Privacy Policy - Cellaris

This Privacy Policy explains how we handle your personal data on the Cellaris Platform. Read together with our Terms & Conditions (Section 10).

Last Updated: September 30, 2025

CELLARIS SAS
RCS Toulouse 952 076 198
2 rue Raymond Boulogne C41, 31500 Toulouse, France
contact@cellaris.com

1. DATA CONTROLLER

Cellaris SAS is responsible for your personal data.

Privacy contact: contact@cellaris.com

2. DATA WE COLLECT

Personal Information

• Name, email, phone, date of birth

• Billing address

• Payment details (via Stripe)

For Sellers

• Business documents (KBIS, VAT, SIRET)

• Identity documents and bank details

• Professional certifications

Automatic Collection

• IP address, browser, device information

• Pages visited and usage patterns

• Cookies (see Section 5)

Third-Party Data

• Age and identity verification results

• Payment confirmations (Stripe)

• Analytics: Google Analytics privacy policy

We're not responsible for third-party privacy practices.

3. HOW WE USE YOUR DATA

Services

• Account and authentication

• Order processing and payments

• Wine authentication (blockchain) : Wine authentication data stored on blockchain is permanent and cannot be deleted. We use pseudonymization - only wine details, not personal identifiers, appear on-chain.

• Customer support

Legal Requirements:

• Tax obligations (10-year retention)

• Age verification: Platform only for legal drinking age. We don't collect minor data. If discovered, we delete immediately.

• AML compliance and reporting

Marketing (with consent):

• Newsletters and promotions. Unsubscribe: Link in every email or account settings. Essential emails (orders, security) continue regardless

Security:

• Fraud prevention and platform security

Full details in Terms & Conditions Section 10.

4. YOUR RIGHTS (GDPR)

✓ Access your data

✓ Correct inaccurate data

✓ Delete your data

✓ Restrict processing

✓ Export your data

✓ Object to processing

✓ Withdraw consent

Exercise rights: Email contact@cellaris.com with "Data Privacy Request"

Response: Within 30 days

Some data must be kept for legal obligations (e.g., tax records).

5. COOKIES

Essential (always on):

• Functional

• Performance

Optional (with consent):

• Analytics

• Advertising

Manage: Cookie banner on first visit or Cookies Settings in the footer

6. DATA SECURITY

• SSL/TLS encryption

• Secure storage and password hashing

• Blockchain for wine authentication (Polygon)

• PCI-DSS compliance (Stripe)

• Access controls and monitoring

7. DATA SHARING

We share data only with:

• PSP : Stripe - Payment processing (PSP - Stripe: stripe.com/privacy)

• Service providers - Platform hosting, analytics, support

• Authorities - When legally required (tax, AML)

All bound by data protection contracts.

8. INTERNATIONAL TRANSFERS

Data stored in EU. Transfers outside EU (e.g., Stripe - USA) use:

• Standard Contractual Clauses

• EU-approved safeguards

Support

Functional cookies

Yes

Description and cookies

Functional cookies are strictly necessary to provide the services of the shop, as well as for its proper functioning, so it is not possible to refuse their use. They allow the user to browse through our website and use the different options or services that exist on it.


PHP_SESSID	preprod.cellaris.com	The PHPSESSID cookie is native to PHP and allows websites to store serialised status data. On the website it is used to establish a user session and to pass state data through a temporary cookie, which is commonly known as a session cookie. These Cookies will only remain on your computer until you close your browser.	Session
PrestaShop-#	preprod.cellaris.com	This is a cookie used by Prestashop to store information and keep the user's session open. It stores information such as currency, language, customer ID, among other data necessary for the proper functioning of the shop.	480 hours

Advertising Cookies

Yes

Description

These are cookies that collect information about the advertisements shown to users of the website. They can be anonymous, if they only collect information about the advertising spaces shown without identifying the user, or personalised, if they collect personal information about the user of the shop by a third party, for the personalisation of these advertising spaces.

Analytics cookies

Yes

Description

Collect information about the user's browsing experience in the shop, usually anonymously, although sometimes they also allow the user to be uniquely and unequivocally identified in order to obtain reports on the user's interests in the products or services offered by the shop.

Performance cookies

Yes

Description

These are used to improve the browsing experience and optimize the operation of the shop.

Other cookies

Yes

Description

These are cookies without a clear purpose or those that we are still in the process of classifying.