Play Now

Web Site Privacy Policy

Effective date: 17 September 2025

In its capacity as Data Controller, MILLION VICTORIES has implemented this Personal Data Protection Policy (hereinafter “the Policy”) and undertakes to process such Data in accordance with the applicable rules, in particular in accordance with the principles of transparency, purpose limitation and legitimacy, accuracy, proportionality and minimisation, security and confidentiality, accountability and protection by design and by default.

This Policy informs you about how we collect and process your Data.

We invite you to read it carefully.

ARTICLE 1 – DEFINITION

“Data” or “Personal Data” – Refers to any information that identifies you directly or indirectly (in particular by cross-referencing or cross-checking information), such as: your first name, last name, email address, postal address, telephone number, etc.

“Data Subject” or “You” – Refers to you and to any person whose Data are processed by MILLION VICTORIES.

“MILLION VICTORIES”, “Data Controller”, “We” or “Us” – Refers to MILLION VICTORIES SAS, a French company, with a share capital of 166 881,18 euros, registered with the Lyon Trade and Companies Register under the number 830 912 051, whose head office is located at 34, rue Verlet Hanus – 69003 Lyon, France (hereinafter “Million Victories” or “We” or “Us”).

“Sites” or “Websites”– Refers to the following websites:
https://millionvictories.com
https://millionvictories.com/million-lords/
https://shop.millionlords.com/

ARTICLE 2 – DATA WE COLLECT

We collect:
Data you provide us, especially when you’re contacting us through the “Contact us” button or when you make purchases through our Sites;
Data collected through cookies. To learn more about cookies and how they are used by MILLION VICTORIES on our Sites, you can consult our cookie policy by following this link: Cookie Policy.

We only use your Data in the cases provided for by current regulations, and, in particular:
For the performance of a contract we have entered into with you ;
To comply with a legal o regulatory obligation, and/or
After obtaining you free, specific and informed consent to the processing of your Data, and/or
If we have a legitimate interest in using your Data.

ARTICLE 3 – PURPOSE OF COLLECTING PERSONAL DATA

We collect data to:
Respond to you when you contact us;
Process your requests to exercise your rights over your Data, under the conditions set out in the section set out in the section “User rights” below;
Process the purchases you made through our shop;
Process statistics relating to the use of our Sites, the popularity of certain content and browsing patterns of our visitors.

ARTICLE 4 – WHO CAN ACCESS YOUR DATA

Internal Access: Our employees who are authorised to process Data may have access to some of your Data. Access to your Data is based on individual and limited access authorisations. Staff who can access Personal Data are subject to a confidentiality obligation (through a nominal and personal confidentiality agreement).

Subcontractors: In the course of our activities, we use Subcontractors, i.e. persons who process all or part of your data on behalf of MILLION VICTORIES. We take particular care in selecting Subcontractors who process Personal Data on our behalf. We are committed to ensuring that Subcontractors provide the same guarantees of confidentiality and security and that the processing they carry out is in accordance with the regulations in force, in particular the GDPR.

Our Subcontractors provide services on our behalf, in particular:
The establishment of our shop, as well as the processing of payments made therein;
The hosting of our Websites and Data;
The development, the maintenance and the publication of contents on our Websites

Our Subcontractors’ access to your Data is based on signed contracts that specify their obligations regarding the protection, security and confidentiality of the Data. We ensure that our Subcontractors process Data in accordance with this Policy.

Social networks: The use of social networks to interact with our Sites (in particular the buttons to access our FACEBOOK, TWITTER, LINKEDIN pages, etc.) may result in the exchange of Data between MILLION VICTORIES and these social networks.

For example, if you are logged into the Facebook social network and you visit a page on our Sites while logged into your FACEBOOK account, META may collect this information. We therefore invite you to consult the personal data management policies of the various social networks to find out how they collect and process your Data.

Authorities: Where we have a legal obligation to do so or in order to protect the rights, property and safety of MILLION VICTORIES, we may also disclose your information in the following circumstances: (i) to investigate, detect, prevent or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (ii) to establish or exercise our rights to defend ourselves against legal claims; (iii) to protect our rights, property or personal safety and that of our users or the general public; (iv) if we or any of our affiliates undergo a change of control, including through a merger, acquisition or purchase of all or substantially all of our assets.

ARTICLE 5 – WHERE IS YOUR DATA STORED?

Data is stored, processed and stored in France and in other jurisdictions if necessary for the proper provision of our services and/or if required by law.

ARTICLE 6 – PROTECTION OF YOUR DATA

Your Data are processed and are stored by MILLION VICTORIES for a period no longer than necessary for the purposes for which they are collected and processed, beyond the period strictly necessary for the management of our relationship.

We continuously develop and implement administrative, technical, and physical security measures to protect your data from unauthorised access, loss, misuse, or alteration. MILLION VICTORIES relies on a combination of several levels of security. Measures may be human, physical or logical in order to contribute to the security of its information systems.

Human security: MILLION VICTORIES undertakes to preserve the confidentiality of Personal Data with regard to its staff, collaborators and any person likely to have access to it.

MILLION VICTORIES staff authorised to access Personal Data undertake to respect confidentiality and may be subject to a legal or contractual obligation of confidentiality. Similarly, authorised staff have received the necessary training in the protection of Personal Data.

MILLION VICTORIES has also appointed a data protection officer and complies with the principle of privacy by design. In addition, we regularly offer our employees IT security training sessions to limit any risk of data breaches.

Logical security: The logical security measures implemented by MILLION VICTORIES include:
Configuring computers,s servers and mobile phone with recommended security protocols;
Protecting servers and computers with regularly updated antivirus software;
Encrypting hard drives on employees’ laptops

Physical security: The physical security measures implemented by MILLION VICTORIES include:
Regularly updated password-protected FTP server;
Perimeter security components such as firewalls and proxies filter access to MILLION VICTORIES resources

In the event of a breach of Personal Data, MILLION VICTORIES undertakes to promptly notify the CNIL (French Data Protection Authority) in accordance with the conditions set out in the GDPR.

If the breach poses a high risk to the Data Subjects and the Personal Data has not been sufficiently protected, MILLION VICTORIES will notify the Data subjects and provide them with the necessary information and recommendations.

ARTICLE 7 – DATA RETENTION PERIOD

We keep your information for the time necessary for the purposes for which it is processed. The length of time for which we retain information depends on the purposes for which we collected and use it and your choices, after which time we may delete and/or aggregate it. We may also retain and use this information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

ARTICLE 8 – YOUR RIGHTS

You have the right to obtain access to the Data held by MILLION VICTORIES about you and to request its rectification or erasure, or restriction of processing or, where applicable, the right to object to processing or the right to data portability.

Where the processing is based on your consent or explicit consent, you also have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

In certain cases, we may refuse to comply with your request (for example, we have the right to oppose the deletion of your data if we are legally required to retain it) or ask you to prove your identity beforehand. For any request concerning the processing of your Data, we invite you to contact us by mail at the address stated within Article 10.

You also have the right to introduce a complaint to the French Data Protection Authority (CNIL), either electronically at www.cnil.fr or by post to the following address:

CNIL – Complaints Department
3 Place de Fontenoy
TSA 80715 – 75334 PARIS CEDEX 07

ARTICLE 9 – DATA TRANSFER

In connection with the provision of the Sites, we do not plan to transfer information to affiliated entities or other third parties outside your country or jurisdiction to other countries or jurisdictions around the world. However, in the event that we do transfer information in this manner, by using the Sites, you consent to the transfer of your information outside the European Union.

If you are located in the European Union, your Personal Data may only be transferred to locations outside the European Union if we are satisfied that an adequate or comparable level of protection is in place to protect Personal Data.

We will take reasonable steps to ensure that we have appropriate contractual agreements with our third parties to ensure that adequate safeguards are in place so that the risks of unlawful use, alteration, deletion, loss or theft of your Data are minimised, and that these third parties act at all times in accordance with applicable laws. These measures may include seeking adequacy decisions, compliance with the European Commission’s standard or specific contractual clauses, binding corporate rules (BCRs) or approved certification mechanisms and codes of conduct.

ARTICLE 10 – MISCELLENEAOUS

Policy updates: We may update this Privacy Policy from time to time without notice. Your continued use of our Websites signifies your acceptance of the updated policy.

Contacts us: If you have any question about this Policy and/or if you want to make a request regarding your Data, you may contact us by email : [email protected]