Privacy Policy

Last updated: [CURRENT DATE]

1. INTRODUCTION

KESSØ Femmes ("we", "our", "us") respects your privacy.
This policy explains how we collect, use, and protect your personal data.

2. DATA WE COLLECT

— First name, last name, email, phone, address (when ordering)
— Payment data (processed by Stripe, never stored by us)
— Browsing behavior (via Google Analytics)
— Cookies (for an optimal shopping experience)
— Order history and preferences

3. HOW WE USE IT

— Process and ship your orders
— Send transactional emails (confirmation, shipping, tracking)
— Send marketing newsletters (if you have opted in)
— Improve our website
— Comply with legal obligations (GDPR, VAT)
— Detect fraud and abuse

4. YOUR GDPR RIGHTS

You have the right to:
— Access your personal data
— Delete your data
— Rectify your data
— Opt out of marketing
— Transfer your data (portability)

To exercise your rights: hello@kesso.com

5. DATA SHARING

We share data ONLY with:
— Stripe (payments) — encrypted data
— Spocket (dropshipping supplier) — address/order
— Google Analytics (anonymized)
— Email service (Mailchimp) — emails only

We NEVER sell your data.

6. SECURITY

— Mandatory SSL/HTTPS (padlock)
— Stripe = PCI-DSS certified (payment security)
— No storage of sensitive data by us
— Restricted access for staff

7. COOKIES

We use cookies for:
— Authentication (login)
— Cart (shopping)
— Analytics (Google)
— Preferences (language, theme)

You can refuse cookies → browser settings.

8. RETENTION PERIOD

— Orders: 10 years (legal obligation)
— Email marketing: until unsubscribe
— Cookies: 12 months (unless otherwise configured)
— Google Analytics: 14 months

9. CHILDREN'S RIGHTS

Our site is for adults (18+).
We do not collect children's data.
If this is the case: hello@kesso.com → immediate deletion.

10. MODIFICATIONS

We may modify this policy.
Notification by email if major changes.
Continued use = you accept new terms.

11. CONTACT

For privacy questions:
— Email: hello@kesso.com
— Response guaranteed within 48 hours

APPLICABLE LAW: French law + GDPR