Personal Data & Cookie Policy
Personal Data
At Black Armoury, we are committed to protecting your personal data. We strive to ensure the highest level of protection for your personal information, in compliance with applicable European and French data protection regulations.
For further specific information on the data protection we follow as a French company, you may also visit the Commission Informatique et Liberté (CNIL) website : www.cnil.fr.
Why does Black Armoury collect my personal data?
Black Armoury uses your personal data mainly for the following purposes:
• Order and customer relationship management : We require your data to process and manage your orders (e.g., delivery, invoicing, accounting), manage customer accounts, partner or club programmes, apply vouchers or discount codes, conduct customer satisfaction surveys, handle complaints and after-sales services, and select customers for studies or product testing.
• Payment processing : When you pay on our sites, payments are secured. Black Armoury does not collect your payment data—only a payment identifier. All bank details are handled exclusively by our PCI-DSS certified payment service providers (BNP Paribas/Mercanet, PayPal, SumUp and/or Stripe). For one-time purchases, your card data is kept for 15 months after the transaction to serve as proof. For subscriptions, the card used at sign-up is stored to allow recurring payments.
• Personalising services and communication : We use your data to tailor our services and messages. For example, we may send personalised emails or recommend similar products based on your previous purchases or browsing.
• Site security : Some browsing data is collected to secure our services and detect or prevent any malicious activity or breach of terms.
• Customer insights, statistics, and performance We use data for analytics (page views, visit frequency, etc.) to improve site performance and services.
What personal data is collected about me?
Data collected:
Name, surname, address, email, password, phone number, IP address, connection and browsing data, order history, preferences, interests, viewed products, delivery issues, and complaints.
Mandatory vs optional:
Mandatory fields are marked with an asterisk. Only the minimum required data is mandatory for processing your orders.
Data sources:
Some data is collected automatically (via your actions) on our website, or in your interactions with us on and off-line, some via partners (e.g., shippers, etc.).
When ?
Collection occurs when you:
• Create an account (online, in store, or at an event)
• Place an order
• Browse the site or view products
• Enter a contest or game
• Contact customer service
• Leave a comment or make a review
• View our ads (e.g., on Facebook)
What communications might I receive?
- Transactional emails : Order confirmations, delivery updates, warranty info. These are essential and not subject to newsletter subscription preferences.
- Black Armoury newsletters : If you opted in, you may receive emails or SMS with updates or offers—especially those related to products you've bought or viewed. We track open rates to optimise content.
What are the legal bases and retention periods for processing?
The processing of your personal data is justified by various legal grounds depending on how we use that data. Below you will find the legal bases and retention periods we apply to our main data processing activities.
Processing is justified by:
Main categories :
• Contractual necessity – e.g., fulfilling your order
• Consent – e.g., opt-in checkboxes (can be withdrawn anytime)
• Legitimate interest: Black Armoury has a commercial interest in processing your data that is justified, balanced, and does not infringe on your privacy. Unless an exception applies, you may object at any time to processing based on legitimate interest by notifying Black Armoury.
• Legal obligation – e.g., retention of orders, invoices and bank transaction data
Examples of retention periods:
Most data (e.g. your customer account information and order history) is retained as long as you are an "active" customer and for a period of 5 years from your last activity (e.g. purchase, account login, or warranty expiration). Your data is then archived with restricted access for an additional period, for limited reasons permitted by law (such as payment, warranty, or disputes). After this period, it is deleted.
Purpose | Legal Basis | Retention (Active Use) | Archiving | Notes |
Order management | Contract | 5 years from last activity | 5–10 years | “Active” = purchase or account login |
Account usage | Contract | 5 years from last activity | 5–10 years | “Active” = purchase or account login |
Service personalisation | Contract | 200 most recent views 3 years from last activity | ||
Marketing messages (email/SMS) | Consent | 3 years from last activity | N/A | Consent revocable anytime |
Targeted ads / profiling | Consent | 13 months (from cookie) | N/A | Cookies can be managed |
Internal data sharing | Legitimate interest | 5 years from last activity | 5–10 years | Objection possible at any time |
Bank card data (after payment) | Legitimate interest | 15 months | - | Per article L133-24 of Monetary and Financial Code |
Cookies Overview
Cookies likely to be stored on your device:
| Category | Purpose | Examples |
|---|---|---|
|
Session & Security (essential) |
Authenticate users, protect data, retain cart contents, authorise file downloads The website(s) will not function correctly if you reject these coookies |
session_id (Odoo) |
|
Preferences (essential) |
Retain language/region preferences. Your experience on the website and ordering process may be less optimal for you, but the website will function without these cookies |
frontend_lang (Odoo) |
| Interaction history (optional) |
Track viewed pages, campaigns, operator history Our ability to serve you and provide customer service may be less optimal for you, but the website will function without these cookies |
im_livechat_previous_operator (Odoo) utm_campaign (Odoo) utm_source (Odoo) utm_medium (Odoo) |
|
Advertising & marketing (optional) |
Show more relevant ads, measure ad campaign performance Please note that certain third-party services may install additional cookies on your browser in order to identify you. You can refuse the use of cookies by a third party by visiting Page de désactivation de la Network Advertising Initiative. The website will still function if you reject or ignore these cookies. |
__gads (Google) __gac (Google) |
|
Analytics (optional) |
Understand site usage via Google Analytics . Learn more at : Cookies analytiques et informations de confidentialité. The website will function without these cookies |
_ga (Google) _gat (Google) _gid (Google) _gac_* (Google) |
You can configure your browser to alert you when cookies are used or disable cookies entirely. Refer to your browser’s help menu for guidance.
Black Armoury does not currently respond to “Do Not Track” signals, as no industry standard exists.
Who are the recipients of my data?
Transmission of data to subcontractors
The data we collect may be transmitted to service providers (subcontractors) engaged by Black Armoury to carry out its services for the purposes mentioned above, for example, for the management, execution, processing, and payment of your orders, as well as for marketing operations. Black Armoury only transmits this personal data to providers with whom we have a service contract and who themselves comply with the GDPR.
Data sharing between Black Armoury departments
The data collected on Black Armoury websites and applications, at events or in stores, is primarily intended for entities operating under the Black Armoury brand, in order to better understand and serve you more efficiently as a customer within the Black Armoury universe. By using your Black Armoury account, you can access the services offered by Black Armoury and benefit from the many advantages resulting from interactions between our brands. You therefore agree to the sharing of your data between the brands belonging to Black Armoury as part of the pooling of their resources in the context of their organisational development and alignment.
As of today, the Black Armoury brands are: Black Armoury, ARCEM, DOHEMA, and Warrior Box.
Data sharing with third parties
We share your personal data with our service providers in order to process your orders, payments, shipments, and after-sales or warranty service. The partners with whom we regularly exchange personal data include BNP Paribas/Mercanet, PayPal, SumUp, Odoo, Avis-Vérifiés, DPD, UPS, DHL, and SendCloud. We may also share your personal data with certain production subcontractors or suppliers to have a product delivered directly from the workshop, or to facilitate your communication with them in the event of a warranty claim.
In all cases, we will only provide the personal data strictly necessary for the proper handling of the specific request in progress, and we will ask our third-party partners not to retain this data once the immediate need has been resolved.
Storage of my personal data
All your payment data and personal data are encrypted before transmission, and your personal data is stored on an SSL (Secure Socket Layer) server. This protects your data during transmission, particularly your card information (we do not store your payment data).
What are my rights regarding the use of personal data?
The data controller for Black Armoury is Anthony Rischard (by email at our contact address or by post to: Black Armoury SAS, 10 rue des Carrières, 43360 Bournoncle Saint Pierre, FRANCE.).
• You have the right to request a copy of your personal data. To make this request easier, you will find a "Personal Data" tab in your customer account on our website. From there, you can download your data in PDF or CSV format.
• You have the right to modify or delete your personal data at any time. Please note that certain data is required to process your orders or shipments (Name, Surname, Email, Phone Number, and if you wish to have goods delivered, Full Postal Address). If you delete any of this information, you will need to provide it again before you can place another order or receive a delivery.
• You have the right to unsubscribe from our email communications. You can do so easily under the "Information" tab in your customer account. Note that by default, you are not subscribed to receive promotional emails or a newsletter from Black Armoury.
In accordance with personal data protection regulations, you may also exercise your rights (access, rectification, deletion, objection, restriction, and portability where applicable) and define the fate of your personal data “post-mortem” — or request assistance to download, modify, or delete your personal data in your client area — by email at our contact address or by post to: Black Armoury SAS, 10 rue des Carrières, 43360 Bournoncle Saint Pierre, FRANCE.
What about the personal data of minors?
Black Armoury services are not intended for minors; therefore, Black Armoury does not process data specifically relating to minors. It is the responsibility of parents or any person with parental authority to decide whether their minor child is allowed to use the Black Armoury website or place an order with their assistance.
How is data used in connection with social media?
The use of social media and Black Armoury websites in connection with those social networks may result in the collection and exchange of certain data between the social networks and Black Armoury. We invite you to consult the privacy policies of the social networks to understand exactly what information is collected by them and may be transmitted to Black Armoury in relation to its websites and applications, as well as the purposes for which your data is used, particularly for advertising. You can configure access and privacy settings for your data directly on the social networks. Black Armoury is not responsible for how your data is used by social networks for their own purposes.
"Plug-ins" and social modules
Our site uses “plug-ins” or social modules. These include small buttons such as “like” or “share” from third-party social networks like Facebook, Twitter, Google+, etc., which you may find on our websites and applications. They allow you to “like” and share content from our sites and apps with your friends on social networks. When you view a page on a Black Armoury site (web or mobile) containing social plug-ins or modules, a connection is established with the servers of the relevant social networks (e.g. Facebook, Twitter), which are then informed that you have accessed the corresponding Black Armoury page — even if you do not have a Facebook or Twitter account, and even if you are not logged in. For example: if you are logged into a social network while browsing www.blackarmoury.com, the networks you are connected to may record your visit in your social media account. If you use the plug-ins (e.g. like), your actions may be recorded and published on your social media accounts, depending on your account settings. If you do not want social networks to publish your actions via the plug-ins, you must log out of your social media accounts before visiting our site.
How do I change my cookie settings?
Most Internet browsers allow you to manage cookies through their settings. To learn more about cookies in general and to see which cookies are installed on your browser, visit: www.aboutcookies.org ou www.allaboutcookies.org.
To prevent Google Analytics from tracking you across all websites, visit: http://tools.google.com/dlpage/gaoptout
Future changes to our personal data policy
In order to protect you and your personal data in an ever-evolving technological and legal environment, Black Armoury reserves the right to modify this document at any time and for any reason in accordance with the law in force at the time of the modification. Changes will be published on this page of our website, and we encourage you to review it from time to time.
This page was last modified on 24/05/2018 in preparation for European Union Regulation No. 2016/679, known as the General Data Protection Regulation (GDPR), which came into effect on 25 May 2018. Black Armoury is compliant with the GDPR.