At MONOPRIX Luxembourg , we take care of your data!
So that you can make your purchases with complete peace of mind, this charter presents in a single document clear and simple information concerning the data processing carried out by MONOPRIX. Luxembourg . This charter will allow you to better understand what personal data we collect and how we use it to provide you with new services on a daily basis, while respecting your rights.
Whatever purchasing or contact channel you choose, MONOPRIX Luxembourg undertakes, in accordance with current legislation, to protect your privacy by ensuring the protection, confidentiality, non-alteration, availability and security of the personal data that you entrust to us.
1. THE MAIN PRINCIPLES
MONOPRICE Luxembourg is committed to the essential principles for respecting fundamental rights:
- Transparency : we provide you with all the useful information on the processing of your data, in particular the purposes and recipients;
- Legitimacy and relevance : : we only collect and process data necessary for the purposes indicated;
- Confidentiality and Integrity : we implement all reasonable technical and organizational measures to protect your personal data against disclosure, loss, alteration or access by an unauthorized third party;
- Conservation : we keep your personal data only for the time necessary for the purposes of the processing or the specific service;
- Respect for your rights : we offer you the possibility to access, modify and oppose the processing of your data, either directly via your personal spaces, or via customer service or our Data Protection Officer.
- Commitment of our partners : the operations for which we use specialized partners are subject to a contract in order to ensure the protection of your data and the respect of your rights.
Your data is processed in the European Union.
However, in the event that MONOPRIX Luxembourg would use a service provider located outside the European Union, rules guaranteeing the protection and security of your information will be put in place (specific data protection clauses, security insurance plan, adequacy decision by the European Commission, etc.). These guarantees can be communicated to you upon simple request, with the exception of confidential elements subject to business secrecy.
2. HOW DO WE USE YOUR DATA?
Depending on your purchases and interactions with us, your data may be processed for the purposes described below.
If you have a customer account, you can change your data and contact preferences at any time in your customer area .
Management of payments, orders and deliveries
| Purposes | Take your orders, manage payments securely, send you your electronic receipts if necessary, and deliver to you efficiently. |
|---|---|
| Recipients | Sales and technical management, Customer service, your store if applicable, secure payment service providers, hosts of our merchant websites, platforms and delivery companies, authorized administrators and IT service providers. |
| Data processed and durations of conservation |
Identity, customer number, contact details, shopping carts and purchase history (3 years from the date of purchase), invoice or receipt (10 years), payment data (bank card data is encrypted from the transaction, and stored exclusively by the payment service provider anonymously, either for 13 months for a single payment, or, if you have saved your payment data for future transactions, for (1) the validity period of your payment method or (2) the duration of your commitment or (3) the deletion of the information by you). |
| Legal basis | Necessary for the performance of the contract. |
Customer relationship management
| Purposes | Manage your questions and complaints by communicating by any means at our disposal. |
|---|---|
| Recipients | Customer service, customer relationship management service providers, IT administrators and service providers. Where applicable, management of the store concerned or relevant management |
| Data processed and durations of conservation |
Identity, customer number, contact details, minutes of exchanges and complaints and file elements (3 years), random and sample recording of telephone conversations (6 months maximum). For product information requested in store, your email is kept for one month. |
| Legal basis | Necessary for the execution of the contract (in the event of an order and after-sales service), or legitimate interest (management of the quality of customer relations in the absence of an after-sales service request). |
Loyalty program management
| Purposes | Manage your loyalty program, offer you personalized discounts and benefits, carry out studies to adapt our offer. |
|---|---|
| Recipients | Marketing department, customer service, IT administrators, marketing research providers and coupon publishers, IT service providers. MONOPRIX store staff (who only see your identity data and contact details). |
| Data processed and durations of conservation |
Identity, customer number, contact details, online and in-store purchase history, customer segmentation (3 years from last contact). |
| Legal basis | Execution of the adhesion contract and consent. |
Management of your MONOPRIX.fr online accounts and MONOPRIX mobile applications
| Purposes | Allow you to consult and manage your personal space, ensure the proper technical functioning of MONOPRIX websites and applications, facilitate your navigation and your orders, allow you to benefit from MONOPRIX services, and manage your subscriptions and your shopping lists. |
|---|---|
| Recipients | MONOPRIX customer service, marketing services, administrators and IT service providers. |
| Data processed and durations of conservation |
Identity and customer account number, contact details and delivery address, shopping lists and wish lists, order history, other data you have provided (3 years from the last contact), technical connection data and IP address (13 months). |
| Legal basis | Execution of the Membership Agreement and Consent. |
Management of satisfaction surveys
| Purposes | Evaluate customer satisfaction after delivery, with a view to improving the quality of MONOPRIX products and services. |
|---|---|
| Recipients | Customer services, marketing services, authorized administrators and IT service providers, home delivery companies, satisfaction survey providers. |
| Data processed and durations of conservation |
Identity, contact details, purchase history, your comments and ratings, segmentation (2 years). |
| Legal basis | Legitimate interest, maintaining and improving the quality of MONOPRIX services, particularly after an order. |
Competition management
| Purposes | To make you participate in a game in order to win prizes. |
|---|---|
| Recipients | Marketing department, customer service, authorized administrators and IT service providers, and where applicable bailiff, game organization service providers and social networks used for the game (Facebook, Twitter, Instagram, etc.). |
| Data processed and durations of conservation |
Identity, customer number, contact details, kept for a maximum of 1 year from the prize award unless otherwise indicated in the game. |
| Legal basis | Consent. |
Management of the promotion of MONOPRIX products and services
| Purposes | To provide you with promotions, special offers, and MONOPRIX services. Advertising campaigns may be carried out by email, SMS, telephone, mail, push notifications or by displaying banners on the Internet, including on other websites depending on the cookies you have accepted. |
|---|---|
| Recipients | Sales, marketing, advertising agencies, marketing and targeting service providers, cookie publishers, technical service providers for sending emails, SMS, notifications and letters, authorized administrators and IT service providers. |
| Data processed and durations of conservation |
Identity data, customer number, contact details, online and in-store purchase history, customer segmentation data (3 years from the last contact), as well as browsing data (if you have accepted advertising cookies). |
| Legal basis | Legitimate interest or consent, depending in particular on the communication channel |
Management of the promotion of the products and services of our advertising partners
| Purposes | To provide you with promotions, offers and services offered by MONOPRIX partners and based on your interests. Our partners' advertising campaigns may be carried out by email, SMS, telephone, mail, or by displaying banners on the internet, including on other websites depending on the cookies you have accepted. |
|---|---|
| Recipients | For our main advertising partners, you can consult: Eulerian , RelevanC , Criteo , Google , Facebook , Adjust |
| Data processed and durations of conservation |
Identity data, customer number, contact details, browsing data (if you have accepted advertising cookies), as well as your profile data if you have not refused the personalization of offers (see processing "Management of the personalization of offers and marketing analyses"). This data is stored by our partners in accordance with their internal policies. |
| Legal basis | Legitimate interest or consent, depending in particular on the communication channel. |
Management of offer personalization and marketing analyses
| Purposes | Carry out marketing analyses, statistics and audience measurements and personalize the offers and communications you receive from MONOPRIX Luxembourg and/or its partners, in particular our advertising agency RelevanC and its advertising clients. |
|---|---|
| Recipients | Sales department, marketing department, marketing analysis providers, advertising agency RelevanC (joint controller), and advertising partners. For our main partners, you can consult: Eulerian , RelevanC , Criteo , Google , Facebook , Adjust |
| Data processed and durations of conservation |
Depending on your choices, the following may be processed: identity data, customer number, contact details, purchase history, customer segmentation, browsing data (if you have accepted advertising cookies). This data may be enriched by our partners or reconciled with the cookies and browsing data that you have agreed to share directly with them. This data is kept by MONOPRIX and its subcontractors for a maximum of 3 years from the last contact. |
| Legal basis | Legitimate interest and consent. |
Anti-fraud management
| Purposes | Combat fraud when ordering and delivering. A risk level (score) is assigned to each transaction by comparing the characteristics of the current transaction with the characteristics of past transactions that have resulted in proven fraud. These automated checks may lead to the refusal of the payment method, but only after systematic verification by a MONOPRIX employee (except for a clearly illegitimate order). |
|---|---|
| Recipients | Anti-fraud department, customer service, authorized administrators and IT service providers, subcontractors specializing in the fight against fraud, and where applicable, management of the store concerned. |
| Data processed and durations of conservation |
Identity, customer number, contact details, unpaid data, reports and case documents in the event of identity theft or payment method theft, correspondence, connection data, purchase history, transaction risk scoring, non-identifying list of proven fraud characteristics (2 years maximum from the order), copy of identity document or proof of address in the event of serious doubt about the legitimacy of the payment (24 hours) |
| Legal basis | Legitimate interest in preventing fraud |
Management of requests for the right of access, rectification, opposition, erasure, limitation, portability
| Purposes | Allow you to exercise your rights over your personal data. |
|---|---|
| Recipients | MONOPRIX Customer Service Luxembourg , customer contact center, data protection officer MONOPRIX Luxembourg . |
| Data processed and durations of conservation |
Content of our exchanges, identity, contact details, customer number or proof of identity (exceptionally if we have no other means of identifying you, kept for a maximum of 24 hours from verification), copy of the requested data (3 years from the closing of the request). |
| Legal basis | Legal obligation. |
Legal or regulatory requirement
We may be required to disclose your personal data in response to lawful requests by public authorities, including to meet national security, fraud prevention or other legal requirements.