ARTICLE 1: PREAMBLE
The way in which their personal data are collected and processed. All data that could identify a user should be considered as personal data. These include first and last name, age, postal address, email address, user location or even their IP address;
What are the rights of users regarding this data;
Who is responsible for the processing of personal data collected and processed;
To whom this data is transmitted;
Optionally, the site's policy on "cookie" files.
ARTICLE 2: GENERAL PRINCIPLES IN THE MATTER OF DATA COLLECTION AND PROCESSING
In accordance with the provisions of article 5 of European Regulation 2016/679, the collection and processing of data from site users respect the following principles:
Legality, loyalty and transparency: data can only be collected and processed with the consent of the user who owns the data. Whenever personal data is collected, the user will be informed that his data is collected, and for what reasons his data is collected;
Limited purposes: the collection and processing of data is carried out to meet one or more objectives determined in these general conditions of use;
Minimization of data collection and processing: only the data necessary for the proper execution of the objectives pursued by the site are collected;
Storage of data reduced in time: the data is kept for a limited period, of which the user is informed. If the shelf life cannot be communicated to the user;
Integrity and confidentiality of the data collected and processed: the data controller undertakes to guarantee the integrity and confidentiality of the data collected.
In order to be lawful, and in accordance with the requirements of Article 6 of European Regulation 2016/679, the collection and processing of personal data may only take place if they meet at least one of the conditions below. after listed:
The user has expressly consented to the processing;
Processing is necessary for the proper performance of a contract;
The processing meets a legal obligation;
The processing is explained by a necessity related to the safeguarding of the vital interests of the data subject or of another natural person;
The processing can be explained by a necessity linked to the execution of a mission of public interest or which relates to the exercise of public authority;
The processing and collection of personal data is necessary for the purposes of the legitimate and private interests pursued by the controller or by a third party.
ARTICLE 3: PERSONAL DATA COLLECTED AND PROCESSED IN THE CONTEXT OF WEBSITE NAVIGATION
A. COLLECTED AND PROCESSED DATA AND METHOD OF COLLECTION
The personal data collected on the AQUATEK site are as follows:
Last name, first name, age, email address, department city country,
This data is collected when the user performs one of the following operations on the site:
The data controller will keep all of the data collected in its site computer systems and under reasonable security conditions for a period of: ________.
Data collection and processing serve the following purposes:
B. TRANSMISSION OF DATA TO THIRD PARTIES
Personal data collected by the site is not transmitted to any third party, and is only processed by the site editor.
C. HOSTING OF DATA
The AQUATEK site is hosted by: ________, whose head office is located at the address below:
The host can be contacted at the following telephone number: ________
The data collected and processed by the site are transferred to the following country (ies): ________. This transfer of personal data outside the European Union is justified for the following reasons:
ARTICLE 4: PERSON RESPONSIBLE FOR DATA PROCESSING AND DATA PROTECTION
A. THE PERSON RESPONSIBLE FOR DATA PROCESSING
The person responsible for processing personal data is: Fabrice Couraud. He can be contacted as follows:
by email: firstname.lastname@example.org
The data controller is responsible for determining the purposes and the means used for processing personal data.
B. OBLIGATIONS OF THE DATA PROCESSING MANAGER
The controller undertakes to protect the personal data collected, not to transmit it to third parties without the user being informed and to respect the purposes for which these data were collected.
The site has an SSL certificate to ensure that the information and data transfer passing through the site are secure.
An SSL certificate ("Secure Socket Layer" Certificate) aims to secure the data exchanged between the user and the site.
In addition, the data controller undertakes to notify the user in the event of rectification or deletion of the data, unless this results in disproportionate formalities, costs and procedures.
In the event that the integrity, confidentiality or security of the user's personal data is compromised, the controller undertakes to inform the user by any means.
C. THE DATA PROTECTION OFFICER
In addition, the user is informed that the following person has been appointed Data Protection Officer: Fabrice Couraud.
The role of the Data Protection Officer and ensuring the proper implementation of national and supranational provisions relating to the collection and processing of personal data. It is sometimes called DPO (for Data Protection Officer).
The data protection officer can be reached as follows:
By email: email@example.com
ARTICLE 5: RIGHTS OF THE USER
In accordance with the regulations concerning the processing of personal data, the user has the rights listed below.
In order for the data controller to comply with his request, the user must communicate to him: his first and last name as well as his e-mail address, and if relevant, his account number or personal space or subscriber.
The data controller is required to respond to the user within a maximum of 30 (thirty) days.
A. PRESENTATION OF THE RIGHTS OF THE USER IN THE MATTER OF DATA COLLECTION AND PROCESSING
at. Right of access, rectification and right to erasure
The user can read, update, modify or request the deletion of data concerning him, by respecting the procedure set out below:
The user must send an email to the person responsible for processing personal data, specifying the subject of his request and using the email address firstname.lastname@example.org
If he has one, the user has the right to request the deletion of his personal space by following the following procedure:
The user must send an email to the person responsible for processing personal data, using the email@example.com email address, specifying their personal space number. The request for deletion of data will be effective within one month of receipt of the email.
b. Right to data portability
The user has the right to request the portability of his personal data, held by the site, to another site, by complying with the following procedure:
The user must make a request for portability of his personal data to the data controller, by sending an email to the address firstname.lastname@example.org specifying the email of the data controller of the other site.
vs. Right to limit and oppose data processing
The user has the right to request the limitation or to oppose the processing of his data by the site, without the site being able to refuse, except to demonstrate the existence of legitimate and compelling reasons, which may prevail over the interests and user rights and freedoms.
In order to request the limitation of the processing of their data or to object to the processing of their data, the user must follow the following procedure:
The user must make a request for limitation to the processing of his personal data to the data controller, by sending an email to the address email@example.com specifying the data which should not give rise to a limitation treatment.
d. Right not to be subject to a decision based exclusively on an automated process
In accordance with the provisions of regulation 2016/679, the user has the right not to be the subject of a decision based exclusively on an automated process if the decision produces legal effects concerning him, or significantly affects him. similar way.
e. Right to determine the fate of data after death
The user is reminded that he can organize what should become of his data collected and processed if he dies, in accordance with law n ° 2016-1321 of October 7, 2016.
f. Right to seize the competent supervisory authority
In the event that the data controller decides not to respond to the user's request, and the user wishes to contest this decision, or, if he thinks that one of the rights listed above, he is entitled to appeal to the CNIL (National Commission for Information Technology and Liberties, https://www.cnil.fr) or any competent judge.
B. PERSONAL DATA OF MINOR PEOPLE
In accordance with the provisions of article 8 of European regulation 2016/679 and the Data Protection Act, only minors aged 15 years or more can consent to the processing of their personal data.
If the user is a minor under the age of 15, the agreement of a legal representative will be required so that personal data can be collected and processed.
The publisher of the site reserves the right to verify by any means that the user is over 15 years of age, or that he has obtained the agreement of a legal representative before browsing the site.
The editor of the site reserves the right to modify it in order to guarantee its conformity with the law in force.
However, in the event of a substantial modification of this policy, the user will be informed as follows:
By email to the address provided by the user
By browsing the site, the user certifies having read and understood this confidentiality policy and accepts the conditions, with regard more particularly to the collection and processing of his personal data.