Privacy policy (RGPD standard)

Security and protection of personal data Design your privacy Warnings This tool is provided free of charge. The tool is based on information derived from the firm's professional analysis of compliance issues. RGPD. However, given that compliance is a dynamic process and that every situation is unique, the information provided must be adapted and can under no circumstances be considered exhaustive or accurate. Unless you request a review and validation by the Firm, the document generated is considered as mere information. Consequently, you alone are responsible for interpreting the information provided, for the advice you deduce from it and for the adaptations you make for your own commercial activity. The use and operation of the tool is therefore your sole responsibility and at your own risk. Definitions : The Publisher The person, natural or legal, who publishes online public communication services. The Site All websites, web pages and online services offered by the Publisher. The User The person using the Site and the services. Nature of the data collected In the course of using the Sites, the Publisher may collect the following categories of data about its Users: Civil status data, identity data, identification data... Data relating to personal life (lifestyle, family situation, excluding sensitive or dangerous data) Data relating to professional life (CV, education, professional training, awards, etc.) Economic and financial information (income, financial situation, tax situation, etc.) Connection data (IP addresses, event logs, etc.) Location data (movements, GPS data, GSM data, etc.) Communication of personal data to third parties No communication to third parties Your data will not be disclosed to third parties. However, you are informed that they may be disclosed in application of a law, a regulation or by virtue of a decision of a competent regulatory or judicial authority. Prior information for the communication of personal data to third parties in the event of a merger / absorption Collection of opt-in consent for the transfer of data following a merger/acquisition In the event that we become involved in a merger, acquisition or other form of asset transfer, we undertake to obtain your prior consent to the transfer of your personal data and to maintain the level of confidentiality of your personal data to which you have consented. Purpose of re-use of personal data collected To carry out customer management operations relating to - contracts; orders; deliveries; invoices; accounting and in particular the management of customer accounts - a loyalty programme within one or more legal entities - customer relationship management such as satisfaction surveys, complaint management and after-sales service - the selection of customers to carry out studies, surveys and product tests (unless the consent of the persons concerned is obtained under the conditions provided for in Article 6, these operations must not lead to the establishment of profiles likely to reveal sensitive data - racial or ethnic origins, philosophical, political, trade union or religious opinions, sex life or health of the persons) The compilation of commercial statistics The transfer, rental or exchange of its customer and prospect files The updating of its prospecting files by the organisation in charge of managing the list of opposition to telephone canvassing, in application of the provisions of the consumer code Management of requests for access, rectification and opposition rights The management of unpaid bills and disputes, provided that it does not concern offences and/or that it does not lead to the exclusion of the person from the benefit of a right, a service or a contract The management of people's opinions on products, services or content Data aggregation Aggregation with non-personal data We may publish, disclose and use Aggregate Information (information about all of our Users or specific groups or categories of Users that we combine so that an individual User cannot be identified or referred to) and Non-Personal Information for industry and market analysis, demographic profiling, promotional and advertising purposes and other business purposes. Aggregation with personal data available on the User's social accounts If you connect your account to an account on another service for the purpose of cross-mailing, that service may share your profile information, login information, and any other information you have authorized to be shared with us. We may aggregate information about all of our other Users, groups, and accounts with the personal data available about the User. Collection of identity data Free consultation Consultation of the Site does not require prior registration or identification. You can do so without providing any personal data (surname, first name, address, etc.). We do not record any personal data simply for consulting the Site. Collection of identification data Use of the user's identifier only for access to services We use your electronic identifiers only for and during the performance of the contract. Collection of terminal data No collection of technical data We do not collect or store any technical data about your device (IP address, Internet service provider, etc.). Cookies Cookie retention period In accordance with CNIL recommendations, cookies are kept for a maximum of 13 months after they are first placed on the User's terminal, as is the period of validity of the User's consent to the use of these cookies. The lifespan of cookies is not extended with each visit. The User's consent must therefore be renewed at the end of this period. Purpose of cookies Cookies may be used for statistical purposes, in particular to optimise the services provided to the User, based on the processing of information concerning the frequency of access, the personalisation of pages, the operations carried out and the information consulted. You are informed that the Publisher may place cookies on your terminal. The cookie records information relating to navigation on the service (the pages you have consulted, the date and time of consultation, etc.) which we can read during your subsequent visits. The User's right to refuse cookies You acknowledge that you have been informed that the Publisher may use cookies. If you do not wish cookies to be used on your terminal, most browsers allow you to disable cookies via the settings options. Retention of technical data Duration of storage of technical data Technical data is kept for the time strictly necessary to achieve the purposes set out above. Storage period for personal data and anonymisation No data retention We do not retain any personal data beyond the duration of your connection to the service for the purposes described in these GCU. Deletion of data after account deletion Means of data purging are put in place in order to provide for the effective deletion of data as soon as the retention or archiving period necessary for the fulfilment of the purposes determined or imposed has been reached. In accordance with the French Data Protection Act no. 78-17 of 6 January 1978, you also have the right to delete your data, which you may exercise at any time by contacting the Publisher. Deletion of data after 3 years of inactivity For security reasons, if you have not logged on to the Site for a period of three years, you will receive an e-mail inviting you to log on as soon as possible, failing which your data will be deleted from our databases. Account deletion Account deletion on request The User may delete his/her Account at any time, by simple request to the Publisher OR via the Account deletion menu in the Account settings, if applicable. Account deletion in the event of a breach of the GTCU If you breach any provision of the TOS or any other document incorporated herein by reference, the Publisher reserves the right to terminate or restrict your use of and access to the Services, your Account and all Sites at its sole discretion, without prior notice. Indications in the event of a security breach detected by the Publisher Informing the User in the event of a security breach We undertake to implement all appropriate technical and organisational measures in order to guarantee a level of security appropriate to the risks of accidental, unauthorised or illegal access, disclosure, alteration, loss or destruction of your personal data. In the event that we become aware of unlawful access to your personal data stored on our servers or those of our service providers, or of unauthorised access resulting in the risks identified above, we undertake to : Notify you of the incident as soon as possible; Examine the causes of the incident and inform you; Take the necessary measures within reasonable limits in order to reduce the negative effects and prejudices that may result from the said incident. Limitation of liability Under no circumstances may the undertakings set out in the point above relating to notification in the event of a security breach be assimilated to any acknowledgement of fault or responsibility for the occurrence of the incident in question. Transfer of personal data abroad No transfer outside the European Union The Publisher undertakes not to transfer data its Users outside the European Union. Europe. Modification of the GTCU and the privacy policy In the event of modification of these GCU, undertaking not to lower the level of confidentiality substantially without prior information of the persons concerned We undertake to inform you in the event of substantial modification of these GTU, and not to lower the level of confidentiality of your data substantially without informing you and obtaining your consent. Applicable law and recourse procedures Arbitration clause You expressly agree that any dispute that may arise as a result of these GTC, in particular its interpretation or performance, will be referred to arbitration subject to the rules of the arbitration platform chosen by mutual agreement, to which you will adhere unreservedly. Data portability Data portability The Publisher undertakes to offer you the possibility of having all your personal data returned to you on request. In this way, the User is guaranteed greater control over his or her data and retains the possibility of re-using it. This data must be provided in an open and easily reusable format.