Korak, a SAS company with a share capital of €10,417, having its registered office at 61 rue de Lyon, Paris, France, registered with the Paris Trade and Companies Register under number 949 865 174 (hereinafter referred to as “Korak”), operates the Korak web application, notably accessible from the website appkorak.com, which serves as an online platform providing access to a range of private sales areas (hereinafter referred to as the “Application” or the “Webapp”). Korak may collect and process certain personal data relating to natural persons (hereinafter referred to as the “Users”) who use the Application.
As a result, Korak acts as data controller. Korak places particular importance on respecting the right to privacy and recognizes the importance of protecting personal data. To this end, Korak (and consequently, its employees, agents, partners and subcontractors) undertakes to process Users’ personal data in accordance with Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter the “GDPR”), French Law No. 78-17 of 6 January 1978 on information technology, files and civil liberties (hereinafter “Law No. 78-17”), as well as the provisions of this Korak Privacy Policy (hereinafter the “Privacy Policy”).
The purpose of this Privacy Policy is to detail the personal data collected and processed by Korak, the measures implemented to ensure optimal protection of such data, and the rights available to Users concerned.
Personal data means any information relating to an identified or identifiable natural person. A natural person is identifiable when they can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, or an online identifier.Korak may collect personal data from Users in the following situations:When creating a User account on the Application;
When placing an order on the Application;
When paying for an order;
When accessing the User account on the Application;
When contacting Korak’s customer service through any communication channel made available;
When accessing new private sales areas;
When sending invitations to friends;
When browsing the Application;
When consenting to receive commercial communications from Korak.
Information required to be provided to Korak is clearly identified when collecting a User’s personal data.
On each personal data collection form, Users are informed whether responses are mandatory or optional, indicated by an asterisk.When responses are mandatory, Korak explains the consequences of not providing them. The categories of personal data collected through the use of the Application include:Identification data (e.g., surname, first name, title);
Contact details (e.g., telephone number, email address, postal address);
Login data (e.g., logs);
Payment-related information (e.g., bank details);
Data relating to transactions carried out through the Application (e.g., order history, links with other users);
Access to private sales areas offered by brands on the Application.
Korak does not collect or process sensitive data within the meaning of Article 9 of the GDPR.
In accordance with applicable personal data protection legislation, Korak’s data processing activities rely on one of the following legal bases:
Performance of contractual relationships between Korak and Users: To create a User account and make purchases via the Application, Users must accept the Application’s terms and conditions of sale and use, thereby establishing a contractual relationship with Korak. The personal data collected in this context are necessary to perform such contracts.
User consent: Korak processes certain personal data after obtaining the explicit consent of Users. For example, during browsing, Korak may place cookies on Users’ devices (such as a computer or mobile device) and collect consent via a cookie banner. Similarly, consent is obtained before sending promotional offers or newsletters.
Compliance with a legal obligation: Some processing activities are required by law, such as the prevention and fight against fraud in order payments.
Korak’s legitimate interest: In certain cases, Korak may have a legitimate interest in processing personal data, provided such processing is necessary to pursue this interest and does not override Users’ fundamental rights and freedoms. This may include analyzing browsing activity to improve user experience, as well as managing disputes.
Personal data of Users are processed for the following purposes:Creating a User account on the Application;
- Accessing and managing the User account;
- Processing, managing and delivering orders placed through the Application;
- Managing and tracking access to one or more private sales areas of brands;
- Managing and monitoring relationships between Users;
- Managing and monitoring commercial relationships between Korak and each User;
- Sending promotional offers and newsletters from Korak;
- Producing audience measurement statistics to improve Korak’s business and marketing activities;
- Communicating with a User contacting customer service;
- Preventing and combating fraud in order payments;
- Managing disputes;
- Handling requests to exercise the rights set out in Article 6.
Users’ personal data are retained by Korak for a period of three (3) years from the last contact with the User concerned. Audience measurement statistics are not retained for more than six (6) months.
However, once these periods have expired, the data collected and processed may be subject to secondary archiving so that Korak can comply with its legal obligations. For example, documents relating to order management will be kept for ten (10) years.
Certain data may be archived beyond the stated periods (i) in the event of legal proceedings to establish the facts in dispute; and/or (ii) for the purpose of investigating, recording and prosecuting criminal offenses, solely to enable such data to be made available to the judicial authority if necessary. Archiving means that such data are no longer available online but are extracted and stored on a separate, secure medium.
Beyond the periods defined in this Privacy Policy, Users’ personal data are deleted.
Users have the right to access, amend, object to, restrict, transfer, rectify, define instructions on the fate of their data after their death, and request the deletion of their personal data. These rights are subject to the following rules:
(i) The request must come from the individual concerned and be accompanied by a valid ID;
(ii) The request must be made in writing to the following address: contact@appkorak.com
In accordance with the right to data portability, the requested information will be provided electronically unless expressly requested otherwise.
With regard to the right of erasure, this right does not apply where processing is necessary to comply with a legal obligation.
Korak has one (1) month from receipt of the User’s request to respond. When exercising their rights, Users may specify the address to which the response should be sent. Users are also informed of their right to lodge a complaint with the CNIL.
Data collected are considered strictly confidential and intended exclusively for Korak’s use. However, some personal data may be securely transferred to third parties where necessary to achieve the purposes described above.The categories of recipients that may receive Users’ personal data include:Service providers under contract with Korak to ensure operation and maintenance of the Application (e.g., hosting providers);
- Partners under contract with Korak to perform contracts concluded with Users (e.g., delivery providers, banking providers, brand owners featured on the Application);
- Korak employees in IT, sales or marketing, expressly authorized;
- Certain regulated professionals such as accountants, statutory auditors or lawyers;
- Where applicable, financial, judicial or administrative authorities upon request, within the limits permitted by applicable law.
Korak ensures that all recipients of Users’ personal data prioritize data protection, contractually commit to obligations at least equivalent to those set out in this Privacy Policy, and take all necessary measures to ensure the security and confidentiality of personal data.
Korak takes all necessary measures to avoid transferring personal data outside the European Union.
However, in cases where Korak is required to share Users’ personal data with third parties located outside the European Economic Area, in a country not recognized as providing an adequate level of protection under the GDPR, Korak ensures such transfers are governed by appropriate contractual arrangements. Korak guarantees that the level of protection required within the EU is maintained.
Korak, or one of its partners, may place cookies on Users’ devices in order to collect information about their use of the Application. Unless otherwise permitted by law, Korak obtains Users’ consent for this purpose.
Cookies are small text files stored in the User’s browser or device by websites, applications, online media and advertisements. These cookies help Korak remember the User when they access the Application, as well as certain information about previous visits.
The categories of cookies that may be placed on Users’ devices when browsing the Application are as follows:
Strictly necessary cookies: Allow Users to authenticate, browse the Application and place orders, without requiring explicit consent.
Functionality cookies: Allow Users to navigate and use features such as secure areas, making browsing easier.
Analytics cookies: Used to measure and analyze Users’ use of the Application.
Preference cookies: Allow Korak to remember Users’ preferences, such as their name, language or location.
Advertising cookies: Some cookies may be placed by Korak’s partners, subject to User consent.
Each User can refuse non-essential cookies via the cookie banner or by configuring their browser.
Korak may update this Privacy Policy.
In such case, Korak undertakes to obtain the User’s acceptance of the new Privacy Policy when they next access the Application.
La société Korak est soutenue par
