Privacy Policy

Last updated on 14/01/2026

MAJOLI.IO, committed to protecting personal data, undertakes to ensure the highest level of protection for your personal data in compliance with the European and French regulations applicable to data protection (GDPR).

This Privacy Policy informs you about how we collect, process, and protect the personal data you submit to us via https://www.majoli.io and https://app.majoli.io.

1. Data Controller

The controller of personal data collected on this site is MAJOLI.IO, a SAS with share capital of €61,650.00, located at 4 rue de la République, 13001 MARSEILLE.

For any questions, you may contact the controller at 07 83 97 09 52 or by email at contacts@majoli.io. The company is registered under SIRET number 890 748 239 00021.

2. Personal Data Collected

We collect various categories of personal data when you interact with our site:

Identification data: Last name, first name, title.

Contact data: Email address, phone number, postal address (billing and delivery).

Connection and browsing data: IP address, connection logs, browsing history, browser type, cookies and trackers.

Order data: Purchase history, order number, details of products purchased, amount.

Payment data: Information relating to your payment method (card number, expiration date) is not collected by our site.

It is collected and processed directly by our secure payment provider Stripe, which is solely responsible for this processing.

Communication data: Messages sent via the contact form, correspondence with customer service.

3. Purposes and Legal Bases for Processing

We process your personal data for specific purposes, based on the following legal grounds:

Order management (payment, preparation, delivery) - Contract performance

Customer account management (creation, access) - Contract performance

After-sales service (returns, warranties) - Contract performance

Responding to your requests (contact form, email) - Legitimate interest (responding to your requests)

Sending newsletters and commercial offers - Consent (voluntary subscription and email confirmation)

Website security (fraud prevention, attacks) - Legitimate interest (protecting our infrastructure, including anti-abuse mechanisms such as Google reCAPTCHA)

Audience analysis and measurement (improving the site) - Consent (via the cookie banner)

Compliance with legal obligations (accounting, invoicing) - Legal obligation

4. Data Retention Period

We retain your data for a limited period, necessary for the purposes for which it is processed:

Customer data (orders, invoices): Retained for the duration of the commercial relationship, then archived for the legally required retention period (notably 10 years for accounting obligations).

Prospect data (account creation without purchase): 3 years after your last contact (e.g., account login).

Prospecting data (newsletter): Retained until you unsubscribe (via the link in each email).

Connection data (security logs): 12 months.

Cookies: Cookie lifetime is a maximum of 13 months after their first deposit. Your consent will be requested again after this period.

5. Recipients and Data Sharing

Your personal data is neither sold, rented, nor exchanged with third parties for commercial purposes. It is only transmitted to the following recipients (our processors) who need it to carry out the purposes described above:

Site hosting provider: IONOS for site data storage.

Payment providers: Stripe for secure management of bank transactions.

Delivery providers: for shipping your orders.

Emailing tool (Newsletter): our transactional and marketing email providers, if you have consented.

Analytics tools: PostHog for audience measurement, if you have consented.

Anti-abuse tool: Google reCAPTCHA may collect technical data (such as IP address, browser information, and interactions) to distinguish legitimate users from automated usage.

Legal authorities: Only upon judicial request to comply with our legal obligations.

6. Data Security

We implement all appropriate technical and organizational measures to guarantee the security of your personal data, including:

Use of the HTTPS (SSL) protocol to secure browsing and transactions.

Secure and restricted access to our administration interface.

Secure payment process managed by a PCI-DSS certified provider.

Regular security updates for our site and its components.

7. Your Rights Regarding Your Data

In accordance with the GDPR, you have the following rights over your personal data:

Right of access (Article 15 GDPR): To know what data we hold about you.

Right to rectification (Article 16 GDPR): To correct your data if it is inaccurate or incomplete.

Right to erasure (Right to be forgotten, Article 17 GDPR): To request deletion of your data.

Right to restriction of processing (Article 18 GDPR): To request a pause in the use of your data.

Right to data portability (Article 20 GDPR): To receive a copy of your data in a structured format.

Right to object (Article 21 GDPR): To object to certain processing (notably commercial prospecting).

Right to withdraw your consent at any time (for processing based on consent, such as the newsletter).

How to exercise your rights?

You may exercise these rights by contacting us at:

By email: contacts@majoli.io

By post: MAJOLI.IO, 4 rue de la République, 13001 MARSEILLE

A response will be provided within one (1) month. In the event of no response or an unsatisfactory response, you have the right to lodge a complaint with the supervisory authority:

CNIL (Commission Nationale de l'Informatique et des Libertés)

3 Place de Fontenoy - TSA 80715

75334 PARIS CEDEX 07

Website: www.cnil.fr

This privacy policy complies with the GDPR and may be updated. We will inform you of any significant changes.