Privacy policy (GDPR)

Privacy policy


This privacy policy aims to explain to you why we collect your data and how we undertake to protect it.

The SARL burro-net is committed to the protection of your personal data and your privacy.

As such, and in application of the General Data Protection Regulation (hereinafter referred to as “GDPR”), we hereby communicate to you the conditions under which your personal data will be processed by us.

What personal data do we process?


We may collect and store your personal data, in particular for:

Process and respond to your messages, Create and manage access to your accounts, Receive and process your participation in a survey or competition, Manage your registrations for our newsletters, Establish and monitor the commercial relationship that may result from your messages , Write a review/comment published on the site, Collect your payment, Improve our monitoring and customer service, Manage the proper functioning and personalization of the services, Send you commercial and advertising information based on your preferences, Detection of attacks and litigation against fraud, Remember your choices regarding the use of cookies, Process and respond to your requests to exercise rights, To meet regulatory requirements in force or being adopted

Data categories:

Contact details (e.g. last name, first name, telephone number, email); Data relating to means of payment; Technical and location information generated as part of the use of our services

Legal basis for processing

The processing of personal data implemented is based on:

  • Either with the consent of the person concerned (Article 6.1.a of the GDPR) for all processing operations which require the prior collection of consent.
  • In online forms, required fields are marked with an asterisk. If the mandatory questions are not answered, we will not be able to provide you with the requested services.
  • Either for the execution of a contract or the execution of pre-contractual measures,
  • Either for the pursuit of a legitimate interest (Article 6.1.e of the GDPR).
  • Either for compliance with a legal or regulatory obligation;

Your data is kept for the duration necessary to achieve the purposes mentioned above.


The duration of retention of Customers' personal data depends on the purpose concerned. In this context, Customers' personal data is kept for the time necessary to fulfill their request. In the absence of any completion, personal data is deleted within the time limits recommended by the Commission Nationale Informatique et Libertés (CNIL), after a period of three years from their collection, subject to:

  • legal possibilities and obligations regarding archiving,
  • obligations to retain certain data, for evidentiary purposes, and/or anonymization of these.


The Customer's personal data collected and processed, for the purposes of executing the offers, are kept for the duration necessary for the management of the contractual relationship.
By way of derogation, the personal data required to establish proof of a right or a contract are archived in accordance with legal provisions (5 or 10 years after the end of the commercial relationship depending on the case).

Who are the recipients of your data?

Your personal data is intended for ordi66, respectively the SARL burro-net. It is however possible that the SARL burro-net must call on other people or organizations to process the personal data obtained via the site https://www. ordi-66 in order to provide the best possible service to its customers and site visitors. These other people and/or organizations are:

  • Our internal services: They are processed by the staff of our various departments such as the sales department or the department in charge of IT security.
  • Trusted companies or individuals: they process your information for us for the purposes set out above, in accordance with our instructions as described in our Privacy Policy and any other appropriate use cases in terms of confidentiality and security.
  • Technical subcontractors: Personal data concerning you may be transferred to our technical subcontractors (within the meaning of article 4.8 of the GDPR) in a strictly supervised manner. In the event of a transfer, we ensure that subcontractors comply with the GDPR and take technical and organizational measures to guarantee data protection (art. 28 of the GDPR).
  • Traffic analysis tools (like Google Analytics),
  • Payment providers (like Paypal or Stripe),
  • Email providers (like Mailjet or Sendgrid),
  • Advertising providers (like Google Ads or Meta)


We sometimes need to allow our partners to process, on our behalf, the personal information we hold about you for the purposes set out in this policy or for any other reason required by law.

The personal data of Customers collected is hosted in France.

In the case of using a service provider located outside the European Union, we undertake to verify that appropriate measures have been put in place so that personal data benefits from an adequate level of protection.

How does SARL burro-net preserve the security of your data?

We put in place all organizational and technical measures to ensure an appropriate level of security for your personal data, and in particular to avoid any loss of confidentiality, integrity or accessibility.

We frequently back up data, Where possible, we limit access to personal information to only those who need to process it, Implements technical and organizational measures to ensure that the retention of Customers' personal data is secure for the duration necessary to achieve the purposes pursued.


What are your rights over your personal data?

In accordance with the Applicable Regulations, you have the following rights:

  • A right of rectification: you have the right to obtain the rectification of inaccurate data concerning you. You also have the right to complete incomplete data concerning you, by providing a supplementary declaration. If you exercise this right, we undertake to communicate any rectification to all recipients of your data,
  • A right of erasure: in certain cases, you have the right to obtain the erasure of your data. However, this is not an absolute right and we may for legal or legitimate reasons retain this data.
  • A right to limitation of processing: in certain cases, you have the right to obtain limitation of the processing of your data,
  • A right to data portability: you have the right to receive your data that you have provided to us, in a structured, commonly used and machine-readable format, for your personal use or to transmit it to a third party of your choice. This right only applies when the processing of your data is based on your consent, on a contract or when this processing is carried out by automated means,
  • A right to object to processing: you have the right to object at any time to the processing of your data for processing based on our legitimate interest, a mission of public interest and those for commercial prospecting purposes. This is not an absolute right and we may for legal or legitimate reasons refuse your opposition request,
  • The right to withdraw your consent at any time: you can withdraw your consent to the processing of your data when the processing is based on your consent. Withdrawal of consent does not compromise the lawfulness of processing based on consent given before such withdrawal,
  • The right to lodge a complaint with a supervisory authority: you have the right to contact your data protection authority to complain about our personal data protection practices,

In application of the GDPR, the conditions for exercising these rights may vary depending on the basis of lawfulness of the processing mentioned in the first paragraph.
We will respond to any exercise of rights as quickly as possible and in any event within 30 days of receipt of the request.

We reserve the right:

  • To request proof of the identity of the applicant in the event of reasonable doubt regarding the latter, in order to respect its obligation of confidentiality,
  • To extend the response deadline by two months, then informing the applicant of this extension and the reasons for the postponement within one month of receipt of the request,
  • To refuse to respond to an exercise of rights if it was considered abusive (given their number, their repetitive or systematic nature).

Who to contact for all GDPR-related inquiries?

To exercise your rights, you can contact us:

SARL burro-net
2bis rue Sébastien Bonay - 66400 Céret
Tel: 04 68 82 73 20
or by email to: This email address is being protected from spambots. You need JavaScript enabled to view it.

If, despite our efforts and our commitments, you believe that your rights concerning your personal data have not been respected, you can send a complaint to the Commission Nationale Informatique et Libertés: CNIL 3 Place de Fontenoy TSA 80715 75334 Paris Cedex 07

Reservation of modification of the Data Protection Policy

This Personal Data Protection Policy may be subject to change. We therefore reserve the right to make changes to this 'Privacy Policy' if we deem it necessary.