Privacy Policy - Privacy policy
Personal data processing policy applicable to contacts, customers, prospects, users of online services.
The policy set out below applies to the processing of personal data carried out by the company CMANDCOM (hereinafter referred to as the data controller).
1 – General provisions
The following provisions relate to all processing of personal data carried out by the data controller, unless otherwise stated in the specific provisions.
> Legal framework – compliance with the GDPR and French law
The data controller declares that it carries out processing of personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the GDPR) and French law No. 78-17 of 6 January 1978 relating to information technology, files and civil liberties (as amended).
> Data controller and other parties
The data controller is identified above. Contact details are: ayurvedayogamedi@gmail.com .
> Data transfer
The data controller does not intend to transfer personal data to a third country or to an international organisation.
> Personal data retention period
Data will be retained for the entire lifetime of a so-called "connected" user, i.e. one who has created an account.
> Rights of the person whose data is collected
The person whose personal data is collected has the right:
– to request from the data controller access to personal data, rectification or erasure thereof, or a restriction of processing relating to the data subject,
– to object to the processing,
– to the portability of his or her data,
– to lodge a complaint with a supervisory authority,
– to withdraw consent at any time, without affecting the lawfulness of processing based on consent given before the withdrawal thereof, this right existing exclusively when processing is based on Article 6(1)(a) or Article 9(2)(a) of the GDPR, i.e. on the consent of the data subject to the processing of his or her personal data for one or more specific purposes.
> Automated decision-making – profiling
Unless otherwise stated in the specific provisions, automated decisions will be made on the basis of the data collected. These decisions will mainly concern the targeting of mailings, notifications and other means of communication in order to avoid over-soliciting a user, whether logged in or not.
2 – Specific provisions
The following provisions are specific to each type of personal data processing.
> Management of the relationship with our contacts and prospects
Personal data processed – We process the following personal data: title, first name, surname, telephone number, email address, postal address, profession.
Purposes – The processing of personal data is intended for the management of the relationship with our contacts and prospects. In particular, this processing aims to communicate to the data subject information about the news of our organisation, our products and our services.
Legal basis – This processing of personal data is based on the consent of the data subject (Article 6(1)(a) of the GDPR). The data request is of a contractual nature. The data subject is not required to provide these data. If the data subject does not provide the data or withdraws consent to the data processing, he or she will not be able to receive information about the news of our organisation, our products and our services.
> Acceptance procedure for our customers
Personal data processed – We process the following data: title, first name, surname, telephone number, email address, postal address, profession, organisation (company, business or other).
Purposes – This data processing is intended to satisfy our due diligence obligations with regard to customers, in accordance with French law, in particular Articles L. 561-4-1 and R. 561-5 of the Monetary and Financial Code.
Legal basis – This processing is necessary for compliance with the legal obligations to which the data controller is subject. It is based on Article 6(1)(c) of the GDPR. The data request is a condition for the establishment of a business relationship, in accordance with applicable legislative and regulatory provisions. The data subject is required to provide these data if he or she wishes to establish such a relationship. If the data subject does not provide the data, we will not be able to pursue a business relationship with him or her.
> Management of the relationship with our customers
Personal data processed – We process the following personal data: title, first name, surname, telephone number, email address, postal address, profession, date of birth, nationality, product or service purchased, purchase price, any discount, any promotional offer, date and place of purchase, place of delivery, distribution channel, payment methods, information relating to payment.
Purposes – The processing of personal data is intended for the management of the relationship with our customers. In particular, this processing aims to execute pre-contractual measures taken at the request of the data subject, to execute the contract to which the data subject is a party, and to comply with our legal, tax and accounting obligations.
Legal basis – This processing is necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures taken at the request of the data subject. It is based on Article 6(1)(b) of the GDPR. The data request is of a contractual nature. The data subject is required to provide these data if he or she wishes to benefit from our products or services. If the data subject does not provide the data, he or she will not be able to become a customer, acquire our products or benefit from our services.
> Fulfilment of orders placed on our website
Personal data processed – We process the following personal data: title, first name, surname, telephone number, email address, postal address, place of delivery, payment methods, information relating to payment.
Purposes – The processing is intended for the fulfilment of orders placed on our website and the management of the relationship with our customers.
Legal basis – This processing is necessary for the execution of pre-contractual measures taken at your request and for the execution of the contract concluded between us. It is based on Article 6(1)(b) of the GDPR. The data request is a condition for the conclusion of the contract. It is of a contractual nature. The data subject is required to provide the data. Failing this, he or she will not be able to place an order on our website.
> Use of Google Analytics
Personal data processed – Google processes the data mentioned in its privacy policy (https://support.google.com/analytics/answer/6004245?hl=fr / https://policies.google.com/privacy?hl=fr#infocollect). These data include, in particular, the IP address of the devices used to visit the website.
Purposes – This processing is used for analytical and statistical study purposes regarding the use of our website.
Legal basis – The processing is necessary for the purposes of the legitimate interests pursued by us, consisting of improving and optimising our website for the benefit of users. It is based on Article 6(1)(f) of the GDPR. The data request is of a contractual nature. The data subject is not required to provide these data and may object to their processing at any time. To prevent the collection of data relating to his or her use of the website and the processing of such data by Google, the data subject must follow Google's instructions: http://tools.google.com/dlpage/gaoptout.
> Marketing and advertising messages
Personal data processed – We process the following data: surname, first name, information about opened messages and followed links (including the date and time of access).
Purposes – The processing is intended to improve our communication and to send you relevant content at appropriate times.
Data Safety – Google Play
This section describes how the
Ayurveda Yoga Meditation application (com.exnihilo.ayur) collects, uses and protects your data, in accordance with
Google Play's data safety requirements.
Last updated: 24 March 2026
Health Data
This application does not collect, store, or transmit any health data. All content (articles, videos, quizzes, glossary) is purely educational and informational. This application does not provide medical diagnosis, treatment, or advice.
Data collected and purpose
| Data type |
Collected |
Purpose |
Shared |
| Device identifier (UUID) | Yes | Identify returning users and personalise the experience | No |
| Push notification token | Yes | Send push notifications about new content | No |
| Language / locale | Yes | Display content in the user's preferred language | No |
| Platform (iOS / Android) | Yes | Send platform-specific notifications | No |
| Precise location | No | — | No |
| Financial / payment data | No | — | No |
| Photos / videos | No | — | No |
| Contacts | No | — | No |
Data sharing
We do not
sell any personal data to third parties.
We do not
share any personal data with third parties for advertising or marketing purposes.
The only external service integrated is
Firebase Cloud Messaging, used exclusively for sending push notifications. No user data, other than the notification token and platform identifier, is transmitted to Firebase.
Data security
Encryption in transit – All data transmitted between the application and our servers is encrypted via
HTTPS (TLS).
Encryption at rest – Personal data is stored in a secure database with restricted access.
Data retention – Your data is retained as long as your account is active. You may request the deletion of your account and all associated data at any time.
Data deletion
You may request the deletion of your account and all your personal data by sending an email to:
ayurvedayogamedi@gmail.com
Upon receipt of your request, we will delete all personal data associated with your account within
30 days. This includes your device identifier, your push notification token, as well as all your preferences and saved test results.
Children's protection
This application is not intended for children under the age of 13. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will delete it without delay.
