Privacy policy
PRIVACY POLICY – Château de Gensac
Last updated: 15 November 2025
This Privacy Policy aims to clearly explain how Société d’exploitation du Château de Gensac (SAS) collects, uses, stores, and protects the personal data of its customers and users, in accordance with the General Data Protection Regulation (GDPR) and French law.
1. Data collected
We collect only the data necessary to:
manage your wine orders
respond to your enquiries
ensure customer follow-up
send newsletters if you have given your consent
improve navigation on our website
The data collected may include:
Identity: first and last name
Contact details: email address, telephone number, postal address
Order and billing information
Browsing data: cookies, IP address, pages visited
No sensitive data is collected.
2. Purposes of processing
Your data is used to:
Process your purchases (order, payment, delivery)
Respond to your requests for information
Send newsletters only if you have given your explicit consent (opt-in)
Improve user experience on the website (anonymised statistics, cookies)
Ensure transaction security
We never sell or rent your personal data.
3. Legal basis for processing
Processing is based on:
performance of a contract (wine order or shopping cart)
your consent (newsletter, marketing cookies)
legitimate interest (internal statistics, security)
compliance with legal obligations (invoicing)
4. Data storage
Data is hosted:
on Shopify’s secure servers
in our internal customer database
on our emailing platform if you are subscribed to our newsletter
All data is stored on secure, SSL-certified servers.
Retention periods:
5 years for data related to purchases (legal obligation)
3 years for marketing data after the last contact
until consent is withdrawn for newsletters
5. Data sharing with third parties
We never share your personal data with commercial third parties.
Only our technical service providers may access your data, strictly to perform their services:
Shopify (online store hosting)
Stripe / PayPal (payment processing)
Delivery carriers
Newsletter / CRM tools, if applicable
No data transfer occurs without a contract ensuring data security.
6. Cookies
During your visit, cookies may be placed on your device in order to:
ensure proper website functionality (essential cookies)
measure audience
personalise your browsing experience
provide targeted advertising (with explicit consent)
You may accept, refuse, or configure cookies via the dedicated banner.
For more information, please consult the CNIL guide:
https://www.cnil.fr/fr/cookies-les-outils-pour-les-maitriser
7. Social networks
The website may include social sharing buttons (Facebook, Instagram, etc.).
These services may place their own cookies.
We have no control over these processes; each network’s privacy policy applies.
8. Security
We implement all appropriate technical and organisational measures to ensure:
the confidentiality of your data
protection against unauthorised access
transaction security
Your data may be disclosed to authorities if required by law.
9. Your rights
In accordance with applicable law, you have the following rights:
right of access
right of rectification
right to erasure
right to object
right to restriction of processing
right to data portability
right to withdraw your consent at any time
To exercise these rights, please contact us:
info@gensac.com
or by mail with acknowledgement of receipt:
Société d’exploitation du Château de Gensac – Data Management
Lieu-dit Gensac, 32100 Condom, France
We will respond within 30 days.
10. Changes
We may update this Privacy Policy to comply with GDPR requirements or to reflect new website features.
The date of the latest update will always be indicated at the top of the page.