age, postal or e-mail address, IP address, identification number, Location Data, Online Identifier, or any other element specific to the User’s identity (non-exhaustive list).

Cookies

These are small text files placed on the User’s terminal (computer, tablet, smartphone, etc.) when browsing the Site. Cookies are used in particular to collect information (Data) relating to browsing in order to improve the User experience, analyse Site traffic and offer Content and advertising tailored to the User’s preferences. The User may configure the recording of Cookies via the settings of his/her browser or by consulting the Site’s Cookie management policy.

Processing

Refers to any operation or set of operations carried out on Data, such as collection, recording, organisation, storage, modification, communication, dissemination or deletion.

Data Controller and Subcontractor

The Data Controller is the entity which, alone or jointly with others, determines the purposes and means of Data Processing. The Sub-processor is the entity which processes the Data on behalf of the Data Controller. Unless otherwise indicated, the Company acts as Data Controller for the Data collected on the Site.

Recipient

Refers to any natural or legal person, public authority, department or body receiving Personal Data, whether a third party or not.

Regulations

Refers to all the texts governing the protection of Personal Data, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the Processing of Personal Data and on the free movement of such Data (‘RGPD’), Law no. 78-17 of 6 January 1978 relating to information technology, files and freedoms, as well as the provisions of the French Post and Telecommunications Code applicable to commercial canvassing, and more generally all the laws and regulations governing the Data Processing carried out by the Company.

The purpose of this Policy is to inform Users of the Site :

• How their Personal Data is collected.
• On the rights they have concerning this Data;
• On the person responsible for processing the Personal Data collected and processed (the Data Controller);
• On the Recipients of this Personal Data;
• The site’s policy on cookies.

This Policy supplements the Legal Notice and the General Terms and Conditions of Use, which can be consulted by Users and accessed from the ‘Legal Notice’ section.

For further information on cookies, please refer to the Site’s Cookie Policy, which can be accessed from the ‘Cookies’ section.

Article 2 – Principles relating to the Collection and Processing of Personal Data

In accordance with Article 5 of European Regulation 2016/679, Personal Data is:

• Processed lawfully, fairly and transparently with regard to the data subject;
• Collected for specified, explicit and legitimate purposes, and not further processed in a way incompatible with those purposes;
• Adequate, relevant and limited to what is necessary for the purposes for which they are processed;
• accurate and, where necessary, kept up to date. All reasonable steps must be taken to ensure that Personal Data which is inaccurate, having regard to the purposes for which it is processed, is erased or rectified without delay;
• Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which it is processed;
• Processed in such a way as to guarantee appropriate security of the Data collected, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Processing is lawful only if, and insofar as, at least one of the following conditions is met:

• The data subject has consented to the processing of his/her Personal Data for one or more specific purposes;
• The processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the data subject’s request;
• The processing is necessary for compliance with a legal obligation to which the controller is subject;
• The processing is necessary in order to protect the vital interests of the data subject or of another natural person;
• The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
• The processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, unless the interests or fundamental rights and freedoms of the data subject which require the protection of Personal Data prevail, in particular where the data subject is a child.

Article 3 – Types of Personal Data collected and processed on the Site

The Company collects and processes several categories of Personal Data, depending on Users‘ and/or Customers’ interactions with the Site.

Identification and contact details

• First and last name;
• Title/Gender;
• Postal address (address, postcode, town, country);
• E-mail address;
• Telephone number.

User account Data

• Username and password (encrypted);
• E-mail address;
• Reviews and comments (date, content of the review, product or service concerned).

Customer reviews: The Company reserves the right to collect and republish the opinions expressed by its Customers on its offers, including those published on other platforms (e.g.: social networks), in compliance with Users’ rights and the applicable Regulations. For further information, please refer to the Site’s General Terms and Conditions, which can be accessed from the ‘General Terms and Conditions’ section.

Transaction and billing Data

• First and last name;
• Title/Gender;
• Invoice and delivery address;
• E-mail address;
• Telephone number;
• (Optional) Credit card details recorded as favourites (via a secure service provider);
• Bank details and means of payment processed solely by secure payment service providers, in connection with payment for the Products and Services offered on the Site;
• Details of orders placed.

Data relating to browsing and interaction with the Site

• IP address;
• Type of browser and device used;
• Pages visited, connection time;
• Cookies and similar technologies. For further information on cookies, please refer to the Site’s Cookie Charter, which can be accessed under the ‘Cookies’ heading.

Communications and support Data

• First and last name;
• E-mail address;
• Telephone number;
• History of exchanges with customer support;
• Responses to contact forms (nature and content of request).

Marketing and advertising Data (with prior consent)

• Communication preferences (newsletter, promotions);
• Participation in competitions or events.

Data collected in connection with the exercise of rights under the Regulations

• First and last name;
• Contact details (e-mail address, telephone number);
• Information relating to requests to exercise rights (access, rectification, opposition, deletion, etc.).

Article 4 – Methods of collecting and processing Data on the Site

Personal Data is collected using three main methods:

Data supplied directly by the User

This Data is collected when the User voluntarily interacts with the Site, in particular:

• When creating an account on the Site;
• When placing an Order on the Site;
• When sending a message via a contact form or by e-mail;
• When subscribing to the newsletter;
• When taking part in a competition, a survey or any other promotional action.

Data collected automatically when using the Site

Some Data are recorded automatically using technical tools, in particular:

• Logging of connections (server logs) – Including IP address, browser type, device used and interactions with the Site;
• Cookies and tracers (Google Analytics, Facebook pixels, etc.).

For further information on cookies, please refer to the Site’s Cookie Charter, which can be accessed under the ‘Cookies’ section.

Data collected from third parties

In some cases, Data may be obtained via external partners, such as:

• Social networks – If the User interacts with the Company’s pages (likes, comments, shares);
• Secure payment providers – For the management of financial transactions;
• Advertising partners – With the explicit consent of the User.

Article 5 – Purposes and Use of Personal Data

Data collected on the Site is processed for the following purposes:

Access, Use and Security of the Site

• To enable the User to access the Site and its functionalities;
• To present and improve the Company’s Products and Services;
• To maintain a secure environment;
• To manage and optimise the operation of the Site;
• Verify, identify and authenticate the Data transmitted by the User;
• Ensure the creation and management of User accounts, including login and password reset procedures;
• Prevent and detect fraud, malware (malicious software) and security incidents;
• Manage any disputes with Users.

Management of quotes, orders and invoices

• Issuing quotations and invoices and managing contractual and commercial relations with the Customer;
• Organising and securing payments via secure payment service providers;
• Tracking transactions, including order number, amount, date, payment method and Billing Data;
• Ensure the delivery of Products in collaboration with partner carriers (each of which applies its own confidentiality policy to the Data transmitted).

Use of a third-party service provider for invoicing

Quotations and invoices are managed by Henrri, a software package published by H2R, a company registered with the Colmar Trade and Companies Register under number 838 289 437, with its registered office at 10 Grand Rue – 68280 Logelheim, with a capital of €20,000 and an intra-community VAT number: FR54838289437.

The Company uses this third-party service to automate and optimise the management of contractual documents. Henrri applies its own Privacy Policy, which is accessible on its official website. The Company declines all responsibility for the processing of Data carried out by this service provider.

Secure payment

All transactions carried out on the Site are protected by SSL encryption. Payments are processed exclusively by secure payment service providers, as indicated in the GCS and on the Order page. The Site does not store or have direct access to the Customer’s bank details.

Access to Services and the Customer Area

• To provide the dematerialised Services accessible via the Site;
• Identify and prevent illicit or non-compliant use of the Site, in particular in the event of a breach of the GTC. For further information, please refer to the Site’s GTC, which can be accessed from the ‘GTC’ section.

Event management and face-to-face services

• Organising, registering and monitoring events, courses and workshops offered by the Company.

Management of communications and marketing initiatives

• Publish and manage Customer opinions and comments on the Company’s Products and Services;
• Organise competitions and other promotional operations on the Site and/or social networks;
• Send commercial and advertising information according to the User’s preferences;
• Send newsletters and promotional offers to Users who have given their consent, offering them personalised content according to their profile and preferences;
• Use social networks to interact with Users (applying the privacy policy specific to each platform).

User rights management

• To manage requests relating to rights of access, rectification and opposition in accordance with the applicable Regulations (RGPD and national legislation).

Article 6 – Partage des Données personnelles avec des tiers

The Company undertakes never to sell, rent or transfer Users’ Personal Data to third parties for commercial purposes. However, certain Data may be shared with third parties in the following cases:

Service providers and sub-contractors

The Company may use third-party service providers to provide certain essential functions of the Site and its services, in particular:

• Website hosting and maintenance: OVH SAS;
• Management of quotes and invoices: Henrri (H2R);
• Secure payments: Payment providers (e.g. Stripe, PayPal);
• Product delivery: Partner carriers;
• Analysis and performance tools: Google Analytics, Facebook Pixel, etc.

These service providers act as Subcontractors and only process Personal Data on the instructions of the Company, in accordance with the Data processing contracts signed with them.

Sharing with third parties at the request or with the consent of the User

Data may be shared when the User publishes information accessible to the public in the free comment areas of the Site.

Legal and regulatory obligations

The Company may share certain Personal Data with administrative or judicial authorities in the following cases:

• To comply with a legal obligation (e.g. request from the tax authorities, fight against fraud);
• As part of legal proceedings, to protect its rights or those of a third party.

Social networks and third-party platforms

If the User interacts with the Company via social networks (Facebook, Instagram, LinkedIn, etc.), certain Data may be shared with these platforms, subject to the privacy settings defined by the User on these services.

Business partners (with consent)

If the User has given his/her explicit consent, certain Data may be shared with commercial partners for the purpose of sending promotional offers or marketing information. The User may withdraw his/her consent at any time.

Transfers outside the European Union

Some third-party service providers may be located outside the European Union. In this case, the Company ensures that Data transfers are governed by appropriate guarantees (e.g. European Commission standard contractual clauses, adherence to the Privacy Shield where applicable, etc.).

Security and confidentiality

The Company ensures that all third parties with access to Personal Data comply with strict security and confidentiality standards.

Article 7 – Data Hosting

The Site is hosted by OVH SAS, a company registered with the Lille Trade and Companies Register under number 424 761 419 00045, whose registered office is located at 2 rue Kellermann, 59100 Roubaix, France.

Legal information OVH SAS :

• SIRET : 537 407 926
• APE Code: 2620Z
• VAT NUMBER: FR 22 424 761 419

OVH SAS is a subsidiary of OVH Groupe SA, registered in the Lille Trade and Companies Register under number 537 407 926, whose registered office is located at 2 rue Kellermann, 59100 Roubaix, France.

Contact OVH: https://ovhcloud.com

The Data collected and processed on the Site are hosted on servers located in France and/or within the European Union, thus guaranteeing their protection in accordance with the Regulations in force, in particular the RGPD.

OVH SAS implements strict technical and organisational measures to ensure the security, confidentiality and integrity of the Data hosted. However, the Company may not be held liable for any security breaches directly affecting the host.

Article 8 – Data retention period

The Company keeps Users‘ and Customers’ Data only for as long as is necessary for the purposes for which it was collected, in compliance with applicable legal and regulatory obligations.

Data relating to Customers and Orders

• Identification and contact Data (surname, first name, address, email, telephone): 3 years after the last contact or the last activity of the Customer.
• Transaction Data (invoices, payments, orders): 10 years (accounting obligation – article L123-22 of the French Commercial Code).

User account Data

• Identifiers, password, purchase history → Kept for as long as the account is active and deleted after 2 years of inactivity, unless required by law.

Marketing Data and sales prospecting

• Data used for canvassing purposes (email, telephone, newsletter consent): 3 years after the last contact or the absence of response to solicitations.
• Data from competitions and promotional operations: 6 months after the end of the operation.

Technical and Navigation Data

• Cookies and tracers: 13 months after they are deposited.
• Connection logs and server logs: 1 year (legal security obligation).

Data relating to User Rights (exercise of RGPD rights)

• Data concerning requests to exercise rights (access, rectification, opposition, deletion): 1 to 6 years depending on the nature of the request (article L34-5 of the French Post and Electronic Communications Code).

Data relating to Litigation and Disputes

• Archiving of Data in the event of litigation: 5 years (common law limitation period).
• Data relating to offences or fraud: up to 5 years after closure of the file.

Exception and extended storage

The Company may retain certain Personal Data beyond the above-mentioned periods in order to fulfil its legal or regulatory obligations, particularly in the event of litigation or to meet the requirements of the competent authorities.

Article 9 – Right of access, rectification and removal of your Data

In accordance with the applicable regulations on the protection of Personal Data, in particular Regulation (EU) 2016/679 of 27 April 2016 (RGPD) and Law no. 78-17 of 6 January 1978 as amended, Users have the following rights with regard to their Personal Data:

Right of access

The User may obtain confirmation that his/her Data is being processed by the Company and, where applicable, access said Data as well as information on its processing (purposes, categories of Data, Recipients, retention period, etc.), in accordance with Article 15 of the GDPR.

Right of rectification

If any Data is inaccurate, incomplete or obsolete, the User may request that it be corrected or updated, in accordance with Article 16 of the RGPD.

Right to erasure (right to be forgotten)

Users may request the deletion of their Data in the following cases:

• The Data is no longer necessary for the purposes for which it was collected;
• The User withdraws his/her consent and there is no other legal basis for processing;
• The User objects to the processing and there are no compelling legitimate grounds for continuing it;
• The Data has been processed unlawfully;
• There is a legal obligation to delete the Data.

However, the Company may retain certain Data where their processing is necessary to comply with a legal obligation or to exercise or defend legal claims, in accordance with Article 17 of the RGPD.

Right to restrict processing

In accordance with Article 18 of the RGPD, the User may request the temporary suspension of the processing of his/her Data in the following cases:

• The accuracy of the Data is contested and requires verification ;
• The processing is unlawful, but the User objects to the deletion of the Data;
• The Company no longer needs the Data, but it is still necessary for the establishment, exercise or defence of legal claims;
• The User has objected to the processing and a check is underway to determine whether the Company’s legitimate reasons prevail over his/her own.

Right to object

Users may object to the processing of their Personal Data for reasons relating to their particular situation, unless the Company can demonstrate overriding legitimate grounds. This right applies in particular to the processing of Data for commercial prospecting purposes, in accordance with Article 21 of the RGPD.

Right to portability

The User may request to receive his/her Personal Data in a structured, commonly used and machine-readable format, or to transmit it directly to another Data controller, where technically possible, in accordance with Article 20 of the GDPR.

Right to dereferencing

Users may request that their Data be removed from search engines under the conditions set out in the applicable regulations.

Right not to be subject to a decision based exclusively on an automated process

The User has the right not to be subject to a decision producing legal effects concerning him or significantly affecting him, when it is based exclusively on automated processing, including profiling.

The Company undertakes to ensure that any decision involving automated processing is based on legitimate grounds and includes, where necessary, human intervention enabling the User to express his/her point of view and to challenge the decision, in accordance with Article 22 of the RGPD.

Right to determine the fate of Data after death

Users have the right to organise what happens to their Data after their death. They may define general or specific instructions concerning their retention, deletion or communication.

In the absence of specific instructions, the User’s heirs may exercise certain rights over his/her Data, in accordance with the applicable legal provisions.

Right to contact the competent supervisory authority

If the User considers that the processing of his/her Data constitutes a breach of the GDPR or any other applicable Data protection regulation, he/she has the right to lodge a complaint with the competent supervisory authority, without prejudice to any other administrative or judicial remedy.

In France, the competent authority is the Commission Nationale de l’Informatique et des Libertés (CNIL), which can be contacted at the following address: www.cnil.fr.

Exercising rights

These rights may be exercised at any time by contacting the Company using the following details:

• By e-mail: contact@deltavcreations.com
• By post: Delta V Créations – Laura Sofia Urbina, 5 Amelia Earhart C1-307, 31400, Toulouse, France.

All requests must specify the User’s identity and the purpose of the request. The Company may ask for proof of identity to verify the legitimacy of the request.

A response will be given within a maximum of one (1) month from receipt of the request, which may be extended by two (2) months in the event of complexity or a large number of requests.

If the User is not satisfied, he or she has the right to lodge a complaint with the Commission Nationale de l’Informatique et des Libertés (CNIL):

• Website: www.cnil.fr
• Postal address: 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07

We recommend that you contact us first before lodging a complaint with the CNIL, as we are entirely at your disposal to resolve your problem.

Protection of third parties’ personal Data

When consulting the Site, the User may have access to Personal Data published by other people, particularly in the comments areas. The User undertakes to respect the confidentiality and privacy of third parties by refraining from any collection, unauthorised use or action that may harm such persons.

Any misuse of the Data accessible on the Site is prohibited and may render the User liable. The Company declines all responsibility in the event of non-compliance with these obligations by a User.

Article 10 – Cookies

A ‘Cookie’ is a text file deposited on the User’s device (computer, smartphone, tablet) when browsing a website. It enables the site to recognise the User, improve their experience, measure the audience and offer personalised content.

When browsing the Site, cookies and other tracers may be deposited on the User’s device in order to improve the experience, measure the audience or offer personalised content and advertising.

Users can configure their cookie preferences at any time via the cookie management banner displayed on their first visit to the Site, or by modifying their browser settings.

For further information on cookies, please refer to the Site’s Cookie Charter, which can be accessed under the ‘Cookies’ section.

Article 11 – Data Controller and Data Protection Officer

The Data Controller

Personal Data are collected by Delta V Créations – Laura Sofia Urbina EI, a sole proprietorship in the capacity of a micro-enterprise, registered in the Toulouse Trade and Companies Register (Registre du Commerce et des Sociétés – R.C.S.) under number SIREN.

The person responsible for processing personal Data can be contacted as follows:

• By post at the following address: 5 Amelia Earhart C1-307, 31400 Toulouse, France;
• By telephone on (+33) 07 81 77 88 25;
• By e-mail: contact@deltavcreations.com.

The Data Protection Officer

The Data Protection Officer for the Company or the person responsible is:

Laura Sofia Urbina; and can be contacted on the details given above.

If, after contacting us, you feel that your ‘Data Protection’ rights have not been respected, you can send a complaint to the CNIL.

Article 13 – Conditions for amending the Privacy Policy

The Web Site publisher reserves the right to modify this Policy at any time in order to ensure that Users of the Web Site comply with current legislation.

Any such changes shall not affect purchases previously made on the Site, which shall remain subject to the Policy in force at the time the Order is placed and as accepted by the User when the Order is confirmed.

Users are invited to familiarise themselves with this Policy each time they use our services, without the need for any formal notification.

Article 14 – Applicable law

This Site Policy is governed by French law and is subject to the jurisdiction of the courts of the Publisher’s registered office, subject to any specific jurisdiction arising from a particular legal or regulatory text.

The Policy is not exhaustive of all processing and we reserve the right to supplement it by any means.

Article 15 – Language

This Policy is written in French. In the event that it is translated into one or more foreign languages, only the French text will be deemed authentic in the event of a dispute.

Translations are provided for information purposes only to facilitate understanding by non-French speaking customers, but do not constitute a contractual document.

Article 16 – Contact

If you have any questions or require information about the Products and Services presented on the Site, or about the Site itself, you can leave a message at the following address: contact@deltavcreations.com.