- ARTICLE 2: GENERAL PRINCIPLES ON DATA COLLECTION AND PROCESSING In accordance with the provisions of Article 5 of the European Regulation 2016/679, the collection and processing of data of the users of the site respect the following principles: Lawfulness, fairness and transparency: data can only be collected and processed with the consent of the user who owns the data. Each time personal data is collected, the user will be informed that his or her data is being collected and for what purpose; Limited purposes: the collection and processing of data is carried out in order to meet one or more of the purposes set out in these general conditions of use; Minimization of data collection and processing: only the data necessary for the proper execution of the purposes pursued by the site is collected; Data retention reduced in time: data is kept for a limited period of time of which the user is informed. When this information cannot be communicated, the user is informed of the criteria used to determine the duration of conservation; Integrity and confidentiality of the data collected and processed: the person responsible for processing the data undertakes to guarantee the integrity and confidentiality of the data collected. In order to be lawful, and in accordance with the requirements of Article 6 of the European Regulation 2016/679, the collection and processing of personal data may only take place if they comply with at least one of the conditions listed below: The user has expressly consented to the processing; The processing is necessary for the proper performance of a contract; The processing meets a legal obligation; The processing can be explained by a necessity related to the safeguarding of the vital interests of the data subject or of another natural person; The processing can be explained by a necessity related to the performance of a task of public interest or which falls within the exercise of public authority; The processing and collection of personal data is necessary for the purposes of the legitimate and private interests pursued by the controller or by a third party.
- ARTICLE 3: PERSONAL DATA COLLECTED AND PROCESSED IN THE CONTEXT OF NAVIGATION ON THE SITE A. DATA COLLECTED AND PROCESSED AND METHOD OF COLLECTION The personal data collected on the aiinformatique.fr site are the following: first name, name, address, telephone number This data is collected when the user carries out one of the following operations on the site: when the user buys on the site at In addition, when a payment is made on the site, proof of the transaction, including the order form and the invoice, will be kept in the computer systems of the site editor. The person in charge of the treatment will preserve in its data-processing systems of the site and under reasonable conditions of safety the whole of the collected data for a duration of : - count data: 10 years - contractual, commercial documents: 3 years - site analysis cookies 13 months. The collection and processing of data is for the following purposes: processing orders, shipping packages. - response to requests sent through the contact form. The data processing carried out is based on the following legal grounds: - execution of the contract, - consent of the user, - legal obligation B. TRANSMISSION OF DATA TO THIRD PARTIES Data may be transmitted to the third parties listed below: Google, Facebook C. HOSTING OF DATA The aiinformatique.fr website is hosted by : OVH Groupe SAS, whose headquarters are located at the following address: 2, rue Kellermann, 59100 Roubaix. The host can be contacted at the following telephone number: 1007. The data collected and processed by the site are exclusively hosted and processed in France.
- ARTICLE 4: DATA CONTROLLER AND DATA PROTECTION OFFICER A. THE PERSON RESPONSIBLE FOR THE PROCESSING OF DATA The person responsible for the processing of personal data is: rebelo da silva josé. He can be contacted as follows: telephone: 0687181751 e-mail: email@example.com address: 29 bd de l'ayrolle 12100 millau The person in charge of data processing is responsible for determining the purposes and means of processing personal data. B. OBLIGATIONS OF THE DATA PROCESSOR The data processor undertakes to protect the personal data collected, not to transmit them to third parties without the user's knowledge and to respect the purposes for which the data were collected. The site has an SSL certificate to ensure that the information and data transfer through the site is secure. An SSL certificate ("Secure Socket Layer" Certificate) is intended to secure the data exchanged between the user and the site. In addition, the data controller undertakes to notify the user in the event of rectification or deletion of the data, unless this would entail disproportionate formalities, costs and steps for the user. In the event that the integrity, confidentiality or security of the user's personal data is compromised, the data controller undertakes to inform the user by any means. C. THE DATA PROTECTION DELEGATE Furthermore, the user is informed that a Data Protection Delegate has been appointed: rebelo da silva. The role of the Data Protection Officer is to ensure the proper implementation of national and supranational provisions regarding the collection and processing of personal data. He is sometimes called DPO (for Data Protection Officer). The Data Protection Officer can be reached as follows: by telephone: 0687181751 address: 29 bd de l ayrolle 12100 millau mail: firstname.lastname@example.org
- ARTICLE 5: USER'S RIGHTS In accordance with the regulations concerning the processing of personal data, the user has the rights listed below. In order for the data controller to comply with the user's request, the user is obliged to provide the following information: name, surname, e-mail address and, if relevant, account number or personal space or subscriber number. The data controller is obliged to respond to the user within a maximum of 30 (thirty) days. A. PRESENTATION OF THE USER'S RIGHTS REGARDING DATA COLLECTION AND PROCESSING a. The user may access, update, modify or request the deletion of his/her personal data, in accordance with the following procedure: the user must send an e-mail to the person in charge of the processing of personal data, specifying the purpose of the request, to the contact address email@example.com If he/she has one, the user has the right to request the deletion of his/her personal space following the procedure set forth below: the user must send an e-mail to the person responsible for the processing of personal data, specifying the purpose of the request, to the contact address: firstname.lastname@example.org, the request will be processed within 10 days b. Right to data portability The user has the right to request the portability of his personal data, held by the site, to another site, by complying with the following procedure: The user must make a request for the portability of his personal data to the data controller, sending an e-mail to the above address c. Right to limit and oppose the processing of data The user has the right to request the limitation or oppose the processing of his data by the site, without the site being able to refuse, unless demonstrating the existence of legitimate and compelling reasons, which can prevail over the interests and rights and freedoms of the user. In order to request the limitation of the processing of his/her data or to formulate an opposition to the processing of his/her data, the user must follow the following procedure: The user must make a request for portability of his/her personal data to the data controller d. Right not to be subject to a decision based exclusively on an automated process In accordance with the provisions of Regulation 2016/679, the user has the right not to be subject to a decision based exclusively on an automated process if the decision produces legal effects concerning him/her, or affects him/her significantly in a similar way. e. Right to determine the fate of the data after death The user is reminded that he/she can organize what should be the fate of his/her collected and processed data if he/she dies, in accordance with Law no. 2016-1321 of 7 October 2016. f. Right to refer to the competent supervisory authority In the event that the data controller decides not to respond to the user's request, and the user wishes to contest this decision, or, if he/she believes that one of the rights listed above is infringed, he/she is entitled to refer to the CNIL (Commission Nationale de l'Informatique et des Libertés, https://www.cnil.fr) or any competent judge.