THENSEL SNC (as defined in Article 1 below), operating under the MYTODO trademark, offers items for sale on its website www.mytodo.co.
In order to offer for sale, sell and deliver its products, MYTODO collects personal data from users of its website and its mobile application.
The customer is informed that certain data must be collected by MYTODO in order to perform its services. If the customer does not wish to disclose this data, MYTODO will not be able to perform its services.
The controller, who collects the personal data and implements the data processing operations, is: THENSEL SNC company with registered head office situated at B.go E. Valla 9, 43121 Parma (PR) - Italy, registered with the Camera di Commercio di Parma and Trade register under n°242847, with a VAT n° 02491780348.
2. Collection of personal data
MYTODO collects users' personal data on the website www.mytodo.co.
The personal data that may be collected are as follows :
- user account data: the data provided by the User when creating an account by filling in the registration form (name, surname, billing and delivery postal addresses, email address, mobile phone number, password for connecting to the customer account);
- personal data of the user when he/she enters it in his/her customer account;
- transaction data: means the data that the user provides when making purchases, information relating to orders placed and returned items such as telephone number, address, e-mail address and information relating to payment method;
- exchanges with customer service;
- browsing data: refers to the data collected by the Publisher while the User is browsing the Website and the Applications, such as the date, time of connection and/or browsing, browser type, browser language, IP address, location data and geolocation.
The data relating to the payment method (credit card number, expiry date, authorization number, security code) are collected directly by our service providers Stripe and Paypal.
Third-party providers of applications, tools, gadgets and plug-ins on our website and mobile application, as well as the networks on which we publish editorial and promotional content (such as Facebook and Instagram) may also use automated, context-based and interest related means to collect user data (interactions with functions and profiling of the online activity). This data is collected directly by such providers and/or third parties and is subject to their policies. To the extent permitted by applicable law, THENSEL SNC is not responsible for the practices of such service providers and third parties.
3. Purposes of the collection of personal data
Data collected in connection with the use of the website, the application are processed for the purposes described in the table below.
The regulations in force protect the privacy of users and require any controller to be able to provide legitimate grounds for such processing. The regulations thus provide, among the legal bases for treatment, the following:
- performance of an agreement to which the relevant person is a party, such as a sales contract. For example, certain personal data of the customer is necessary to deliver the item, manage the customer's account and process any returned items;
- compliance with a legal obligation, in particular an accounting obligation by retaining invoices;
- prior consent of the relevant person;
- legitimate interest of the controller, while complying with users' rights and freedoms. For example, improving the customer experience or preventing fraud may justify data collection.
MYTODO does not share any personal data for commercial purposes with third parties.
Users may edit their personal data and withdraw their consent at any time by connecting to their customer account.
4. Providers with access to users' personal data
The personal data collected is transmitted to MYTODO‘s service providers, who may process it on behalf of MYTODO (processors) and/or on their own behalf (recipients of the data).
The recipients of the data are :
- Stripe and Paypal, payment providers
- any police or administrative authority in connection with judicial requisitions concerning the fight against fraud
- customs authorities and service providers in the event of delivery abroad.
MYTODO's processors may have access to data collected for the purpose of:
- preparing, shipping orders and returning products
- improving the content of websites and mobile applications
- technical maintenance and development of MYTODO website, and internal applications, including entities that perform orders and provide web hosting, information storage, email service providers, as well as analysis services, and tag management.
5. Users' rights over their personal data
In accordance with Articles 14 to 22 of Regulation 2016/679 of April 27, 2016, any natural person using the MYTODO website has the right to exercise the following rights:
- a right of access, rectification and erasure of the data collected,
- a right to object to the processing of their data
- a right to the restriction of the processing,
- a right to the portability of the data collectedthe option to formulate instructions relating to the retention, erasure and transmission of his/her personal data after his/her death in accordance with Article 40-1 of Law 78-17 of January 6, 1978
Lastly, if MYTODO detects a violation of personal data likely to create a significant risk to the rights and freedoms of its users, it undertakes to inform the relevant users in the shortest possible time.
Users may exercise all these rights by connecting to their customer account, by contacting customer service at : By e-mail: firstname.lastname@example.org.
By the mail: THENSEL SNC - B.go E. Valla 9, 43121 Parma (PR) - Italy
Users must enclose proof of identity with their application.
In case of non-response or unsatisfactory response, users may contact the supervisory authority of their country.
6. Data retention period
User data will not be retained beyond the period strictly necessary for the purposes set out herein and in accordance with applicable regulations and laws. In this respect, the data used for canvassing purposes may be retained for a maximum period of 3 years from the termination of the user's account or the last contact with the relevant prospect. User data is deleted upon expiry of storage periods. Nevertheless, the data may be archived beyond the specified periods for the purposes of investigating, establishing and prosecuting criminal offences for the sole purpose of making the data available to the judicial authority, where necessary.
Archiving implies that this data will be anonymized and will no longer be available online but will be extracted and stored on an autonomous and secure medium.
7. Security measures for the personal data collected
In its capacity as data controller, MYTODO undertakes to take all necessary measures to preserve the security and confidentiality of the data and, in particular, to prevent it from being altered, distorted or accessed by unauthorised third parties.
MYTODO has entered into service agreements with business partners who have extensive expertise in the field of data protection.
Payment service providers
The payment of the purchases on the website and on the mobile application is carried out either via Paypal, or via the secure platform of our payment provider Stripe.
Paypal (Europe) S.à.r.l. et Cie is a Luxembourg limited partnership with shares, registered in the Luxembourg Register of Companies under number B118349, having its registered office at 22-24, Boulevard Royal - L-2449 Luxembourg. For further information, Customers may refer to the following website: https://www.paypal.com.
STRIPE INC . is an american company 185 Berry Street, Suite 550, San Francisco CA 94107 For further information, Customers may refer to the following website:
MYTODO does not have access to customer payment data.
However, users may opt to save their payment card data in their customer account. This data is not stored with MYTODO, but with Stripe and/or Paypal. Users may edit or delete these bank details at any time by connecting to their customer account.
8. Cookies, Terms of service and trackers
When browsing our website and the mobile application, information relating to the navigation of the user's terminal (computer, tablet, smartphone, etc.) may be saved through files referred to as "Cookies".
A cookie allows tracking the browsing or analyzing user behavior, including:
- measuring the number of visitors to our website and application, as well as their content;
- saving customer account information when the user is logged in;
- saving the shopping cart for 30 minutes; customizing the display of content accessible to the user.
L’utilisateur peut modifier ses préférences en matière de cookies, au travers du logiciel de navigation utilisé :
- Internet Explorer : http://windows.microsoft.com/fr-FR/windows-vista/Block-or-allow-cookies ,
Users may also refuse to accept cookies on the follwing website: http://www.youronlinechoices.com/it/le-tue-scelte
9. Social Networks
MYTODO‘s official Facebook and Instagram accounts can allow users to post their content. Users are informed that the content published on these social networks may be viewed by any third party, and that greater vigilance is required from users when they provide certain personal data on these sites or applications such as financial data, addresses or any sensitive data. MYTODO is in no case liable for any damage caused by third parties as a result of or resulting from the publication of their personal data by users.
10. Links to third-party sites
The website and the application may provide links to websites, applications and services other than those of MYTODO, which may be operated by third parties.
MYTODO is not responsible for the processing of personal data by these third party websites. Users should consult the relevant personal data protection policies.