1. Introduction
This privacy policy describes how HORIA S.A collects, uses, stores and protects your personal data when you use our WooCommerce-based online store, as well as when you make purchases.
By using our website and services, you accept this privacy policy.
2. Data Controller
The controller responsible for processing personal data is:
HORIA S.A
Rue de l’Avenir 23
2852 Courtételle
Switzerland
For any questions relating to data protection:
You may contact us by postal mail at the address above or through the contact
methods indicated on our website.
3. Technical Service Provider (Web Programming)
The online store is developed and maintained by:
Novadev Sàrl
Rue des Places 38
2855 Glovelier
Switzerland
Novadev Sàrl may have access to certain technical data, for example for maintenance, support or hosting purposes, under a subcontracting agreement and only according to our instructions.
4. Personal Data Collected
We collect, in particular, the following data:
- Identification data: last name, first name, postal address, e-mail address, telephone number.
- Order data: products ordered, amounts, date and time of the order, delivery method, purchase history.
- Billing data: billing address, payment methods used (invoice, card), payment status.
- Communication data: exchanges by e-mail or via our contact form.
- Technical data: IP address, browser type, pages viewed, time of visit, cookies and similar technologies.
We only collect the data necessary to provide our services and process your orders.
5. Purposes of Processing
Your personal data is processed for the following purposes:
- Management of the online store and performance of the sales contract.
- Processing of orders, delivery and after-sales service.
- Management of billing and payments.
- Responding to your requests via contact forms or by e-mail.
- Improving our website, products and services.
- Compliance with our legal obligations, including accounting, tax obligations and document retention.
- Website security and prevention of abuse or fraud.
6. Legal Bases for Processing
We process your personal data on the following legal bases:
- Performance of a contract: processing your order, delivery, customer service.
- Compliance with legal obligations: tax and accounting obligations, retention of invoices.
- Legitimate interests: improving our offer, website security, fraud prevention.
- Your consent, where required, for example for certain cookies or marketing communications, if offered.
7. Payments and Payment Service Providers (Stripe / Cards / Invoice)
We offer the following payment methods:
- Payment by invoice
- Payment by credit or debit card
For card payments, we use the payment service provider Stripe.
When making an online payment, some of your data is transmitted to the relevant payment service provider, for example the amount, currency, transaction identifier, as well as data related to your payment method. These providers process your data in accordance with their own privacy policies.
We do not store the full numbers of your payment cards on our website. Transactions are encrypted and secured through the payment service provider.
8. Hosting and Technical Service Providers
Our website and WooCommerce store may be hosted by an external service provider (hosting provider). In this context, technical data such as server logs, IP address or browsing data may be processed to ensure the security, stability and proper functioning of the website.
Our service providers are required to process data only according to our instructions and in compliance with applicable data protection laws.
9. Cookies and Similar Technologies
Our online store uses cookies and similar technologies to:
- Ensure the basic functioning of the website: cart, session, identification.
- Remember certain preferences: language, cart contents.
- Possibly analyse website traffic: anonymised or pseudonymised statistics.
You can configure your browser to refuse all or some cookies. However, certain website features, including the cart and checkout process, may not function properly without technical cookies.
If we use analytical or marketing cookies subject to consent, these will only be placed with your agreement, in accordance with the cookie banner or cookie settings displayed on the website.
10. Data Recipients
We only transmit your data to the following categories of recipients and only to the extent necessary:
- Technical service providers: hosting provider, web developer, website maintenance.
- Payment service providers: Stripe, providers related to card payments.
- Logistics providers: carriers and postal services for the delivery of your orders.
- External advisors: fiduciary, accountant for accounting and tax management.
- Authorities or administrations, if required by law or to assert our rights.
We do not sell your personal data to third parties.
11. Transfers of Data Abroad
Certain service providers, for example payment or hosting providers, may be located or process data outside Switzerland and the European Union. In such cases, we ensure that the level of data protection is adequate, for example through adequacy decisions or standard contractual clauses, or that the necessary security measures are implemented.
12. Data Retention Period
We retain your personal data only for as long as necessary for the purposes for which it was collected, including:
- Order and billing data: statutory retention period, for example accounting and tax obligations.
- Customer account data: as long as your account is active, then for a reasonable period or in accordance with legal obligations.
- Contact data: the time necessary to process your requests, then possible archiving according to our legal obligations.
- Technical data: logs, cookies, limited retention period according to technical and security needs.
After the applicable periods expire, the data is deleted or anonymised.
13. Data Security
We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, misuse or modification.
This includes in particular:
- The use of secure connections (HTTPS).
- Measures restricting access to data.
- Collaboration with reliable service providers subject to contractual confidentiality and security obligations.
As no system offers absolute security, we cannot guarantee total protection against all risks.
14. Your Rights
Under applicable data protection laws, you have the following rights:
- Right of access: to obtain information about the data we process concerning you.
- Right to rectification: to request the correction of inaccurate or incomplete data.
- Right to erasure: to request the deletion of your data where legally possible.
- Right to restriction of processing: to request the restriction of certain processing under specific conditions.
- Right to object: to object to certain processing based on our legitimate interest.
- Right to data portability: to obtain certain data in a structured, commonly used and machine-readable format, where applicable.
To exercise your rights, you may contact us in writing at HORIA S.A’s postal address or via the contact methods indicated on our website. We may ask you for proof of identity in order to process your request.
15. Links to Other Websites
Our website may contain links to external websites that are not operated by HORIA S.A. We have no control over the content or privacy policies of these third-party websites and decline any responsibility in this regard. We recommend that you consult their own privacy policies.
16. Changes to the Privacy Policy
We may update this privacy policy to reflect changes to our services, legislation or other reasons. The version published on our website shall prevail. We invite you to consult it regularly.
17. Contact
For any questions, comments or requests relating to this privacy policy or the processing of your personal data, you may contact us at the following address:
HORIA S.A
Rue de l’Avenir 23
2852 Courtételle
Switzerland
Contact details, such as e-mail and telephone number, are available on our website.
