Confidentiality policy

1. Definitions

The Publisher: The legal entity or natural person who publishes public communication services online.

The Website: The websites, internet pages and online services provided by the Publisher.

The User: The person using the website and services.

 

2. Type of data collected

For the use of the Website(s), the Publisher is likely to collect the following categories of data concerning the Users: Civil status, identity, identification data….

3. Communication of personal data to third parties

3.1.Communication to authorities due to legal obligations

Due to legal obligations, your personal data may be disclosed under the application of a law, a regulation or in virtue of a decision by a competent regulatory or judiciary body. Generally speaking, we undertake to comply with all the legal rules which may prevent, limit or regulate the distribution of information or of data and in particular to comply with the Data Protection Law no.78-17 of 6 January 1978.

3.2.Communication to third party associates

We may provide some personal data to strategic partners with whom we collaborate for the supply of products and services or who assist us in the marketing of our products for our Clients.

4. Virality of the terms & conditions for the reuse of personal data

4.1.Commitment on the virality of terms & conditions

In the event of your personal data being communicated to a third party, the latter is bound to apply terms & conditions of confidentiality identical to those of the website.

5. Prior information for the communication of personal data to a third party in the event of a merger / takeover

5.1.Prior information and the opportunity to opt-out before and after the merger / takeover

In the event that we are part of a merger, takeover or any other form of assets transfer, we undertake to ensure the confidentiality of your personal data and to inform you in advance should it be transferred or subject to new confidentiality rules.

6. Purpose of the reuse of personal data collected

To carry out transactions relative to Client management concerning:

–     contracts; orders; deliveries; invoices; accounting and in particular the administration of Client accounts,

–     a loyalty programme with one or more legal entities,

–     follow-up of Client relations such as the execution of customer satisfaction questionnaires, the management of claims and after sales service,

–     the selection of Clients to carry out studies, surveys and product testing (unless authorisation granted by the individuals concerned under the terms provided for in Item 6, these operations must not lead to the establishment of profiles likely to reveal sensitive data – racial or ethnic origins, philosophical, political, trade union-related or religious opinions, sex life or health of individuals). To carry out prospecting operations:

–     the management of technical prospecting operations (including technical operations such as standardisation, enhancement and deduplication),

–     the selection of individuals to carry out loyalty, prospecting, surveys, product testing and promotion actions. Unless authorisation granted by the individuals concerned under the terms provided for in Item 6, these operations must not lead to the establishment of profiles likely to reveal sensitive data (racial or ethnic origins, philosophical, political, trade union-related or religious opinions, sex life or health of individuals)

–     the execution of soliciting operations The management of requests for a right of access, rectification or opposition

7. Aggregation of data

7.1.Aggregation with non-personal data

We may publish, disclose and use aggregated data (information relative to all our Users or to specific groups or categories of Users that we mix together in such a way that an individual User cannot be identified or mentioned) and non-personal information for the purpose of market sector analysis, demographic profiling, for promotional or advertising purposes and other marketing objectives.

7.2.Aggregation with personal data available on the User’s social networking accounts

If you connect your account to another service’s account in order to cross-send, that service may provide us with your profile information, login details, and any other data that you may have authorised to be disclosed. We may aggregate information relative to all other Users, groups and accounts to the personal data available on the User.

8. Collection of identity data

8.1.Free consultation

The consultation of the website does not require registration or prior identification. You are free to consult the website without communicating nominative data to us (surname, first name, address, etc.). We do not record any nominative data for the simple consultation of the website.

8.2.Collection of identification data

·    Use of the User login only for access to services We only use your electronic login details for and during the execution of the contract. Collection of device data No collection of technical data We do not collect or conserve any technical data from your device (IP address, internet service provider, etc.).

9. Cookies

9.1.Storage period for cookies

In accordance with CNIL recommendations, the maximum storage period for cookies is 13 months following their first being placed on the User’s device, as is the validity period of authorisation by the User for the use of cookies. The cookies’ lifespan is not prolonged at each visit. The User’s authorisation must therefore be renewed at the end of this period.

9.2.The purpose of cookies

Cookies can be used for statistical purposes, in particular to optimise services provided to the User, using processed information concerning the access rate, the customisation of pages as well as transactions carried out and details consulted. You are informed that the Publisher is likely to place cookies on your device. The cookie will record information relative to your browsing of the service (pages consulted, date and time of consultation…) that we may read upon your subsequent visits.

9.3.User’s right to refuse cookies

You acknowledge having been informed that the Publisher may use cookies. If you do not wish to have cookies used on your device, most internet browsers enable you to disable cookies by choosing the options in your settings.

10.  Storage of technical data

10.1. Storage period for technical data

Technical data is stored for the period strictly necessary to achieve the purposes referred to above.

10.2. Storage period for personal data and being rendered anonymous

·    Storage of data for the duration of the contractual relationship Pursuant to article 6-V of the Data Protection Law no.78-17 of 6 January 1978, personal data subject to processing is not stored any longer than the time required for the execution of obligations defined at the time of contract or the predefined period of the contractual relationship.

·    Storage of data rendered anonymous following the contractual relationship / after deletion of the account We keep personal data for the length of time strictly necessary to achieve the purposes described in these GTCU. Beyond this period, it will be rendered anonymous and stored for the exclusive purpose of statistics and will give rise to no other use, of any nature whatsoever.

·    Deletion of data after deletion of the account Means of data clearing shall be set up in order to provide for its effective deletion as soon as the storage or archiving period necessary for the fulfilment of the purposes determined or imposed has been reached. Pursuant to the Data Protection Law no.78-17 of 6 January 1978, you have a right of deletion of your personal data that you may exercise at any time by contacting the Publisher.

·    Deletion of data after 3 years of inactivity For security reasons, if you have not identified yourself on the Website for a period of 3 years, you will receive an e-mail inviting you to login as soon as possible, failing which your data will be deleted from our databases.

·    Deletion of the Account

o   Deletion of the Account upon request The User has the possibility to delete their Account at any time, upon simple request addressed to the Publisher OR otherwise via the Account Deletion menu found in the Account settings

o   Deletion of the Account in the event of breach of the GTCU. In the event of breach of one or more of the provisions of these GTCU or of any other document incorporated herein by reference, the Publisher reserves the right to end or to restrict, without prior notice and at its sole discretion, your use of, and access to, services, your Account and to all the Websites.

11.  Instructions in the event of a security breach detected by the Publisher

·    Information to the User in the event of a security breach

We undertake to implement all the appropriate technical and organisational measures in order to ensure an adequate degree of security in view of the risks of accidental, unauthorised or illegal access, disclosure, alteration, loss or even destruction of your personal data. In the event that we become aware of an illegal access to your personal data stored on our servers or those of our service providers, or of an unauthorised access giving rise to the occurrence of the risks identified above, we undertake to:

–     Notify you of the incident as quickly as possible;

–     Discover the cause(s) of the incident and keep you informed;

–     Take all the necessary and reasonable steps in order to minimise the negative impacts and prejudice that may result from said incident

·    Limitation of liability

Under no circumstances will the undertakings defined above, relating to notification in the event of a security breach, be considered as an admission of fault of any kind or of liability for the occurrence of the incident in question.

12.  Transfer of personal data abroad

No transfer outside the European Union The Publisher undertakes not to transfer personal data from its Users outside the European Union.

13.  Changes to the GTCU and Confidentiality Policy

In the event of changes to the present GTCU, a commitment not to significantly lower the degree of confidentiality without prior information to those concerned. We undertake to inform you in the event of substantial change to the present GTCU and not to significantly lower the degree of confidentiality of your data without first informing you and obtaining your consent.

14.  Applicable law and appeal procedures

·    Application of French law (CNIL legislation) and competent courts

The present GTCU and your use of the Website are governed and interpreted in accordance with French law, and in particular the Data Protection Law no.78-17 of 6 January 1978. The choice of applicable law does not violate your rights as a consumer in accordance with the applicable law of your place of residence. If you are a consumer, you and ourselves accept to submit to the non-exclusive jurisdiction of the French courts, which implies that you may bring an action relative to the present GTCU in France or in the EU country in which you reside. If you are a professional, any actions brought against us must be submitted to the jurisdiction of the French courts. In the event of dispute, the Parties will endeavour to reach an amicable solution before attempting any legal action. Should these attempts fail, any disputes regarding the validity, interpretation and/or execution of these GTCU shall be brought before the French courts, even if there is more than one defendant or if there is a warranty claim.

15.  Portability of data

The Publisher undertakes to offer you the possibility of having all your personal data returned to you upon request. The User is thus ensured better control of their data, and retains the possibility of reusing it. This data should be provided in an open and easily reusable format.