Security and protection of personal data

Warnings

This tool is made available to you free of charge. The tool is based on information based on the firm’s professional analysis of GDPR compliance. However, compliance being a dynamic process and any situation being specific, the information transmitted must be adapted and can in no way be considered exhaustive or exact. Unless you request a review and validation by the Cabinet, the document generated is considered as simple information. Consequently, you are solely responsible for any interpretations made the information provided, the advice you deduce from it and the adaptations made for your activity own commercial. The use and operation of the tool is therefore under your sole responsibility and at your risks and dangers.

Definitions

Publisher: The person, natural or legal, who publishes online communication services to the public.
The Site: All the sites, Internet pages and online services offered by the Publisher.
The User: The person using the Site and the services.

Nature of the data collected

In the context of the use of the Sites, the Publisher may collect the categories of data following concerning its Users: Civil status, identity, identification data … Connection data (IP addresses, event logs …) Location data (movements, GPS, GSM data, etc.)

Communication of personal data to third parties

No communication to third parties
Your data is not communicated to third parties. However, you are informed that they may be disclosed by application of a law, regulation or by decision of an authority regulatory or judicial authority.

Prior information for the communication of personal data to third parties in merger / absorption

Prior information and possibility of opt-out before and after the merger / acquisition

In the event that we take part in a merger, acquisition or any other form of transfer assets, we are committed to guaranteeing the confidentiality of your personal data and to informing you before they are transferred or subject to new confidentiality rules.

Purpose of the reuse of personal data collected

Carry out operations relating to customer management concerning

• the contracts ; the orders ; the deliveries ; the bills ; accounting and in particular management customer accounts

• a loyalty program within one entity or several legal entities;

• customer relationship monitoring such as conducting satisfaction surveys, handling complaints and after-sales service

• the selection of customers to carry out studies, surveys and product tests (except with the consent of the data subjects obtained under the conditions provided for in article 6, these operations must not lead to the establishment of profiles likely to reveal sensitive data – racial or ethnic origins, philosophical, political, union, religious opinions, sex life or health people) Carry out operations relating to prospecting

• the management of technical prospecting operations (which notably includes technical operations such as standardization, enrichment and deduplication)

• the selection of people to carry out loyalty, prospecting, polling, product testing and promotion actions. Unless consent of the persons concerned obtained under the conditions provided for in Article 6, these operations must not lead to the establishment of profiles likely to reveal sensitive data (racial or ethnic origins, philosophical opinions, political, union, religious, sexual life or human health)

• carrying out solicitation operations Development of trade statistics Management of requests for the right of access, rectification and opposition

Aggregation of data

Aggregation with non-personal data

We may publish, disclose and use aggregated information (information relating to all of our Users or to specific groups or categories of Users that we combine in such a way as to that an individual User can no longer be identified or mentioned) and non-personal information for the purposes of industry and market analysis, demographic profiling, promotional purposes and advertising and other commercial purposes.

Aggregation with personal data available on the User’s social accounts

If you connect your account to an account of another service in order to cross-send, that service may provide us with your profile information, connection information, and any other information that you have authorized disclosure. We may aggregate information relating to all of our other Users, groups, accounts, to personal data available to the User.

Collection of identity data

Registration and prior identification for the provision of the service Use of the Site requires registration and prior identification. Your personal data (last name, first name, postal address, e-mail, telephone number, etc.) are used to fulfill our legal obligations resulting from the delivery of products and / or services, under the End User License Agreement, of the Limitation of warranty, if any, or any other applicable condition. You will not provide false personal information and will not create an account for another person without their authorization. Your contact details should always be accurate and up to date.

Collection of identification data

Use of the user ID only for access to services We use your electronic identifiers only for and during the execution of the contract.

Terminal data collection

Collection of profiling data and technical data for the purpose of providing the service Some of the technical data of your device is collected automatically by the Site. This information includes in particular your IP address, Internet service provider, hardware configuration, software configuration, browser type and language, etc. The collection of this data is necessary for the provision of services.

Collection of technical data for advertising, commercial and statistical purposes

The technical data of your device is automatically collected and recorded by the Site, for advertising, commercial and statistical purposes. This information helps us personalize and improve continually your experience on our Site. We do not collect or store any personal data (name, first name, address, etc.) that may be attached to technical data. The data collected are likely to be resold to third parties.

Cookies

Retention period of cookies In accordance with the recommendations of the CNIL, the maximum retention period for cookies is a maximum of 13 months after their first deposit in the User’s terminal, as is the period of validity of the User’s consent to the use of these cookies. The lifespan of cookies is not extended on each visit. The User’s consent must therefore be renewed at the end of this period.

Cookies purpose

Cookies can be used for statistical purposes, in particular to optimize the services provided to the User, from the processing of information concerning the frequency of access, the personalization of pages as well as the operations carried out and the information consulted. You are informed that the Publisher may place cookies on your terminal. The cookie records information relating to navigation on the service (the pages you have visited, the date and time of the visit, etc.) that we can read during your subsequent visits.

User right to refuse cookies, deactivation leading to degraded operation of the service
You acknowledge having been informed that the Publisher may use cookies, and authorize it. If you do not want cookies to be used on your device, most browsers allow you to disable cookies through the settings options. However, you are informed that certain services may no longer function correctly.

Possible association of cookies with personal data to allow the operation of the service
The Publisher may need to collect browsing information through the use of cookies.

Storage of technical data

Retention period of technical data
Technical data is kept for the time strictly necessary to achieve the purposes referred to above.

Retention period for personal data and anonymization

Data retention for the duration of the contractual relationship
In accordance with article 6-5 ° of law n ° 78-17 of January 6, 1978 relating to computers, files and freedoms, personal data being processed are not kept. above the time necessary for the performance of the obligations defined at the conclusion of the contract or the predefined duration of the contractual relationship.

Retention of anonymized data beyond the contractual relationship / after deletion of the account
We keep personal data for the time strictly necessary to achieve the purposes described in these T & Cs. Beyond this period, they will be anonymized and kept for exclusively statistical and will not give rise to any exploitation of any kind.

Data deletion after deletion of the account
Data purging means are put in place in order to provide for its effective deletion as soon as the retention or archiving period necessary for the fulfillment of the determined or imposed purposes is reached. In accordance with Law No. 78-17 of January 6, 1978 relating to computers, files and freedoms, you also have the right to delete your data which you can exercise at any time. moment by contacting the Publisher.

Data deletion after 3 years of inactivity
For security reasons, if you have not authenticated on the Site for a period of three years, you will receive an e-mail inviting you to connect as soon as possible, otherwise your data will be deleted from our databases.

Account deletion

Account deletion on demand
The User has the possibility to delete his Account at any time, by simple request to the Editor OR by the Account deletion menu present in the Account settings if applicable.

Deletion of the account in the event of violation of the T & Cs
In the event of a violation of one or more provisions of the T & Cs or any other document incorporated herein by reference, the Publisher reserves the right to terminate or restrict without any prior warning and at its sole discretion, your use and access services, your account and all Sites.

Indications in the event of a security breach detected by the Publisher

User information in the event of a security breach
We undertake to implement all the appropriate technical and organizational measures to guarantee an appropriate level of security with regard to the risks of accidental, unauthorized or illegal access, disclosure, alteration, loss or destruction of your personal data. In the event that we become aware of illegal access to your personal data stored on our servers or those of our service providers, or of unauthorized access resulting in the realization of the risks identified above, we undertake at :
• Notify you of the incident as soon as possible;
• Examine the causes of the incident and inform you;
• Take the necessary measures within reason to reduce the negative effects and prejudices that may result from said incident

Limitation of Liability
Under no circumstances can the commitments defined in the above point relating to the notification in the event of a security breach be assimilated to any acknowledgment of fault or responsibility for the occurrence of the incident in question.

Transfer of personal data abroad

No transfer outside the European Union
The Publisher undertakes not to transfer the personal data of its Users outside the European Union.

Modification of the T & Cs and the privacy policy

In the event of modification of these T & Cs, commitment not to lower the level of confidentiality substantially without prior information to the persons concerned We undertake to inform you in the event of a substantial modification of these T & Cs, and not to lower the level of confidentiality of your data substantially without informing you and obtaining your consent.

Applicable law and methods of appeal

Application of French law (CNIL legislation) and jurisdiction of the courts
These T & Cs and your use of the Site are governed and interpreted in accordance with the laws of France, and in particular Law No. 78-17 of January 6, 1978 relating to computers, files and freedoms. The choice of the applicable law does not affect your rights as a consumer in accordance with the applicable law of your place of residence. If you are a consumer, you and we agree to submit to the non-exclusive jurisdiction of French courts, which means that you can take action relating to these T & Cs in France or in the EU country in which you live. If you are a professional, all actions against us must be brought before a court in France.

In the event of a dispute, the parties will seek an amicable solution before any legal action. If these attempts fail, any challenge to the validity, interpretation and / or execution of these T & Cs must be brought even in the event of multiple defendants or an appeal in guarantee, before the French courts.

Data portability

Data portability
The Publisher undertakes to offer you the possibility of having all of the data concerning you returned to you on request. The User is thus guaranteed better control of his data, and retains the possibility of reusing it. These data should be provided in an open and easily reusable format.