Advice & Order 0203 445 5850 | Need help?

Privacy Policy

Last updated: 6 May 2026

1. Introduction

This privacy policy informs users of the az-flag.com website about how their personal data is collected, used, retained, and protected.

AZ FLAG places great importance on the protection of personal data of its customers, prospects, suppliers, partners, and website users.

Personal data is processed in accordance with the General Data Protection Regulation (GDPR), the French Data Protection Act, and applicable rules regarding cookies and other trackers.

Some processing activities are necessary for using the website, creating a customer account, processing orders, payment, delivery, customer service, or compliance with legal obligations.

Other processing activities, particularly those involving certain cookies, audience measurement, personalised advertising, or commercial communications, are only carried out with your consent when required.

2. Data Controller

The az-flag.com website is published and operated by:

AZ FLAG

Simplified joint stock company (SAS) with share capital of €10,000

Registered with the Trade and Companies Register of Nîmes under number 512 552 290

Registered office: 45 Rue Gilles Roberval, 30900 Nîmes, France

For any question regarding your personal data, you can contact us:

  • by email: [email protected] for access, rectification, erasure, objection, restriction, and portability requests;
  • by email: [email protected] to contact our Data Protection Officer or for any complaint regarding the processing of your data;
  • by post: AZ FLAG – 45 Rue Gilles Roberval – 30900 Nîmes – France;
  • via the contact form available on the website.

AZ FLAG has not appointed a Data Protection Officer (DPO) within the meaning of Article 37 of the GDPR. However, an internal Data Protection Officer can be reached at [email protected] for any question or complaint regarding your personal data.

3. What Personal Data Do We Collect?

We may collect different categories of personal data when you use our website, create a customer account, place an order, contact our customer service, or interact with our services.

3.1 Data You Provide Directly

This may include:

  • first name and surname;
  • email address;
  • phone number;
  • billing address;
  • delivery address;
  • company name, where applicable;
  • VAT number, where applicable;
  • information necessary to create and manage your customer account;
  • content of messages sent to our customer service;
  • information necessary to process your requests, claims, or product returns;
  • customer reviews, comments, or survey responses, where these features are provided.

Where certain data is mandatory, it is indicated as such. Without this information, we may not be able to process your order, create your account, or properly respond to your request.

3.2 Data Collected During Orders

When processing an order, we collect information necessary for:

  • customer identification;
  • order preparation;
  • invoicing;
  • payment;
  • delivery;
  • order tracking;
  • customer service;
  • handling returns, refunds, or claims.

We do not store full credit card details on our servers. Payments are processed by secure payment providers.

However, we may retain certain transaction information, such as amount, date, payment status, payment method, or transaction ID, when necessary for accounting, payment proof, customer service, or fraud prevention.

3.3 Data Collected Automatically

When you browse our website, certain technical data may be collected automatically, including:

  • IP address;
  • browser type and version;
  • operating system;
  • device type used;
  • pages visited;
  • date and time of browsing;
  • session duration;
  • technical errors encountered;
  • interactions with the website;
  • data relating to cookies and other trackers, depending on your choices.

This data is used to ensure the proper functioning of the website, improve user experience, measure audience, secure the site, and prevent fraud.

3.4 Data from Third Parties

We may receive information from third parties when necessary for our services, including:

  • carriers, for tracking and delivery of orders;
  • payment providers, for transaction confirmation or security;
  • fraud prevention providers;
  • customer review providers, where applicable;
  • audience analysis tools, depending on your cookie choices;
  • advertising platforms, depending on your cookie choices;
  • marketplaces or partner platforms when you order our products through these channels.

4. Why Do We Use Your Data and on What Legal Basis?

Your personal data is used only for specific, explicit, and legitimate purposes.

PurposeLegal Basis
Customer account creation and managementPerformance of contract or pre-contractual measures
Order processing, preparation, and shippingPerformance of contract
Order paymentPerformance of contract
Invoicing and accounting obligationsLegal obligation
Returns, claims, and after-sales servicePerformance of contract or legitimate interest
Customer service responsesPerformance of contract, pre-contractual measures, or legitimate interest
Site security and fraud preventionLegitimate interest
Site improvement and internal statisticsLegitimate interest or consent depending on tools
Order-related emailsPerformance of contract
Commercial offers for similar products to those previously orderedLegitimate interest, subject to your right to object
Newsletters or commercial communications unrelated to a previous orderConsent
Personalised advertising, remarketing, and ad measurementConsent
Customer review managementLegitimate interest or consent depending on the case
Retention of cookie consent or refusal proofLegal obligation and legitimate interest of proof
Compliance with legal obligations and authorities' requestsLegal obligation

5. Cookies and Other Trackers

The website may use cookies and other trackers.

A cookie is a small file placed on your device when you visit a website. Cookies may serve several purposes: ensuring website functionality, retaining your shopping cart, securing your connection, measuring audience, personalising content, or offering targeted advertising.

Some cookies strictly necessary for the website's operation may be placed without your consent. However, non-essential cookies, particularly those used for advertising, advanced personalisation, or non-exempt audience measurement, are only placed after your consent.

5.1 Strictly Necessary Cookies

These cookies are necessary for the website to function. They notably allow:

  • keeping your session open;
  • managing your cart;
  • securing your customer account;
  • remembering your privacy choices;
  • enabling secure payment;
  • ensuring the proper technical operation of the site.

These cookies do not require your consent.

5.2 Cookies Subject to Your Consent

With your consent, we may use cookies or trackers allowing us to:

  • measure website audience;
  • analyse your browsing;
  • personalise certain content;
  • offer product recommendations;
  • display personalised advertising;
  • measure advertising campaign effectiveness;
  • enable remarketing;
  • enable content sharing on social networks.

These cookies may be placed by AZ FLAG or by third-party providers, including audience measurement, tag management, advertising, or social network providers.

The website may use services provided by Google, such as audience measurement, tag management, conversion measurement, and advertising tools. These tools operate according to the choices you express via the cookie banner or preferences panel.

5.3 Managing Your Cookie Preferences

On your first visit, an information banner allows you to:

  • accept cookies subject to consent;
  • refuse them;
  • customise your choices by purpose.

You can change your preferences at any time via the cookie icon at the bottom-left of any page on the website.

Refusing non-essential cookies does not prevent access to the site. However, certain personalisation, audience measurement, or advertising features may be limited.

AZ FLAG uses a consent management tool to collect, store, and update your cookie preferences.

Your cookie preferences are retained for a maximum of 12 months, unless you withdraw or modify your consent before that.

5.4 Proof of Choices Made

To manage your cookie preferences and to be able to demonstrate the collection or refusal of consent when necessary, AZ FLAG retains technical proof of the choices made by the user.

This proof may include the date and time of the choice, the choice expressed, a technical identifier, and certain limited technical information.

This information is retained for a maximum of 12 months and is used only for cookie preference management and compliance proof.

You can change your choices at any time via the cookie icon at the bottom-left of any page.

6. Who May Receive Your Data?

Personal data collected by AZ FLAG is intended for authorised internal departments and may be transmitted to providers strictly necessary for operating the site and providing services.

This may include:

  • hosting providers;
  • technical providers ensuring site maintenance;
  • carriers;
  • payment providers;
  • customer service providers;
  • email providers;
  • customer review management providers;
  • fraud prevention providers;
  • audience analysis providers;
  • advertising providers, only based on your cookie choices;
  • accountants, auditors, lawyers, or AZ FLAG advisers when necessary;
  • relevant administrations or authorities when required by law.

These providers only have access to data necessary for their mission. They are required to comply with applicable data protection regulations.

AZ FLAG does not sell your personal data to third parties.

7. Transfers Outside the European Economic Area

Some providers used by AZ FLAG may process personal data outside the European Economic Area or access it from a third country.

This may include:

  • Google services, such as audience measurement, tag management, conversion measurement, and advertising tools, which may involve processing in the United States;
  • some technical, development, maintenance, or IT support providers operating from countries outside the European Economic Area;
  • some hosting, payment, email, customer support, or technical tool providers, depending on services actually used.

These transfers or remote access are framed by GDPR-compliant safeguards, such as an adequacy decision, the EU-US Data Privacy Framework when the provider participates in it, the European Commission's standard contractual clauses, or additional security measures when necessary.

AZ FLAG ensures that providers concerned only access data necessary for their mission and are subject to appropriate confidentiality, security, and data protection obligations.

You can obtain additional information on these safeguards by contacting us at the addresses indicated in this policy.

8. How Long Do We Retain Your Data?

AZ FLAG retains your personal data only for the time necessary for the purposes for which it was collected, subject to legal retention obligations or applicable limitation periods.

For information:

CategoryRetention Period
Customer accountWhile the account is in use, then deletion or anonymisation after 3 years of inactivity
Orders and related data3 years from the end of the contractual relationship
Invoices and accounting data10 years from the close of the relevant accounting year
Marketing prospection3 years from the last active contact with you
Cookies and consent proofMaximum 12 months, unless you withdraw or modify your choice before

Some data may be retained longer when required by law or when necessary to establish, exercise, or defend a legal claim.

9. How Do We Protect Your Data?

AZ FLAG implements appropriate technical and organisational measures to protect your data against loss, unauthorised access, alteration, or disclosure.

These measures notably include connection encryption, restricted data access, and payment security through specialised providers.

No system is infallible. In the event of a breach likely to pose a risk to your rights and freedoms, AZ FLAG will make the necessary notifications in accordance with applicable regulations.

10. What Are Your Rights?

In accordance with applicable regulations, you have the following rights over your personal data:

  • right of access;
  • right of rectification;
  • right of erasure;
  • right to object;
  • right to restriction of processing;
  • right to data portability;
  • right to withdraw your consent at any time when processing is based on consent;
  • right to set directives concerning your data after death;
  • right to lodge a complaint with a supervisory authority.

You may exercise your rights by contacting us:

  • by email at [email protected] for access, rectification, objection, erasure, portability, and restriction requests;
  • by email at [email protected] for complaints and any compliance question or to contact the Data Protection Officer;
  • by post: AZ FLAG – 45 Rue Gilles Roberval – 30900 Nîmes, France;
  • via the contact form on the website.

To protect your personal data, AZ FLAG may ask you to verify your identity if there is reasonable doubt.

We will endeavour to respond to your request within one month of receipt. This period may be extended by two months for complex requests or a high volume of requests.

You may also lodge a complaint with the French data protection authority (CNIL): www.cnil.fr, or with the supervisory authority of your country of residence.

11. Marketing Communications

AZ FLAG may send you commercial communications under the conditions permitted by applicable regulations.

If you have already ordered a product on our site, we may send you offers regarding similar products or services, unless you object.

For other commercial communications, including newsletter subscriptions, your prior consent may be required.

You may object at any time to receiving commercial communications:

  • by clicking the unsubscribe link in our emails;
  • by contacting us at the addresses indicated in this policy;
  • where applicable, by changing your customer account preferences.

12. Customer Reviews

When the website allows posting reviews or comments, the data communicated may be used to display the review, manage moderation, improve our products and services, and ensure customer relationship follow-up.

Customer reviews may be collected, verified, moderated, or published directly by AZ FLAG or with the help of specialist external providers in customer review management.

These providers only have access to data necessary for their mission and act in accordance with applicable data protection obligations.

We invite you not to publish in your reviews any sensitive personal information or information about third parties.

13. Social Media

AZ FLAG may be present on different social networks.

When you interact with our pages or content on these platforms, the data concerning you may be processed by both AZ FLAG and the platforms concerned.

We invite you to consult the privacy policies of each social network to understand how these platforms process your personal data.

14. Children's Data

The az-flag.com website is not intended for individuals under the age of consent applicable in their jurisdiction (typically 13 to 16 years old depending on the country).

AZ FLAG does not knowingly collect data concerning minors below the applicable age threshold without appropriate authorisation from the holder of parental authority.

If you believe that data concerning a minor has been collected inappropriately, you may contact us to request its deletion.

15. Policy Updates

AZ FLAG may amend this privacy policy to reflect legal, regulatory, technical, or operational changes.

We invite you to consult this page regularly to view the most recent version.