|ARTICLE 2: GENERAL PRINCIPLES REGARDING COLLECTION AND PROCESSING OF DATA|
|The collection and processing of site user data respects the following principles:|
LAWFULNESS, LOYALTY AND TRANSPARENCY
Data can only be collected and processed with the consent of the user who owns the data. Whenever personal data is collected, the user will be informed that their data is collected, and for what reasons their data is collected;
The collection and processing of data are carried out to meet one or more objectives determined in these general conditions of use;
MINIMIZATION OF THE COLLECTION AND PROCESSING OF DATA
Only the data necessary for the proper execution of the objectives pursued by the site are collected;
REDUCED DATA CONSERVATION OVER TIME
The data is kept for a limited period, of which the user is informed. When this information cannot be communicated, the user is informed of the criteria used to determine the retention period;
INTEGRITY AND CONFIDENTIALITY OF DATA COLLECTED AND PROCESSED
The data controller undertakes to guarantee the integrity and confidentiality of the data collected. In order to be lawful, the collection and processing of personal data can only take place if the user has expressly consented to the processing.
|ARTICLE 3: PERSONAL DATA COLLECTED AND PROCESSED IN THE CONTEXT OF NAVIGATION ON THE SITE|
|ONLINE REQUEST FORM|
- Email Address
- Type of services of your organization
- Total of your customer base
- Name, first name of the applicant
- Applicant's service/department
- Language of use
This data is collected when the user completes a free trial request for the Gesrisk SaaS portal or wishes to hire one of the packages offered. The data controller will keep all the data collected in his computer systems linked to the site and under reasonable security conditions for a period of 5 years.
The collection and processing of data serve the following purposes:
send a response by email to the request made by the Internet user and establish contact with one of our representatives.
|ARTICLE 4: THE DELEGATE FOR DATA PROCESSING|
|THE DELEGATE FOR DATA PROCESSING|
The person responsible for processing personal data can be contacted by email at firstname.lastname@example.org. The DPO "Data Protection Officer" specifies to the data controller the obligations to be respected to ensure the processing of personal data in accordance with the regulations in force.
OBLIGATIONS OF THE DATA CONTROLLER
The data controller is responsible for determining the purposes and means used for the processing of personal data. He undertakes to protect the personal data collected, not to transmit them to third parties without the user having been informed and to respect the purposes for which these data were collected. In addition, the data controller undertakes to notify the user in the event of rectification or deletion of the data, unless this entails disproportionate formalities, costs and procedures for him. In the event that the integrity, confidentiality or security of the user's personal data is compromised, the data controller undertakes to inform the user by any means. The data controller can be contacted by email at email@example.com.
|In accordance with the regulations concerning the processing of personal data, the user has the rights listed below. In order for the data controller to grant his request, the user is required to provide him with: his first and last name as well as his email address. The data controller is required to respond to the user within a maximum of 30 (thirty) days.|
PRESENTATION OF USER'S RIGHTS IN DATA COLLECTION AND PROCESSING
To. Right of access, rectification and right to erasure
The user can read, update, modify or request the deletion of the data concerning him, by respecting the procedure set out below: contact the data controller by email, mentioning the subject of his request.
b. Right to limit and oppose data processing
The user has the right to request the limitation or to oppose the processing of his data by the site, without the site being able to refuse, except to demonstrate the existence of legitimate and compelling reasons, which may prevail over the interests and the rights and freedoms of the user. In order to request the limitation of the processing of their data or to formulate an objection to the processing of their data, the user must follow the following procedure: contact the data controller by email, mentioning the subject of their request.
vs. Right not to be the subject of a decision based exclusively on an automated process
The user has the right not to be the subject of a decision based exclusively on an automated process if the decision produces legal effects concerning him, or significantly affects him in a similar way.
e. Right to determine the use of data after death
The user is reminded that he can organize what should be the fate of his data collected and processed if he dies.
f. Right to seize the competent supervisory authority
In the event that the data controller decides not to respond to the user's request, and the user wishes to challenge this decision, or, if he believes that one of the rights listed above, he is entitled to seize the competent authorities.
|ARTICLE 6: USE OF "COOKIES" FILES|