Last update: October 29, 2025
Processing of personal data collected when using the site https://envoi-reco.com is carried out under the exclusive responsibility of a company of Irish law, whose complete information: Maxaco Limited, 51 Bracken Road, Sandyford, Dubin D18 CV48, registration number 801621. This company acts as a processor in the sense of the General Data Protection Regulation (GDPR – Regulation EU 2016/679).
Any questions relating to the management of personal data can be sent by e-mail to : relation-client@envoi-reco.com
In the course of using the Site and providing the services offered, several categories of personal data may be collected directly from the user, in particular when creating an account, placing an order or browsing the Site.
This data may include, but is not limited to: surnames, first names, postal addresses, e-mail addresses, telephone numbers, connection identifiers, data relating to postal mailings (recipient addresses, mail content), as well as technical navigation data such as IP address, terminal type or pages visited.
Bank details are never collected or stored directly by the Site, but only processed by approved third-party payment service providers.
The personal data collected is processed strictly within the framework of the services offered by the Site, for specific, explicit and legitimate purposes. In particular, they are used to create and manage customer accounts, process mail orders, track shipments, produce invoices, respond to customer service requests, prevent fraud, and analyze Site usage for the purposes of continuous improvement.
In addition, certain data is used, subject to the user's prior consent, for the management of cookies and tracers for statistical purposes (Google Analytics).
If the user ticks the "I agree to receive promotional communications from Envoi-reco and its partners" box, his/her data may also be used for commercial prospecting and marketing communications. Such processing will be strictly governed by the conditions set out at the time of collection, and consent may be withdrawn at any time.
The data processing carried out by the Site is based on several legal grounds provided for in Article 6 of the RGPD. This may involve the performance of a contract (fulfilling an order), compliance with legal obligations (keeping invoices), the legitimate interest of the data controller (securing the Site, fraud prevention, performance analysis), or the express consent of the user (non-essential cookies, personalized communications, commercial prospecting).
Personal data is only accessible to those authorized to process it by virtue of their functions. It is shared, on a limited basis, with certain service providers involved in the strict framework of service delivery (AWS hosting, postal service provider, secure payment provider).
These subcontractors are contractually bound to guarantee data confidentiality and security. No data is passed on to third parties for commercial purposes without the user's explicit consent.
Data is kept for a period strictly necessary to achieve the purposes for which it was collected, in compliance with legal obligations. Data relating to orders is kept for a period of six (6) years in accordance with accounting regulations.
Accounts that have been inactive for more than three (3) years may be deleted after prior notification. Browsing data collected by cookies is kept for a maximum of thirteen (13) months, and any requests to exercise rights are kept for one (1) year.
Data used for prospecting purposes is kept for a maximum of three (3) years from the last active contact.
Each user has, under the conditions provided for by the RGPD, rights relating to their personal data. In particular, they may exercise their right to access, rectify, delete, limit or oppose the processing of their data, as well as their right to data portability.
You may also withdraw your consent at any time if it constitutes the legal basis for the processing concerned.
To exercise his rights, the user is invited to send his request to the following address: relation-client@envoi-reco.com. A reply will be given within one month of receipt of the request.
In the event of persistent disagreement, the user may refer the matter to the competent authority, i.e. the Data Protection Commission (DPC) in Ireland.
The Service Provider implements appropriate physical, logical and organizational security measures to protect data against unauthorized access, loss, alteration or disclosure.
Hosting is provided by Amazon Web Services (AWS), whose infrastructure meets the most stringent international security standards.
Access to data is restricted to strictly authorized personnel, and connections are secured by SSL encryption.
The Site uses cookies and similar technologies to ensure the proper functioning of the service, to measure the audience and to improve the user experience.
On the first visit, an information banner allows the user to accept or refuse all or part of the cookies, with the exception of those that are strictly necessary. Consent is managed via the Cookiebot solution.
Users can change their choices at any time by accessing the cookie management panel at the bottom of the page.
Audience measurement cookies are provided by Google Analytics, with IP address anonymization activated by default.
No data is transferred outside the European Union without strict legal supervision. Where necessary, particularly in the case of hosting or use of service providers located outside the EEA, the Service Provider ensures that appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission.
The user may at any time send a request, question or complaint relating to the processing of his/her personal data to the following address: relation-client@envoi-reco.com.
In the event of an unresolved disagreement, he or she may refer the matter to the competent supervisory authority: the Data Protection Commission (DPC) in Ireland.