Privacy Policy

Last updated: May 2026

1. Data controller

The controller of your personal data is Mon Plaisir Secret, with its registered office in France. For any request relating to your data, you can contact us via the form at /en/contact.

2. Personal data collected

We collect the following personal data:

Identity data

First name, last name, email address

Delivery data

Full postal address, phone number

Transaction data

Order history, amounts, product references (no banking data)

Connection data

IP address, browser type, pages visited, session duration

Browsing preferences, session identifier (see Cookie Policy)

3. Purposes of processing

Order management

Contract performance

Order-related communications

Contract performance

Customer service

Legitimate interest / Contract performance

Site improvement and traffic analysis

Legitimate interest / Consent

Newsletter sending

Explicit consent

Compliance with legal obligations (invoicing, etc.)

Legal obligation

4. Retention period

• Customer account data: for the lifetime of the account + 3 years after the last activity.

• Order and invoice data: 10 years (legal accounting obligation).

• Connection data and logs: 12 months maximum.

• Cookies: 13 months maximum depending on purpose (see Cookie Policy).

5. Data recipients

Your data may be shared with third parties only as part of the performance of the contracted services:

• Carriers (for order delivery): first name, last name, address, phone.

• PayPal (payment processing): transaction data needed for payment.

• Hosting provider: OVH, with servers located in the European Union.

• Analytics tools: Google Analytics 4 (anonymised data).

No data is sold or transferred to third parties for commercial purposes.

6. Your rights

In accordance with the GDPR (EU Regulation 2016/679), you have the following rights over your personal data:

Right of access

Know what data we hold about you

Right to rectification

Correct inaccurate or incomplete data

Right to erasure

Request deletion of your data

Right to portability

Receive your data in a structured format

Right to object

Object to certain processing

Right to restriction

Restrict processing in certain cases

To exercise your rights, send us your request via our contact form. We will respond within a maximum of 30 days. You also have the right to lodge a complaint with the competent supervisory authority (CNIL in France, AEPD in Spain, or your local authority).

7. Data security

We implement appropriate technical and organisational measures to protect your personal data: HTTPS encryption, passwords hashed with bcrypt, restricted data access, regular backups. No banking data is stored on our servers.

8. International transfers

Your data is stored on servers located in the European Union. In the event of a transfer to countries outside the EU (for example, through Google Analytics), we ensure appropriate safeguards are in place in accordance with the GDPR (standard contractual clauses, etc.).