Confidentiality policy (GDPR standard)

Design your Privacy Security and Protection of Personal Data

Warnings

This tool is made available free of charge. The tool relies on information based on professional analysis by a GDPR Compliance Company. However, since compliance is a dynamic process and every situation is unique, the information transmitted must be adapted and cannot under any circumstances be considered as complete or accurate.

Unless you request a review and validation by the compliance company, the document generated is considered to be for information purposes only.
Consequently, you alone are responsible for interpretations made from the information supplied, any advice that you deduce from it and
any adaptations you make for your own business. You use this tool at your own risk and under your sole responsibility.

Definitions:

The Publisher: The person, whether an individual or a corporation, who publishes online communication services to the public.
The Site: All the sites, internet pages and online services offered by the Publisher.
The User: The person using the Site and the services.

Nature of the data collected

In the context of using the Sites, the publisher may collect data in the following categories about their users:

Data about marital status, identity, identification…

Communication of personal data to third parties

No communication to third parties
Your data is not subject to communication to a third party. You are however informed that it may be divulged in the application of a law, a regulation or
pursuant to a decision by a competent regulatory or judicial authority.

Prior information for the communication of personal data to third parties in the event of merger/absorption

Collection of opt-in (consent) prior to the communication of data following a merger/acquisition

In the event when we are involved in a merger, acquisition, or any other form of asset disposal, we commit to obtaining your prior consent to communicate your personal data and maintain the same level of confidentiality for your personal data as that to which you have consented.

Purpose of the reuse of personal data collected

Carrying out operations relating to managing clients concerning

  • contracts; orders; deliveries; invoices; accounts and in particular managing client accounts
  • a loyalty programme within an entity or several legal entities;
  • tracking of the customer relationship such as carrying out client satisfaction surveys, managing complaints and after-sales service
  • selecting clients to carry out studies, surveys and product tests (unless the consent of the data subjects is obtained under the conditions laid down in Article 6, these operations must not lead to the establishment of profiles likely to reveal sensitive data – racial or ethnic origin, philosophical, religious or political opinions, trade union affiliation, sexual orientation, or the individual’s health)

Carrying out operations relating to prospecting

  • managing technical prospecting operations (which includes especially technical operations such as standardisation, enrichment and deduplication)
  • selecting people for carrying out actions relating to loyalty, prospecting, surveying, product testing and promotion. Unless the consent of the data subjects is obtained under the conditions laid down in Article 6, these operations must not lead to the establishment of profiles likely to reveal sensitive data (racial or ethnic origin, philosophical, religious or political opinions, trade union affiliation, sexual orientation, or the individual’s health)
  • conducting sales operations

Development of sales statistics

Data aggregation

Aggregation with non-personal data
We can publish, share and use aggregated information (information relating to all our Users or to specific groups or categories of Users that we combine so that no individual User can be identified or is mentioned) and non-personal information for the purpose of analysing the market and the sector,
demographic profile, for promotional and advertising purposes and other commercial purposes.

Aggregation with personal data available on the User’s social media accounts
If you connect your account to the account of another service in order to carry out cross-mailings, the service in question may communicate to us
information relating to your profile, the connection, and any other information that you have given permission to be disclosed. We can aggregate information relating to all our other Users, groups, accounts, personal data available about the User.

Collection of identity data

Free consultation
Consulting the Site does not require any subscription or prior identification. The Site can be consulted without you having to communicate any nominative data about you (first name, last name, address, etc.). We will not record any nominative data when simply navigating the Site.

Collection of identification data

The Use of the user’s username only for accessing services
We use your electronic user details only for and during the execution of the contract.

Collecting computer data

Collecting profiling data and technical data for the purpose of supplying the service.
Some technical data on your machine is automatically collected by the Site. This information includes, in particular, your IP address, your Internet service provider, the hardware configuration, the software configuration, the browser type and language, etc. Collecting this data is necessary in order to supply the services.

Collecting technical data for advertising, sales and statistical purposes
Technical data on your machine is automatically collected and saved by the Site, for advertising, sales and statistical purposes.
This information helps us to personalise and improve your experience on our Site on an ongoing basis.
We do not collect or store any nominative data (first name, last name, address, etc.) can that can be attached to a piece of technical data.
The data collected may be sold to a third party.

Cookies

Duration of cookie storage
In compliance to recommendations made by the CNIL (the French data protection authority), the maximum duration for storing cookies is 13 months
after first being placed on the User’s machine, as well as the duration of the validity of the User’s consent for the use of these cookies.
The cookies’ lifespan is not extended with each visit. The User’s consent must therefore be renewed at the end of this period.

Purpose of cookies
Cookies may be used for statistical purposes, in particular to optimise services provided to the User, by processing information about how often the User accesses the Site and the personalisation of pages, as well as the actions taken and information consulted.
You are informed that the Publisher may place cookies on your computer. The cookie records information relating to navigating the service (the pages that you consulted, the date and time of the visit, etc.) that we can read during your subsequent visits.

User’s right to refuse cookies
You recognise that you have been informed that the Publisher may use cookies. If you do not want cookies to be used on your computer, most browsers allow you to deactivate cookies via the options available in their settings.

Retention of Technical Data

Duration of retention of technical data
Technical data is retained only for the duration that is strictly necessary to carry out the purposes set out above.

Time limit for retention of personal data and anonymisation

Keeping data for the duration of the contractual relationship
In accordance with article 6-5° of the law n°78-17 of 6th January 1978 relating to data processing, files and freedoms, data of a personal nature that is processed is not kept beyond the time necessary for the execution of the obligations defined when the contract is concluded or for the predefined duration of the contractual relationship.

Retention of anonymised data beyond the contractual relationship / after the account has been deleted
We keep personal data only for the duration that is strictly necessary for the purposes described in these terms and conditions.
Beyond that duration, they will be anonymised and kept exclusively for statistical purposes, and they will not undergo any processing of any kind.

Deleting data after account deletion
Methods for wiping data are in place, in order to provide for its effective removal as soon as the retention or archiving period necessary
to fulfil the determined or imposed purposes is fulfilled. In accordance with law n°78-17 of 6th January 1978 relating to data processing, files and freedoms, you have a right to delete it which you can exercise at any time by contacting the Publisher.

Deleting data after 3 years of inactivity
For security reasons, if you are not authenticated by the Site over a period of three years, you will receive an email inviting you to login as soon as possible, otherwise your data will be deleted from our databases.

Deleting the account

Deleting the account on request
The User has the option to delete his or her Account at any time, by making a request to the Publisher OR by using the Account deletion menu in the Account settings where applicable.

Account deletion in the event of a breach of the terms and conditions
In the event of a breach of one or more of the provisions of the terms and conditions or any other document included herein by reference, the Publisher reserves the right to end or restrict your use and access to the services, to your account and to all Sites, without any prior notice and at his discretion.

Information in the event of a security breach detected by the Publisher

User information in the event of a security breach
We commit to implement all appropriate technical and organisational measures in order to guarantee an appropriate level of security with regard to risks of accidental, unauthorised or illegal access, disclosure, alteration, loss or destruction of personal data concerning you. In the event that we become aware of illegal access to personal data about you stored on our servers or those of our service providers, or unauthorised access resulting in the realisation of risks identified above, we are committed to:

• Notifying you of the incident as soon as possible;
• Examining the causes of the incident and keeping you informed;
• Taking all reasonable necessary measures in order to lessen the adverse effects and harms that could result from the incident

Limitation of liability
In no case shall the commitments defined in the point above relating to notification in the event of a security breach be treated as a
any acknowledgement of fault or responsibility for the occurrence of the incident in question.

Transfer of personal data abroad

No transfer outside of the European Union
The Publisher commits not to transfer any of the Users’ personal data outside of the European Union.

Changes to terms and conditions and confidentiality policy

In the event of changes to these terms and conditions, commitment not to substantially reduce the level of confidentiality without
prior warning to the people concerned

We commit to informing you of any substantial change to these terms and conditions, and not to substantially reduce the level of confidentiality of your data without informing you and obtaining your consent.

Applicable law and means of appeal

Arbitration provision
You expressly accept that any dispute that may arise as a result of these Terms and Conditions, in particular its interpretation or execution, shall be governed by an arbitration procedure subject to the rules of a mutually agreed arbitration platform to which you shall adhere without reservation.

Data Portability

Data portability
The publisher is committed to offering you the option to have all data relating to you returned on request. The User is thus guaranteed better control of his or her data, and has the option of reusing it. This data will be supplied in an open, easily reusable format.