Privacy Policy

Last updated: 3 June 2026

This Privacy Policy explains how Submorea (“we”, “us”, “our”) collects, uses, and protects the personal data of visitors and customers of https://www.submorea.com (the “Site”). We are committed to protecting your privacy in accordance with the EU General Data Protection Regulation (GDPR) and applicable French data protection law (Loi Informatique et Libertés).

Please complete before publishing: legal company name, registered address, and (if applicable) SIRET/VAT number. These details are legally required for a French business.

1. Data Controller

The data controller responsible for your personal data is:

  • Company: Submorea

For any privacy-related question, contact us at the email above.

2. What Data We Collect

Depending on how you use the Site, we may collect:

  • Information you provide name, billing and shipping address, email address, phone number, and order details when you make a purchase or contact us.
  • Payment information: processed securely by our third-party payment provider. We do not store full card numbers on our servers.
  • Account information: if you create an account, your login credentials and order history.
  • Technical data: IP address, browser type, device information, and pages visited, collected automatically through cookies and similar technologies.

3. How We Use Your Data

We process your personal data to:

  • Process and deliver your orders and manage returns or refunds;
  • Provide customer support and respond to your enquiries;
  • Manage your account and send service-related communications;
  • Send marketing communications where you have consented (you can unsubscribe at any time);
  • Improve the Site, our products, and your browsing experience;
  • Comply with legal, tax, and accounting obligations.

4. Legal Basis for Processing

We rely on the following legal bases under the GDPR:

  • Performance of a contract — to fulfil orders and provide our services;
  • Consent — for marketing emails and non-essential cookies;
  • Legitimate interests — to secure and improve the Site and prevent fraud;
  • Legal obligation — to keep records required by tax and commercial law.

5. Sharing Your Data

We do not sell your personal data. We may share it with:

  • Payment processors, to complete transactions;
  • Shipping and logistics providers, to deliver your orders;
  • IT, hosting, and analytics service providers acting on our behalf;
  • Authorities, where required by law.

All third parties are required to safeguard your data and use it only for the purposes we specify.

6. International Transfers

Where data is transferred outside the European Economic Area, we ensure appropriate safeguards are in place, such as the European Commission’s Standard Contractual Clauses.

7. Data Retention

We keep your personal data only as long as necessary for the purposes described above, including legal and accounting requirements (in France, commercial invoices are generally retained for up to 10 years).

8. Your Rights

Under the GDPR, you have the right to:

  • Access the personal data we hold about you;
  • Request correction of inaccurate data;
  • Request erasure of your data (“right to be forgotten”);
  • Restrict or object to processing;
  • Data portability;
  • Withdraw consent at any time;
  • Lodge a complaint with the French supervisory authority, the CNIL (www.cnil.fr).

9. Data Security

We use appropriate technical and organisational measures to protect your data against unauthorised access, loss, or misuse. However, no method of transmission over the internet is completely secure.

10. Children

The Site is not intended for children under 15, and we do not knowingly collect data from them.

11. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on this page with the revised date.

12. Contact

For questions about this Privacy Policy, contact us!