10% off your first order with code: REZIMFIT Free delivery from 69.90€
ESI CARE, hereinafter referred to as "We," attaches great importance to the protection and respect of your privacy.
Through this document, we intend to provide you with clear and precise information regarding the collection and processing of personal data that you may provide to us through the website Zimfitness (hereinafter referred to as the "Site").
Article 1: Confidentiality Rules​
The General Data Protection Regulation of 27 April 2016 (hereinafter the GDPR) is applicable from 25 May 2018. It imposes strict rules and conditions on companies and traders in the context of the processing of personal data of their customers and prospects, in order to protect the privacy of the latter.
Article 2 The data controller
The "data controller" of your personal data is ESI CARE, responsible for the site Zimfitness which you visit and to which you communicate data.
Article 3: Legal basis for data processing and use​
We can only use your personal data for purposes that are both legitimate and necessary (Article 6 of the GDPR). In practical terms, this means that we process your personal data, whether in electronic or other form, for legitimate purposes related to the contractual relationship, business operations, and security.
These purposes include, but are not limited to, the following:
Article 4. What is personal data?
Personal data includes all information relating to you and on the basis of which you can be identified (hereinafter referred to as "the data"). Anonymous data, which does not allow you to be identified, is therefore not considered personal data. Your personal data may therefore include:
Sensitive data:
The processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, as well as the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, and data concerning a natural person's sex life or sexual orientation is prohibited.
We are committed to strictly respecting this prohibition.
Article 5 Sources and Origins of Personal Data
In principle, the data we hold comes from you when you fill out a form. If you do not provide the mandatory or necessary information, you may lose the benefit of certain advantages and/or we may decide to terminate our services to you or be unable to fulfill the contract.
Article 6 Access to Personal Data – With Whom Do We Share Your Information?
In accordance with applicable regulations, data may be transmitted to the competent authorities upon request, including public bodies, exclusively to fulfill legal obligations, as well as to legal professionals, court officers, and debt collection agencies, and in cases involving the investigation of perpetrators of online offenses.
Your data is primarily for internal use. We may share your data with third-party companies, who will be able to process it for legitimate reasons, including the proper performance of the contract, when we use service providers and subcontractors to fulfill orders or provide services (technical services, payment processing, payment security, deliveries, sending marketing communications, etc.).
We only share with them the data they need to perform their services.
However, we will ensure that our subcontractors comply with GDPR regulations.
Their data processing is governed by a strict legal framework.
Article 7 Data retention period
We implement the necessary measures to ensure that the retention of personal data for the purposes described above does not exceed the legal retention periods.
Article 8. What are your rights?
We are committed to taking appropriate technical and organizational measures to ensure the security of the processing of everyone's personal data (Article 32 of the GDPR).
In accordance with applicable laws and regulations on the protection of personal data, you have a number of rights regarding your personal data, namely:
Right of access (Article 15 of the GDPR) and information
You have the right to be informed in a concise, transparent, intelligible, and easily accessible manner about how your data is processed. You also have the right to obtain confirmation as to whether or not personal data concerning you is being processed and, where that is the case, access to your own personal data and the right to obtain or make a copy of it, to the extent reasonable.
Right to rectification (Article 16 of the GDPR)
You have the right to obtain the rectification of inaccurate personal data concerning you. You also have the right to have incomplete personal data completed. Right to be forgotten (or Right to erasure - Article 17 of the GDPR) and Right to restriction of processing (Article 18 of the GDPR)
We are committed to granting the erasure of your personal data, particularly in the following cases:
Data that is no longer necessary for the purposes for which it was collected or processed;
You object to the processing;
The personal data has been unlawfully processed.
Right to data portability (Article 20 of the GDPR)
You have the right to receive your data in a structured, commonly used, and machine-readable format, for your own use or to transmit it to a third party of your choice.
Right to withdraw consent at any time (Article 7 of the GDPR)
You may withdraw your consent to the processing of your data when the processing is based on your consent. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. Right to lodge a complaint (Article 77 of the GDPR)
The customer has the right to lodge a complaint with the Data Protection Authority at any time if they believe that the processing of their personal data constitutes a violation of the GDPR.
To exercise your rights, you can contact us by email: contact
Article 9 Our commitment
Our objective is to implement security techniques to protect stored data against unauthorized access, inappropriate use, alteration, unlawful or accidental destruction, and accidental loss.
Article 10 Procedure in the event of breaches
It is always possible that personal data processed within the framework of the contractual relationship may fall into the wrong hands as a result of human error, a computer error, etc.
When the breach presents a high risk to the rights and freedoms of the individual, we will immediately inform them of the facts and measures taken. We will ensure that the necessary steps are taken to notify the Data Protection Authority of the breach in question within 72 hours of becoming aware of it, unless the breach does not present a high risk to the rights and freedoms of the individual. (Articles 32-34 of the GDPR).
Article 11 Consent
You give your explicit, informed, and unambiguous consent to the processing of personal data as described in this Privacy Notice. You have the right to withdraw your consent at any time by simply submitting a written request. We reserve the right to amend this Privacy Notice.
Article 12 Modification of our Privacy Policy
We may occasionally modify this privacy policy, in particular to comply with any regulatory, legal, editorial or technical developments.
Article 13 Contact
For any questions regarding this Privacy Policy, or for any requests concerning your data, you can contact us:
By email at the following address: contact@zimfitness.com;
By mail at the following address: ESI CARE - 38 rue de la Halte, 95120 Ermont.
