Privacy Policy

APPOLINE Privacy Policy 


This Privacy Policy describes how your personal information is collected, used and shared when you visit or make a purchase on (the “Site”).

The company APPOLINE undertakes, as Data Controller, to comply with the provisions of Regulation (EU) No. 2016/679 of April 27, 2016 relating to the protection of personal data (GDPR) as well as the Law n° 78-17 of January 6, 1978 relating to data processing, files and freedoms, modified (known as the Data Protection Act).


In accordance with article 5 of European Regulation 2016/679, personal data are:   

  • Processed in a lawful, fair and transparent manner with regard to the person concerned  ; 
  • Collected for specific purposes (see Article 3.1 hereof), explicit and legitimate, and not subsequently processed in a manner incompatible with these purposes; 
  • Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed; 
  • Accurate and, where necessary, kept up to date. All reasonable measures must be taken to ensure that personal data which are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay; 
  • Kept in a form allowing the identification of the persons concerned for a period not exceeding that necessary for the purposes for which they are processed; 
  • Processed in a manner that ensures appropriate security of the data collected, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures. 

The processing is only lawful if, and to the extent that, at least one of the following conditions is met: 

  • The data subject has consented to the processing of his or her personal data for one or more specific purposes;
  • The processing is necessary for the performance of a contract to which the data subject is party or for the execution of pre-contractual measures taken at the request of the data subject; 
  • The processing is necessary for compliance with a legal obligation to which the data controller is subject; 
  • The processing is necessary to safeguard the vital interests of the data subject or another natural person; 
  • The processing is necessary for the performance of a mission of public interest or relating to the exercise of public authority vested in the controller; 
  • Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, unless overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the person concerned is a child. 



When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. 

Additionally, as you browse the Site, we collect information about the individual web pages or products you view, the websites or search terms that brought you to the Site, and information about how how you interact with the Site. 

The personal data collected on the site are as follows:

- your first and last name

- your date of birth

- Your billing address

- your shipping address

- your payment information (including your credit card numbers)

- Your email address

- your phone number. 

The collection and processing of this data serves the following purposes:

- Processing and shipping your order

- Managing our communications

- Analysis of your navigation on our website 

- Managing and sending newsletters/SMS

- Collection of customer reviews

The processing of data carried out is based on the prior consent of the user.

The data controller will keep all the data collected in the site's computer systems under reasonable security conditions for a period of three years.


In accordance with the provisions of Article 8 of European Regulation 2016/679 and the Data Protection Act, only minors aged 15 and over can consent to the processing of their personal data.

If the user is a minor under 15 years of age, the consent of a legal representative will be required so that personal data can be collected and processed.


Generally, we use the Order Information we collect to process any orders placed through the Site (including to process your payment information, arrange for shipping of your order, and provide you with invoices and/or order confirmations).  Additionally, we use this Order Information to:

- communicate with you;

- assess potential fraud or risks; And

- when this corresponds to the preferences you have communicated to us, provide you with information or advertisements regarding our products or services.

We use the Device Information (in particular your IP address) that we collect to assess potential fraud or risk and, more generally, to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to evaluate the success of our advertising and marketing campaigns).


Your data is accessible:

- to the company SHOPIFY, host of the site The head office of the host is located at 126 York St, Ottawa, ON K1N 5T5, Canada.

The host can be contacted at the following telephone number: +1 613 241 2828

To learn more about Shopify's use of your Personal Information, please visit:

  • to employees of the Appoline company, within the framework of their function
  • our order shipping and delivery providers
  • Google Analytics to better understand how our customers use the Site – to learn more about Google's use of your Personal Information, please visit: /.  You can also opt out of Google Analytics here:

Your data is stored in the data storage system and databases of our service providers. Your data is stored on secure, protected servers.

If you make your purchase through a direct payment gateway, then Shopify will store your credit card information. This information is encrypted in accordance with the payment card industry's data security standard (PCI-DSS). Information relating to your purchase transaction is retained for as long as necessary to complete your order. Once your order is finalized, the information relating to the purchase transaction is deleted.

All direct payment gateways comply with the PCI-DSS standard, managed by the PCI Security Standards Council, which is the joint effort of companies such as Visa, MasterCard, American Express and Discover.

PCI-DSS requirements ensure the secure processing of credit card data by and its service providers.

Appoline does not sell, rent or disclose your personal information to third parties other than companies belonging to its group, its service providers within the European Union, or an administrative or judicial authority which has ordered it to do so.


Generally, the third-party providers we use will only collect, use and disclose your information to the extent necessary to carry out the services they provide to us.

However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies regarding the information we are required to provide to them for your purchase transactions.
With respect to these providers, we recommend that you read their privacy policies carefully so that you can understand how they will treat your personal information.

Please keep in mind that some suppliers may be located or have facilities in a different jurisdiction than you or us. So if you decide to pursue a transaction that requires the services of a third-party vendor, then your information may be governed by the laws of the jurisdiction in which that vendor is located or the laws of the jurisdiction in which its facilities are located.

For example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, your information that was used to complete the transaction may be disclosed under United States legislation. United States, including the Patriot Act.

Once you leave i or you are redirected to the website or application of a third party, you are no longer governed by this Confidentiality Policy nor by the General Conditions of Sale and Use of our website.

You may be required to leave our website by clicking on certain links on our site. We assume no responsibility for the privacy practices practiced by these other sites and recommend that you read their privacy policies carefully.


By communicating your personal data, you accept their collection, transfer and storage for the purposes mentioned in this section. 

To protect your personal data, we take reasonable precautions and follow industry best practices to ensure that it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.

However, despite all these precautions, no data transmission over the Internet is entirely secure.

Consequently, any communication of your data will be carried out at your own risk and Appoline cannot be held responsible in the event of intrusion by third parties for whom your information is not intended.


Personal data is collected by:


SASU with capital of €5,000

Registered with the Créateil RCS under number 983 501 784

Head office 41 rue charles bassée 94120 Fontenay sous bois

The person responsible for processing personal data is: Alexandra Baillon and can be contacted at the following address:

If you believe, after contacting us, that your “Computer and Liberties” rights are not respected, you can send information to the CNIL. 


If you are a European resident, you have a right of access to the personal information we hold about you and you can request that it be corrected, updated or deleted. If you wish to exercise this right, please contact us using the contact details specified below:

contact@maisonappoline. com

Furthermore, if you are a European resident, note that we process your information in order to fulfill our contractual obligations towards you (for example if you place an order on the Site) or to pursue our commercial interests legitimate.  Please also note that your information will be transferred outside of Europe, including to Canada and the United States.

Any user concerned by the processing of their personal data can avail themselves of the following rights, in application of European regulation 2016/679 and the Data Protection Act (Law 78-17 of January 6, 1978):   

  • Right of access, rectification and right to erasure of data (set out respectively in Articles 15, 16 and 17 of the GDPR); 
  • Right to data portability (article 20 of the GDPR); 
  • Right to limitation (article 18 of the GDPR) and to object to data processing (article 21 of the GDPR); 
  • Right not to be the subject of a decision based exclusively on an automated process; 
  • Right to determine the fate of data after death; 
  • Right to refer the matter to the competent supervisory authority (article 77 of the GDPR). 

To exercise your rights, please send your request by email to contact@maisonappoline. com

In order for the data controller to grant his request, the user may be required to communicate certain information such as: his first and last names, his email address as well as his account number, personal space or subscriber. 

The request will be processed within one month.

Visit the website for more information on your rights.



The site uses cookie techniques.

A cookie is a small file (less than 4MB), stored by the site on the user's hard drive, containing information relating to the user's browsing habits.

Cookies allow us to process statistics and traffic information, facilitate navigation and improve the service for user comfort.

The use of cookie files involves the saving and analysis of personal data, the user's consent is necessarily requested, valid for a period of 4 months. At the end of this period, a new authorization will be sent to the user.

Here is a list of cookies we use. We have listed them here so that you have the option to choose whether you want to allow them or not.

Technical cookies from our Shopify platform:

_session_id, a unique session identifier, allows Shopify to store information about your session (referrer, landing page, etc.).

_shopify_visit, no data retained, persists for 30 minutes since last visit. Used by our website provider's internal statistics tracking system to record the number of visits.

_shopify_uniq, no data held, expires at midnight (depending on visitor location) the next day. Calculates the number of visits to a store per unique customer.

cart, unique identifier, persists for 2 weeks, stores information relating to your shopping cart.

_secure_session_id, unique session identifier

storefront_digest, unique identifier, undefined if the store has a password, it is used to know if the current visitor has access.

Audience cookies such as Google analytics allowing us to understand the browsing behavior of our users.

Advertising cookies allowing us to send you targeted advertisements.

  - “Log files” track Site activity and collect data such as your IP address, the type of browser you are using, your Internet service provider, your referring and exit pages, and your timestamp data (date and hour).

    - “Web beacons”, “tags” and “pixels” are electronic files that record information about how you browse the Site.


You can oppose the recording of cookies that are not essential to the operation of the site by configuring your browser as follows:

- Firefox
iOS &

- Chromium
Computers ktop&hl=fr&oco=1
iOS &oco=1
Android d&hl=fr&oco=1

Computers iOS

- Edge
Computers & Windows 10 Mobile edge-and-privacy

- Internet Explorer
Computers manage-cookies


The publisher of the site reserves the right to modify this Policy at any time in order to ensure users of the site its compliance with the law in force. 

Any modifications cannot have an impact on purchases previously made on the site, which remain subject to the Policy in force at the time of the purchase and as accepted by the user upon validation of the purchase. 

The user is invited to read this Policy each time he uses our services, without it being necessary to formally notify him. 

This policy, published on January 1, 2024, was updated on January 1, 2024.


If you consider that APPOLINE is not respecting its obligations with regard to your personal data, you can send a complaint or a request to the competent authority. In France, the competent authority is the CNIL, to which you can send a request electronically by clicking on the following link:


To learn more about our privacy practices, if you have any questions or if you would like to file a complaint, please contact us by email: contact@maisonappoline. com