ARTICLE 1: PREAMBLE
- The manner in their personal data are collected and processed. All data that may identify a user is considered personal data. This includes first and last name, age, postal address, e-mail address, location of the user or IP address;
- What are the rights of the users concerning these data ;
- Who is responsible for the processing of the personal data collected and processed ;
- To whom this data is transmitted;
ARTICLE 2: GENERAL PRINCIPLES FOR DATA COLLECTION AND PROCESSING
In accordance with the provisions of Article 5 of the European Regulation 2016/679, the collection and processing of data from users of the site comply with the following principles:
- Lawfulness, fairness and transparency: data may only be collected and processed with the consent of the user who owns the data. Whenever personal data is collected, the user will be informed that his data is being collected, and for what purposes his data is being collected ;
- Limited purposes: the collection and processing of data is carried out to meet one or more of the purposes determined in these general conditions of use ;
- Minimization of data collection and processing: only the data necessary for the proper execution of the objectives pursued by the site are collected;
- Conservation of data reduced in time: data is kept for a limited period of time, of which the user is informed. When this information cannot be communicated, the user is informed of the criteria used to determine the retention period ;
- Integrity and confidentiality of the data collected and processed: the data controller undertakes to guarantee the integrity and confidentiality of the data collected.
In order to be lawful, and in accordance with the requirements of Article 6 of European Regulation 2016/679, the collection and processing of personal data may only take place if it complies with at least one of the conditions listed below:
- The user has expressly consented to the processing ;
- The processing is necessary for the proper performance of a contract;
- The processing meets a legal obligation;
- The processing is necessary to protect the vital interests of the data subject or of another natural person;
- The processing can be explained by a necessity related to the performance of a task carried out in the public interest or in the exercise of official authority;
- The processing and collection of personal data is necessary for the purposes of the legitimate and private interests pursued by the controller or by a third party.
ARTICLE 3: PERSONAL DATA COLLECTED AND PROCESSED IN THE CONTEXT OF NAVIGATION ON THE SITE
A. DATA COLLECTED AND PROCESSED AND METHOD OF COLLECTION
The personal data collected on the FORSPECTIVE site are the following: Name, First name, email address. These data are collected when the user performs one of the following operations on the site: When the user makes a request for information, quotation via a contact form The data controller will keep in its computer systems of the site and in reasonable conditions of security all data collected for a period of : 16 months.
B. TRANSMISSION OF DATA TO THIRD PARTIES
The personal data collected by the site are not transmitted to any third party, and are only processed by the site publisher.
C. DATA HOSTING
The Forspective website is hosted by : OVH SAS, whose head office is located at the address below: 2 rue Kellermann – 59100 Roubaix – France. The host can be contacted at the following telephone number: +33 9 55 00 66 33.
ARTICLE 4: DATA CONTROLLER AND DATA PROTECTION OFFICER
A. RESPONSIBLE FOR DATA PROCESSING
The person responsible for processing personal data can be contacted by e-mail at email@example.com.
B. OBLIGATIONS OF THE DATA PROCESSING RESPONSIBILITY
The data controller undertakes to protect the personal data collected, not to pass it on to third parties without the user’s knowledge and to respect the purposes for what the data was collected. The site has an SSL certificate to ensure that the information and data transfer transiting through the site are secure. An SSL certificate (“Secure Socket Layer” Certificate) is intended to secure the data exchanged between the user and the site. Furthermore, the data controller undertakes to notify the user in case of rectification or deletion of the data, unless this would entail disproportionate formalities, costs and steps for the user.
In the event that the integrity, confidentiality or security of the user’s personal data is compromised, the data controller undertakes to inform the user by any means.
In accordance with the regulations concerning the processing of personal data, the user has the rights listed below. In order for the data controller to comply with his request, the user is required to provide him with: his first and last name as well as his e-mail address.
The data controller is obliged to reply to the user within a maximum of 30 (thirty) days.
A. PRESENTATION OF THE USER’S RIGHTS REGARDING DATA COLLECTION AND PROCESSING
a. Right of access, rectification and deletion The user may consult, update, modify or request the deletion of data concerning him/her, in accordance with the procedure set out below:
The user must send an email to the person responsible for the processing of personal data, specifying the subject of his request and using the following email address: firstname.lastname@example.org.
b. The user has the right to request the portability of his/her personal data, held by the site, to another site, by complying with the following procedure: The user must make a request for the portability of his personal data to the person responsible for the processing of personal data, specifying the subject of his request and using the above email address.
c. Right to limitation and opposition of data processing The user has the right to request limitation or opposition to the processing of his/her data by the site, without the site being able to refuse, unless it can demonstrate the existence of legitimate and compelling reasons, that can prevail over the interests and rights and freedoms of the user. In order to request the limitation of the processing of his data or to formulate an opposition to the processing of his data, the user must follow the following procedure :
The user must make a request for the limitation of the processing of his/her personal data to the data controller, by sending an email to the above address.
d. Right not to be subject to a decision based exclusively on an automated process In accordance with the provisions of Regulation 2016/679, the user has the right not to be subject to a decision based exclusively on an automated process if the decision produces legal effects concerning him or her, or significantly affects him or her in a similar way.
e. Right to determine the fate of the data after death The user is reminded that he can organize what should become of his data collected and processed if he dies, in accordance with the law n°2016-1321 of October 7, 2016.
f. Right to refer the matter to the competent supervisory authority
In the event that the data controller decides not to respond to the user’s request, and the user wishes to contest this decision, or, if he or she believes that one of the rights listed above is being infringed, he or she is entitled to refer the matter to the CNIL (Commission Nationale de l’Informatique et des Libertés, https://www.cnil.fr) or any competent judge.
B. PERSONAL DATA OF MINORS In accordance with the provisions of Article 8 of European Regulation 2016/679 and the French Data Protection Act, only minors aged 15 or over may consent to the processing of their personal data. If the user is a minor under the age of 15, the consent of a legal representative will be required so that personal data can be collected and processed. The site publisher reserves the right to verify by any means that the user is over 15 years of age, or that he will have obtained the consent of a legal representative before browsing the site.