"IT Service Providers": refers to IT service providers with whom the Data Controller has contracted for the design, corrective and progressive maintenance and hosting of the Site.
"Users": refers to the persons accessing and using the Site.
ARTICLE 1: GENERAL TERMS AND CONDITIONS
ARTICLE 2: DATA COLLECTED
However, if he refuses, the User may not be able to benefit from all the services offered by the Site, concerning the downloading of e-book and subscription to the newsletter.
Indeed, in the context of certain services, the Data Controller may be required to ask the User to provide certain Data as mentioned below.
2.2 The Data Controller collects various personal data from Users:
2.2.1 Information required for downloading e-book
As part of the use of the Site, and in order to download (e-book) available on the Site, the User must provide the following data:
- surname and first name of the User
2.2.2 The information required to subscribe to the newsletter
As part of using the Site, and in order to register via the Site for the newsletter available on the Site, the User must provide the following data:
- surname and first name of the Use
2.2.3 The information required for the contact form
As part of using the Site, the User can contact the Data Controller via a contact form, in which the User agrees to inform:
- name and first name of the User
- E-mail adress
- Postal code
2.2.4 Automatically information collected
When the User uses the Site, the Data Controller will automatically collect certain Data:
- geolocation information: the Data Controller can collect information on the precise or approximate location of the User, in particular by the IP address of the User or by the GPS data of his mobile device. The User is however informed of the fact that he can deactivate the use of the location services of his mobile device.
- usage information: the Data Controller may collect information concerning the User's interactions with the Site, and in particular see the pages viewed.
ARTICLE 3: PURPOSE OF THE PROCESSING OPERATIONS
3.1 Concerning the improvement, supply and development of the Site
The Data Controller may use the Data to improve and develop the Site, in particular to:
- allow the User to access and use the Site
- manage, protect, improve and optimize the Site
- allow the User to use the services (downloading e-book, subscribing to the newsletter);
- carry out internal analyzes and statistics
3.2 Concerning the preservation of a secure environment
The Data Controller may use the Data to preserve a secure environment, and in particular to:
- detect and prevent fraud, spam, abuse, security incidents and other harmful activities
- conduct safety investigations
- checks against databases or other sources of information, including a police or background check, to the extent permitted by applicable laws and with the consent of the User, if applicable
- respect its legal obligations.
3.3 Concerning the personalization and improvement of services and advertising
The Data Controller may use the Data to personalize and improve its services and advertising, and in particular to:
- send Users promotional messages, commercial, advertising and other information that may be of interest to them according to their preferences, and in particular by sending the newsletter and e-book
- personalize, evaluate and improve its advertising and its Site;
- allow the promotion of the Isère territory.
ARTICLE 4: DATA RECIPIENTS
In this regard, the Data Controller undertakes to ensure that its partners present the necessary guarantees about protection of personal data to protect the security and confidentiality of the Data.
ARTICLE 5: DURATION OF DATA CONSERVATION
connection data (IP address, date and time of connection, pages viewed) are kept for a maximum period of 6 months.
At the end of these periods, they are then archived, anonymized or deleted.
ARTICLE 6: USER’S RIGHTS
6.1 Right of access and communication of Data
Each User could ask the Data Controller for confirmation whether or not personal data concerning him are processed, and when it is, access to his personal data and to a certain number of information (purposes processing, categories of data concerned, recipient of the data, existence of a transfer outside the EU, retention period, etc.).
The Data Controller must then respond to the User within one month from the date of the request (two-month extension possible "given the complexity and number of requests" and if the User was informed within the initial period of one month).
If the response is free by principle, the Data Controller reserves the right to request the payment of reasonable costs if the request generates administrative costs and if the request is manifestly unfounded or excessive.
As such, the Data Controller is not required to respond if:
- the request is manifestly abusive, in particular its repeated or systematic nature
- the Data is not kept.
Each User has the right to obtain from the Data Controller, as soon as possible, the rectification of personal data concerning him which is inaccurate.
Furthermore, considering the purposes of the processing, each User also has the right to obtain that the incomplete Data be completed, including by providing an additional declaration.
6.3 Oversight and deletion
Each User has the right to obtain from the Data Controller the deletion, as soon as possible, of personal data concerning him.
The right to deletion includes the right to delist and delete the Data collected.
However, this right is not general and only applies for the exhaustively enumerated reasons:
- the Data are no longer necessary for the purposes for which they were collected or processed
- the User withdraws his consent on which the processing is based and there is no other legal basis for the processing
- the User objects to the processing and there are no compelling and legitimate reasons for the processing
- the Data have been the subject of unlawful processing
- the Data must be erased to comply with a legal obligation.
- the exercise of the right to freedom of expression and information
- to comply with a legal obligation which requires processing, or to perform a task of public interest or falling within the exercise of public authority vested in the controller
- for reasons of public interest in the field of public health,
- for archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes insofar as the right concerned is likely to make impossible or seriously compromise the achievement of the objectives of said processing
- the establishment, exercise or defense of legal claims.
The Data Controller will let him know if his request is admissible or not, giving reasons for his decision.
6.4 Right to restriction of data processing
The right to limitation means that the User has the right to obtain from the Data Controller that he limits the processing. This limitation is defined as "the marking of stored personal data, with a view to limiting their future processing."
However, this right can only be implemented in certain cases:
- the User disputes the accuracy of the Data
- when the processing is unlawful, the User opposes the deletion of the Data and instead demand a limitation of their use
- the Data Controller no longer needs the Data for the purposes of processing but the data is still necessary for you to establish, exercise or defend your legal rights
- the User has objected to the processing.
6.5 Right to object to data processing
In accordance with the Regulations, the User has the right to object at any time, for reasons relating to his particular situation, to the processing of personal data concerning him.
It should be noted that this right is not absolute and that the User must have a legitimate reason to benefit from this right.
In the event that the User wishes to oppose the processing of all or part of his Data processed by the Data Controller, he must study if there are legitimate and compelling reasons for the processing which prevail over the User’s interests, rights and freedoms, or for the establishment, exercise or defense of legal rights.
Also, it is possible that the User's opposition request will be refused, in accordance with the applicable rules of law.
In this case, the User may appeal either to the services of the Data Controller or to the CNIL.
6.6 The Data Controller informs the User that he can download from the website of the French National Commission for Information Technology and Freedoms (CNIL) request forms relating to the rights set out above.
ARTICLE 7: WITHDRAWAL OF CONSENT
ARTICLE 8: SECURITY
If the User has reason to believe that their Data has been stolen, lost or misappropriated, he must report it immediately to the Data Controller.
ARTICLE 9: CONTACT
- email : firstname.lastname@example.org
- adress : 44 quai de France- 38000 Grenoble - France