Politique de confidentialité -
Données personnelles

This Privacy Policy describes how NOVASTELL (the “Company”) collects and processes personal data through the website www.novastell.com
 (the “Site”).

It explains how we collect, use, and protect your personal data in accordance with French data protection laws, including Law No. 78-17 of January 6, 1978 (the “Data Protection Act”), and the EU General Data Protection Regulation (Regulation (EU) 2016/679 – GDPR).

By accessing and using our Site, you acknowledge that you have read and understood this Policy.
Any updates to this Privacy Policy will be communicated to you, and your renewed consent may be required to continue using our services.

1. Data Controller

 

The data controller responsible for processing your personal data is:

NOVASTELL SAS
Share capital: €20,000
Registered with the Evreux Trade and Companies Register under No. 491 122 024
Registered office: Vernon, France
Represented by Jacques Margnat


2. What Personal Data Do We Collect?

“Personal Data” refers to any information relating to an identified or identifiable natural person.

During your browsing and use of the Site, NOVASTELL may collect the following categories of data:

  • Identity data: Email address
  • Connection data: IP address
  • Geolocation data (if applicable)

You agree to provide accurate, current, and complete information and not to make any false or misleading declarations.

3.How  and Why Is Your Personal Data Collected?

3.1. Collection Methods

Your Personal Data may be collected when you:

 

  • Send an email to any address listed on the Site
  • Subscribe to our Newsletter

 

3.2. Legal Basis for Processing

Your Personal Data is collected and processed on the following legal grounds:

  • Your explicit consent (e.g., newsletter subscriptions)
  • Legal obligations applicable to the Company
  • Performance of a contract between the User and the Company
  • Legitimate interests of the Company (e.g., ensuring website and data security)

 

4. Purpose of Processing

4.1. General Principles

Mandatory Personal Data is necessary for processing your requests.
If this data is not provided, certain services may be unavailable. The mandatory nature of information is indicated during collection.

Optional data helps us better understand your preferences and enhance your browsing experience.

4.2. Purposes

Your Personal Data is collected and processed for the following purposes:

Managing newsletter subscriptions

Handling contact and support requests

 

5. Who Has Access to Your Personal Data?

5.1. Authorized Personnel

Your Personal Data may be accessed only by authorized NOVASTELL employees, including staff in:

Commercial and customer service

Marketing

Administration and logistics

IT and data management

5.2. Subcontractors

NOVASTELL may engage third-party service providers (“processors”) who:

  • process your data solely on behalf of and under the instructions of NOVASTELL
  • provide adequate technical and organizational guarantees to ensure data protection

 

If transfers occur outside the European Union, NOVASTELL ensures appropriate safeguards such as:

Standard Contractual Clauses adopted by the European Commission,

Binding Corporate Rules (BCRs), or

Participation in the EU–US Data Privacy Framework (if applicable).


6. How long your personal datas are retained?

Your Personal Data is retained only for as long as necessary to fulfill the purposes for which it was collected — for example, to manage communications or commercial relationships.

After this period, your data may be securely archived with restricted access, for the time required to:

Comply with legal and regulatory obligations, or

Establish, exercise, or defend legal claims.

Once no longer required, your data will be permanently deleted.



7. Data Security and Confidentiality

NOVASTELL processes your Personal Data in a manner that is:

 

  • lawful
  • fair
  • transparent
  • relevant and
  • proportionate to the stated purposes
  • limited to the necessary duration
  • secure
  • confidential

We apply appropriate technical and organizational security measures to prevent unauthorized access, alteration, loss, or disclosure of your Personal Data.

8. Your Rights

In accordance with the GDPR, you have the following rights regarding your Personal Data:

Right of access (Art. 15): Obtain confirmation whether your data is being processed and access to that data.

Right to rectification (Art. 16): Request correction or completion of inaccurate or outdated data.

Right to erasure (Art. 17): Request deletion of your data when it is no longer necessary.

Right to restriction of processing (Art. 18): Request limited processing under certain conditions.

Right to data portability (Art. 20): Receive your data in a structured, machine-readable format and transmit it to another controller.

Right to object (Art. 21): Object at any time to processing for legitimate reasons or marketing purposes.

To exercise these rights, please contact us at:
📧 contact@novastell.com

We will respond within one (1) month of receiving your request. This period may be extended by two (2) additional months depending on the complexity or number of requests.
If your request is denied, we will inform you of the reasons and your right to lodge a complaint with a supervisory authority.

The exercise of your rights is free of charge, except in cases of manifestly unfounded or excessive requests.

9. Data Breach Notification

In the event of a personal data breach that may pose a risk to your rights and freedoms, NOVASTELL will notify the CNIL (French Data Protection Authority) as soon as possible, and within 72 hours if required.
You will also be informed without undue delay, in accordance with Article 34 GDPR.

You may lodge a complaint at any time with the CNIL or any other competent supervisory authority.

10. Contact

For any questions about this Privacy Policy or the processing of your Personal Data, please contact our dedicated data protection team:
📧 contact@novastell.com

© 2020 – NOVASTELL. All rights reserved.