Legal & GDPR Compliance

European Union Requirements & Data Protection

Clairvaux Global Ventures Inc. is committed to full compliance with European Union laws and regulations, including the General Data Protection Regulation (GDPR). As a company operating across the EU through our Michelle&ClairVaux marketplace, we take our legal obligations seriously and ensure the highest standards of data protection and privacy for all our customers and partners.

Your Privacy & Rights Matter
We believe that privacy is a fundamental right. Our commitment to GDPR compliance ensures that your personal data is protected, your rights are respected, and our business practices meet the highest European standards for data protection and consumer rights.

GDPR Compliance Framework

Data Controller Information
Clairvaux Global Ventures Inc.
Operating as: Michelle&ClairVaux
Company Number: 87637340
VAT Number: NL87637340B01
Registered Address: Amsterdam, The Netherlands
Email: admin@michelle-clairvaux.com
Phone: +31 6 29 74 52 32
Legal Basis for Processing
We process personal data based on the following legal grounds under GDPR Article 6:
  • Contract Performance: Processing necessary for order fulfillment, customer service, and account management
  • Legitimate Interest: Marketing communications, fraud prevention, and business analytics
  • Consent: Newsletter subscriptions, marketing preferences, and optional data collection
  • Legal Obligation: Tax records, accounting requirements, and regulatory compliance
Data We Collect
We collect and process the following categories of personal data:
  • Identity Data: Name, email address, phone number
  • Contact Data: Billing and delivery addresses
  • Financial Data: Payment information (processed securely by third-party providers)
  • Transaction Data: Order history, preferences, and purchase behavior
  • Technical Data: IP address, browser type, device information, cookies
  • Marketing Data: Communication preferences and marketing consent
How We Use Your Data
Your personal data is used for the following purposes:
  • Processing and fulfilling your orders
  • Providing customer service and support
  • Managing your account and preferences
  • Sending transactional communications
  • Marketing communications (with your consent)
  • Improving our products and services
  • Fraud prevention and security
  • Legal and regulatory compliance
Data Sharing & Third Parties
We may share your data with:
  • Service Providers: Payment processors, shipping companies, email services
  • Partner Brands: For order fulfillment and customer service (under strict data processing agreements)
  • Legal Authorities: When required by law or to protect our rights
  • Business Transfers: In case of merger, acquisition, or sale of business assets
We never sell your personal data to third parties for marketing purposes.
International Data Transfers
When we transfer data outside the EU/EEA, we ensure adequate protection through:
  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules
  • Certification schemes and codes of conduct
All international transfers comply with GDPR Chapter V requirements.

Your GDPR Rights

Right of Access (Article 15)
You have the right to request confirmation of whether we process your personal data and to receive a copy of your data. We will provide this information within one month of your request.
Right to Rectification (Article 16)
You can request correction of inaccurate personal data and completion of incomplete data. You can update most information directly in your account settings.
Right to Erasure (Article 17)
You can request deletion of your personal data when it's no longer necessary for the original purpose, you withdraw consent, or the data has been unlawfully processed.
Right to Restrict Processing (Article 18)
You can request limitation of processing when you contest data accuracy, processing is unlawful, or you need the data for legal claims.
Right to Data Portability (Article 20)
You can request your data in a structured, machine-readable format and have it transmitted to another controller where technically feasible.
Right to Object (Article 21)
You can object to processing based on legitimate interests or for direct marketing purposes. We will stop processing unless we have compelling legitimate grounds.

Data Security & Retention

We implement appropriate technical and organizational measures to ensure data security, including:

Security Measures
  • SSL/TLS encryption for data transmission
  • Secure data storage with encryption at rest
  • Regular security assessments and updates
  • Access controls and authentication systems
  • Staff training on data protection
  • Incident response procedures
Data Retention Periods
  • Customer Account Data: Until account deletion or 3 years of inactivity
  • Order Data: 7 years for tax and accounting purposes
  • Marketing Data: Until consent withdrawal or 2 years of inactivity
  • Technical Data: 13 months for analytics cookies
  • Support Communications: 3 years for quality assurance

Cookies & Tracking

We use cookies and similar technologies to enhance your browsing experience and analyze website performance. Our cookie policy complies with EU ePrivacy Directive requirements.

Cookie Categories
  • Strictly Necessary: Essential for website functionality (no consent required)
  • Performance: Analytics and website optimization (consent required)
  • Functional: Enhanced features and personalization (consent required)
  • Marketing: Advertising and social media integration (consent required)
You can manage cookie preferences through our cookie banner and browser settings.

Consumer Rights & Compliance

EU Consumer Rights Directive
As an EU-operating business, we comply with the Consumer Rights Directive, providing:
  • 14-day cooling-off period for online purchases
  • Clear information about products and services
  • Transparent pricing and additional charges
  • Right to cancel contracts within the cooling-off period
  • Standardized withdrawal form
Digital Services Act (DSA)
We comply with the EU Digital Services Act requirements:
  • Transparent terms and conditions
  • Clear content moderation policies
  • Accessible complaint mechanisms
  • Risk assessment and mitigation measures
  • Regular transparency reporting
Accessibility Compliance
Our website strives to meet WCAG 2.1 AA accessibility standards and EU Web Accessibility Directive requirements to ensure equal access for all users, including those with disabilities.
Data Protection Officer & Contact
For any questions about our data processing, to exercise your GDPR rights, or to file a complaint, please contact us. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your data properly.
Contact Data Protection Call Us

Updates & Changes

This legal and privacy notice may be updated periodically to reflect changes in our practices or applicable laws. We will notify you of any material changes through email or prominent website notices. The current version is always available on this page.

Last Updated: January 2025

Next Review: July 2025