Privacy Policy

Data controller

EMBV MEDIA - 40 rue des Blancs Manteaux – 75004 – Paris - France


The Data Controller does not collect any personal data relating to its Visitors. Only Members are concerned by the processing of personal data on the Service.

Personal data collected: purposes / legal basis for processing / storage period

Email address & password: Creation of the Member Account, management of access to free and paid services and customer support / Contract / 3 years after the last connection.
Email address, purchases, browsing data, IP address, date and time of connection, terminal, operating system and browser: Analyses to improve user experience and service functionality / Contract / 3 years after last connection.
Email address, purchases, IP address, logbook, terminal, operating system and browser: Preventing and removing fraudulent activities and breaches of service security / Contract / 3 years after last connection
Email address and credit card details processed by an authorized and highly secure payment service provider: Online payments / Contract / 7 years after the last purchase
Email address, IP address, purchases, credit card details: Tax and accounting declarations / Legal obligation / 7 years after the last purchase
Email address and purchases: newsletter management of information on the content of the Service / Consent / 3 years after the last connection
IP address, nagivation data; Audience analysis; Legitimate interest; 13 months

Personal data submitted by the Member

When opening an Account on the Service, the Member is required to transmit his email address and password. When he makes a purchase on the Service, his credit card details are collected by a highly secure service provider, authorized and in charge of payment management, as the Processing Manager is not authorized to process this data.

Automatically collected data

Data relating to the Member's activity: when the Member connects to his Account, information may be collected and processed concerning his activity on the Service. In particular, this includes the registration date, the date of last connection, or the history of his purchases.

Device and equipment data

The data controller collects information about the devices and equipment used to access the Service which may include information such as IP address, application version, mobile model, operating system.

Withdrawal of Consent

When a treatment is based on the Member's consent, such as the sending of a newsletter, the Member can withdraw it at any time from his Account or phone settings. Withdrawal of consent does not call into question any treatment carried out prior to this withdrawal.

Consent on sensitive data

Article 9 of the GDPR provides for explicit consent for the collection and processing of personal data that may reveal, inter alia, the life and sexual orientation of an individual. Explicit consent is sought from the Member when opening an Account. Consent may be withdrawn at any time by closing the Account.

Legal Obligations

The Data Controller may also process a Member's personal data in response to a legal request (search warrant, court order or other) or to comply with regulatory or administrative obligations, other than those mentioned in the table presented at the beginning of this chapter (tax and accounting treatment of purchases).

How your data is shared

Only certain employees of the customer service and support department and authorized officers of the Data Controller process Members' personal data for the purposes described above. These employees and authorised managers only have access to the data they need to carry out their duties. The Data Controller may also contract with authenticated and reliable service providers and partners who are likely to access and/or process certain personal data of Members, in compliance with the Privacy Policy and who guarantee the security and confidentiality of the Members' personal data. These subcontractors and service providers help the Data Controller to manage and develop the Service, in particular by assisting him/her with the development of IT maintenance as well as data hosting and newsletter routing. The Data Controller is also likely to transmit certain data at the request of state bodies and to comply with any legal or judicial request. Finally, he may be required to transmit your data in the context of corporate operations such as, in particular, without this list being exhaustive, restructuring, change of control, merger, acquisition, transfer or dissolution.

Acknowledgement of Member's rights

In accordance with the French Data Protection Act No. 78-17 of 6 January 1978 as amended, known as the Data Protection Act, and the General Data Protection Regulations, each User has the right to information, access, rectification, portability and deletion of his or her personal data. He or she also has a right to oppose the processing of his or her personal data, and to limit processing, as well as the right to data directives concerning the fate of his or her personal data after his or her death. The Data Controller undertakes to respect these rights and to deal with such requests as soon as possible. For this purpose, he has a maximum period of two months from receipt of the request. The Member may exercise his or her rights, subject to proving his or her identity by providing a copy of his or her identity document, by sending a letter to EMBV MEDIA - 40 rue des Blancs Manteaux - 75004 - Paris - France or by email to
For any other complaint, the Member may submit a request to the competent national supervisory authority for data protection, in this case the competent national supervisory authority for France :

Data Retention

The Data Controller keeps the Member's data for the duration indicated. The Data Controller undertakes to use its best efforts and all means in its possession to ensure the optimal security of the data stored. In view of the exponential nature of technological developments, the Publisher cannot guarantee absolute security of the Service or the absence of faults. It is also incumbent on the Member to take appropriate measures to protect its data.


The Data Controller refuses to collect data from minors. In the event of a lie by a Member concerning his/her date of birth and more particularly in the event of fraudulent certification of his/her majority, the parents of the minor child are invited to notify the Data Controller by sending an e-mail to the address indicated in article 9, in order to request the deletion of the data. The Data Controller undertakes to delete all personal data concerning the minor child as soon as possible.

Data transfer outside the EU

The Data Controller ensures that transfers of personal data to subcontractors based outside the European Union are carried out under conditions that ensure the confidentiality and security of the data and an adequate level of protection in compliance with the regulations in force.


If you have any questions about this Privacy Policy or if you have any requests relating to your personal data, you can contact us by sending an e-mail to the Privacy Policy Manager at or by post at the following postal address : EMBV MEDIA - 40 rue des Blancs Manteaux – 75004 – Paris - France