Close
Forgot your password?
Sign In
Create an account

Create an account to save time during checkout, view your shopping bag and saved items from any device and access your order history.

Create an account
Password fields don't match
I am already registered
 
Close
Country: France (EUR €)
Europe
France (€)
Austria (€)
Belgium (€)
Croatia (€)
Cyprus (€)
Estonia (€)
Finland (€)
Germany (€)
Greece (€)
Ireland (€)
Italy (€)
Latvia (€)
Lithuania (€)
Luxembourg (€)
Malta (€)
Netherlands (€)
Portugal (€)
Slovakia (€)
Slovenia (€)
Spain (€)
Switzerland (CHF)
United Kingdom (£)
North America
United-States ($)
Language: English
English
French
Apply
 
Your location is set to France

Shop in EUR €

 
cart
Close
Your cart is empty
Discover all our jewelry

Which packaging do you want? (Free)
Confirm message
 
Personal data protection policy

NOUVEL HERITAGE is a simplified joint stock company, with a share capital of 6.000.000 euros, registered in the Paris Trade and Companies Register under number 813 221 967, with its registered office at 4 Rue de la Paix - 75002 Paris (hereinafter referred to as "We").

Concerned about the protection of personal data, we comply with the European Regulation 2016/679 of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data known as the "General Data Protection Regulation or GDPR" (hereinafter the "GDPR") and the amended Act n°78-17 of January 6, 1978 on Data Processing, Data Files and Individual Liberties (hereinafter the "LIL").


This personal data protection policy (hereinafter the "Personal Data Protection Policy") describes the measures we take to protect the personal data we process and, more specifically, informs you of the ways in which we process your personal data as part of our business, in particular the management of our customer files, prospects, users of our website which is accessible at the following address: nouvelheritage.com/fr-fr (hereinafter the "Site") and our social networks in particular Facebook, Instagram and Pinterest, (hereinafter the "Social Networks").

The Personal Data Protection Policy is not of a contractual nature and does not create any obligation beyond what is already provided for by the aforementioned regulations on the protection of personal data.

If you are a minor under the age of 15 or incapable of giving consent, you declare that you have received the consent of your parents or legal representatives prior to the collection and processing of your personal data. If you are a minor under the age of 15, the processing of your personal data based on your consent is subject to your consent and that of the person(s) with parental authority over you.

If you are a parent or guardian and you believe that your child has provided us with personal data without your consent, please contact us by e-mail at the dedicated address conciergerie@nouvelheritage.com .

We may update and modify our Personal Data Protection Policy at any time. When your consent is required, we will obtain it. The latest version of the Personal Data Protection Policy is the one accessible on our Site.

The terms "controller", "processor", "personal data", "processing", "data breach", "member state" have the same meaning as assigned to them in the GDPR and the terms derived from them shall be interpreted identically.

1. Who is responsible for processing your personal data?

We are responsible for the processing of your personal data collected on our Site.

If you have any questions about the processing of your personal data in our capacity as data controller, you can contact us by :

-        E-mail, to the following address: dpo@nouvelheritage.com

-        By post, to the following postal address: 4 Rue de la Paix - 75002 Paris

-        Telephone, on the following number: 01 82 82 19 11


2. When do we collect your personal data?

Your personal data may be collected when:

-          You have browsed our Site;

-          You have created a customer account on our Site;

-          You have purchased our products on our Site;

-          You have contacted us or asked to be contacted by any means of communication (telephone, post, e-mail, contact form on our Site, online chat, Social Networks, etc.);

-          You have exchanged information with us;

-          You have asked to be notified of the availability of a product;

-          You have asked to receive our newsletters, news and offers;

-          You have left a review of our services, products or Site;

-          You have taken part in a contest or event organized by us;

-          You have taken part in satisfaction surveys;

-          You have requested that we send you promotional messages related to our business;

-          You have consulted, subscribed to, used and/or posted comments or content on one of our Social Networks;

-          You have applied for a position with us;

-          You have consented to your data being included in third-party files or directories, and to your data being passed on to us;

-          You have made a request to exercise your rights.

Your personal data may be communicated to us voluntarily by yourself or by another person, such as a member of the organization in which you work or on whose behalf you intervene, one of your friends, a member of your family or any person who has wished to give you a gift, or by partners.

Personal data may also be collected via cookies and other Internet tracers on our Site. In this respect, we invite you to consult our Cookies policy.

3. What personal data do we collect?

We process the following personal data:

-          For the creation of a customer account: surname, first name, e-mail address and password.

If you do not provide this information, we will not be able to create a customer account for you. This requirement to provide personal data is contractual in nature.

-        For the management and processing of your contact and information requests: name and e-mail address.

If you do not provide this information, we will not be able to respond to your contact or information request. This requirement to provide personal data is contractual in nature.

-        For the management and processing of orders, commercial relations (commercial and promotional operations) and complaints: title, surname, first name, e-mail address, postal addresses (delivery address, billing address), telephone number, finger, wrist and neck sizes, all information relating to requests for the creation of personalized products, all information relating to gift cards such as the surname, first name, e-mail address of the beneficiary, all information relating to your loyalty program, and, where applicable, purchase and contract data (transaction number, order details, product(s) purchased, product reference(s), quantity, amount, frequency, purchase history, product returns, correspondence between you and our services), payment data (payment methods, discounts granted, receipts, balances and unpaid invoices).

In the event of failure to provide this information, we will be unable to execute order contracts, manage the commercial relationship, and follow up and respond to your complaints. This requirement to provide personal data is contractual in nature.

-        For newsletters, updates and offers: e-mail address.

If you do not provide this information, we will not be able to send you newsletters, updates and offers. This requirement to provide personal data is a regulatory requirement.

-        To improve the quality of our assistance and services: history of written conversations by chat and telephone conversations you may have with our customer service department, activity data on the Site, such as type of pages visited, date of visit or actions carried out on the Site such as placing an item in the shopping cart, products consulted, IP address, connection data, language, location data, preferences, browsing history;

Failure to record this information may prevent us from improving the quality of our assistance and services. This requirement to provide personal data is contractual in nature.

-          For the management of the events we organize: last name, first name, telephone number, e-mail address.

If you do not provide this information, we will not be able to register you for the events we organize. This requirement to provide personal data is a regulatory requirement.

-          For the management and processing of your application: name, e-mail address, telephone number, LinkedIn profile, curriculum vitae, education, professional experience, skills, information about the job you are applying for, function sought.


If you fail to provide this information, we will not be able to respond to your application. This requirement to provide personal data is contractual in nature.

-          In order to exercise your rights as set out below, we may require information or documents proving your identity or additional information on the nature of your requests.

Failure to provide this information may prevent us from responding to your requests. This requirement to provide personal data is of a regulatory nature.

The mandatory nature of the data requested is indicated at the time of collection by an asterisk.

The collection of other personal data may be compulsory. All personal data whose collection is mandatory, the contractual or regulatory nature of this obligation to provide data, as well as the consequences of failing to provide personal data, are then brought to your attention directly at the time of collection.

You may voluntarily communicate personal data when using our Social Networks and the free text zones available on our Site, in the forms on our Site, in online chat or during our exchanges. Please note that you should only provide appropriate and relevant information. You must not write excessive or insulting comments, nor communicate data considered sensitive under Article 9 of the GDPR (racial or ethnic origin, political, philosophical or religious opinions, trade union membership, data relating to health or sex life, offences, convictions, security measures). You agree not to engage in illegal activities or harm third parties. In the event of non-compliance with these commitments, we reserve the right to take any action necessary to protect our rights and those of our staff. We invite you to consult the personal data protection policies of the various Social Networks to find out what personal data may be transmitted by them.

We do not process personal data relating to credit cards. Transactions are processed entirely by the payment modules.

4. What are the purposes and legal bases for processing your personal data?

Your personal data is collected for the purposes and according to the legal bases detailed in this table:


Data protection policy Data protection policy
5. Who will receive your personal data?

The personal data we collect is intended for authorized personnel working in our customer service, accounting, marketing, sales, legal and human resources, administrative and financial departments.

We may also communicate your personal data to : 

-          to our subcontractors (and to their own subcontractors, where applicable) where this is strictly necessary for the performance of our services and obligations in the context of the purposes described above (transport service providers, IT service providers, technical service providers, payment service providers, identity verification service providers, fraud prevention and anti-fraud service providers, competition organization service providers, event service providers, suppliers of analytical solutions, collection companies and credit organizations, accounting firms and certified public accountants, law firms, audit firms, marketing service providers). Our subcontractors are bound by confidentiality and security obligations, as well as other obligations listed in the GDPR;

-          to financial, judicial, police, administrative authorities or state agencies, customs services (in the case of deliveries abroad), public agencies and regulatory authorities with whom we may, in particular in the context of proceedings, litigation, control and/or a request, be required to disclose certain data, on request and within the limits permitted by regulations;

-         to our beneficiaries or potential successors ;

-         to our business partners, subject to your consent;

-         to third parties who may place cookies on your terminals (computers, tablets, cell phones, etc.) with your consent (for more details, please consult our Cookies policy.

In accordance with Article 19 of the GDPR, we will notify each recipient to whom your personal data has been communicated of any request for rectification, erasure or restriction of processing made in accordance with Article 16, Article 17(1) or Article 18 of the GDPR (see below in Article 6.), unless such communication proves impossible or requires disproportionate efforts.


6. What are your rights and how can you exercise them?

You have, under the conditions of Article 15 of the GDPR, and with certain exemptions, the following rights:

-         right to obtain confirmation that your personal data are or are not being processed and, where they are, to access your personal data and several information on the processing operations ( right of access by the data subject );

-         right to object, for reasons relating to your particular situation, to our processing of your personal data ( right to object );

-         right to have inaccurate data corrected ( right to rectification );

-         right to obtain the deletion of your data in certain cases ( right to erasure or "right to be forgotten" );

-         right to receive the personal data you have provided us with, in a structured, commonly used and machine-readable format, and/or to ask us to transfer your data to another data controller, where the processing is based on your consent or on a contract and the processing is carried out using automated processes (right to data portability) ;

-         right to restrict processing in certain cases (right to restriction of processing);

-         right to define directives concerning the conservation, erasure and communication of your personal data after your death. These directives may be general or specific. We can only be custodian of specific directives concerning your personal data that we process. General directives may be collected and stored by a trusted digital third party certified by the Commission Nationale de l'Informatique et des Libertés (hereinafter "CNIL"). You also have the right to designate a third party to whom your personal data may be communicated after your death. In this case, you undertake to inform this third party of your wish and of the fact that unambiguously identifiable data will be transmitted to us, and to inform them of the present Personal Data Protection Policy;

-         right to withdraw your consent at any time to the processing of your personal data where such processing is based on such consent, without affecting the lawfulness of the processing carried out prior to such withdrawal ( right to withdraw your consent );

-         right to object to the processing of your personal data for commercial prospecting purposes ( right to object to commercial prospecting );

-         right not to be subject to a decision based exclusively on automated processing that produces legal effects concerning you or significantly affects you in a similar way ( right not to be subject to a decision based solely on automated processing );

-         right to make a complaint with the competent supervisory authority , which in France is the CNIL, and to bring an action against us before the competent courts if you consider that we have infringed your personal data rights. You may also claim full compensation for any damage suffered.

Whether or not these various rights exist depends in particular on the legal basis of the processing concerned by the request. These rights are not unlimited either, and in some cases we may therefore refuse your request (for example, for compelling legitimate reasons in the case of the right to object). Thus, in certain cases, we may reply that your request cannot be answered positively by us, and we will explain why we cannot comply.

In the event of reasonable doubt on our part as to your identity, we may request additional information or documents in order to verify your identity (for example, in certain cases, a copy of the black and white front of your identity card).

Subject to the conditions laid down by law, you may exercise your rights by writing to us at the address given above (point 1) .

We will do our utmost to respond to your requests within a reasonable timeframe and, in any event, within the deadlines set by the regulations in force.


7. How long will your personal data be stored?

Your personal data will be kept for the time strictly necessary for the purposes described above.


Data protection policy Data protection policy
At the end of the periods listed below, your personal data will either be erased or made anonymous so that it can no longer be used to identify you.

By way of exception, in the event of pre-litigation or litigation, all or some of your personal data may be stored for a longer period of time, in intermediate storage, with access restricted to authorized persons only, if it proves useful for the said pre-litigation or litigation.


8. What security measures do we take to protect your personal data?

Respecting your right to data protection, security and confidentiality is our priority.

We implement organizational and technical security measures adapted to the degree of sensitivity of your personal data to protect it against malicious intrusion, accidental loss, accidental or unlawful destruction, alteration or disclosure to unauthorized third parties.

All online payments are made in compliance with the Payment Card Industry Data Security Standard (PCI DSS). PCI DSS is an international security standard that ensures data confidentiality and integrity, making transactions more secure.

Finally, where we detect a personal data breach that is likely to result in a high risk to your rights and freedoms, we will inform you of the breach as soon as possible, in accordance with the GDPR.

9. Where is your personal data stored?


Your personal data is stored on secure servers located in Canada.

However, we may transmit all or part of your personal data to some of our subcontractors and partners established outside the European Union, for the purposes mentioned above.

As a general rule, we ensure that these transfers of personal data outside the European Union are carried out in accordance with our Personal Data Protection Policy. Where the non-European Union state of destination of personal data has not been officially recognized as offering an adequate level of protection by the European Commission, we undertake to provide appropriate safeguards to protect your personal data, in accordance with Article 46 of the GDPR, in particular through the use of standard contractual clauses approved by the European Commission. We also ensure that you always have enforceable rights and effective legal remedies.

Free delivery
Free shipping on all orders
Free returns
Free refund or exchange within 14 days of the delivery date
Secure payment
Visa, MasterCard, Amex and more