Article 1 – Preamble
A personal data refers to any information concerning an identified or identifiable natural person, directly or indirectly, in particular by reference to a name, an identification number, or to one or more elements specific to his or her physical identity, physiological, genetic, psychic, economic, cultural or social.
User (hereinafter «the User»): Internet users logging in and using the site. Users are all Internet users who log in, browse, read, view and use the site.
Article 2 – Management of personal data
The User is informed of the regulations concerning marketing communication, the law of 21 June 2014 for trust in the Digital Economy, the Data Protection Act of 06 August 2004 and the General Data Protection Regulation (GDPR: no. 2016-679).
Article 3 – Collected data
Data is collected and processed only with the consent of the User who owns the data and is limited to what is strictly necessary. Whenever personal data is collected, the User is informed that his data is collected and why his data is collected. The collection and processing of data is carried out to meet one or more predetermined objectives, and only the data necessary for the proper execution of the objectives pursued by the site are collected (data minimization).
The personal data collected on the site are as follows:
– IP Address
– Contact information (for example name, email, phone number)
This data is collected when the User performs one of the following operations on the site:
– When the User logs in to the site
– When the User validates sending a contact form
Article 4 – Purposes of the collected data
– The IP address is collected for statistical purposes, for the management of site optimization, to prevent and fight against computer fraud in case of deemed abnormal use of site forms. The IP address is collected to determine the city from which the User connects. It is immediately anonymized after use and the Editor of the site cannot, under no circumstances, trace by this means to a natural person.
– The contact details are collected in case of validation of a contact form for the management of the relations with the User and if applicable for the management of the estimates or orders.
The telephone number and e-mail address to offer optional commercial offers or to carry out optional communication campaigns according to the User’s preferences expressed before sending personal data.
– The e-mail address to conduct optional satisfaction surveys based on the User’s preferences expressed before sending personal data.
Article 5 – Data Transmission
The Editor does not market the personal data of Users, which is therefore only used out of necessity or for statistical and analytical purposes. The personal data collected by the site are not transmitted to any third party, and are only processed by the site Editor.
The Editor is prohibited from processing, hosting or transferring the information collected about its Users to a country outside the European Union or recognized as «inadequate» by the European Commission without informing users beforehand. However, the Editor remains free to choose its technical and commercial subcontractors, on the condition that they present sufficient guarantees with regard to the requirements of the General Data Protection Regulation (GDPR: no. 2016-679).
However, personal data may be shared with third parties, exclusively in the European Union, in the following cases:
– When the site uses the services of service providers to provide online support, advertising or payment services. These service providers have limited access to the User’s data, as part of the performance of these services, and have a contractual obligation to use them in accordance with the applicable personal data protection regulations.
– If required by law, the site may transmit data to address claims against the site and comply with administrative and judicial procedures.
Article 6 – Data Retention
The Editor will keep user data in a secure environment for as long as necessary to achieve the purposes for which it was collected and in compliance with the regulations in force.
To the extent reasonably necessary or required to meet legal or regulatory obligations, resolve disputes, prevent fraud and abuse or enforce terms and conditions, the Editor can also keep certain information for an additional period.
Article 7 – Data Security
The Editor undertakes to take all necessary precautions to preserve the security of the information and in particular that it is not communicated to unauthorized persons. However, if an incident affecting the integrity or confidentiality of user information is brought to the attention of the Editor, the latter must inform Users as soon as possible and inform them of the corrective measures taken. Furthermore, the site does not collect any “sensitive data”.
Within the limits of their respective responsibilities and for the purposes mentioned above, the main persons likely to have access to users’ data are mainly the agents of the Editor’s customer service.
Article 8 – User Rights
In accordance with the European regulations in force, Users of the site have many rights related to personal data. In particular, Users have the right to access their data, to correct any errors, as well as the right to have personal data deleted, to limit their processing or to oppose it. Users also have the right to withdraw their consent, to object to the receipt of commercial prospecting documents in the future, and in certain circumstances, the right to ensure that information is transferred to users or to a third party.
– Right of access, right of rectification: The User has the right to access the personal data that the Editor holds about him or her, to have his or her personal data corrected if they are inaccurate, obsolete or incomplete.
– Right to erasure, right to oblivion: The User has the right to have his data deleted. This right may however be limited by a legal reason or a legitimate interest of the Editor to retain personal data.
– Right of objection: The User has the right to request the limitation or to oppose the processing of his data by the site, without the site being able to refuse, except to demonstrate the existence of legitimate and compelling reasons, which may override the interests and rights and freedoms of the User.
– Right to withdraw consent for the processing of data based on consent: The User may withdraw at any time his consent for the processing of his data when this processing is based on consent.
– Right to data portability: The User has the right to move, copy or transfer data held by the Site to another site. This right applies only to data provided by the User and when this data is subject to automated processing based on his consent or on a contract.
– Right to determine the fate of data after death: The User can organize the future of his data collected and processed if he dies and to choose, if he wishes, whether the Editor must communicate his data to a third party he has previously designated.
8.1. Application of the rights
If the User wishes to know how the Editor uses his personal data, or requests to correct it, object to its processing or delete it, he can contact the Data Protection Officer who is available to users for any question relating to the protection of personal data.
All applications must be accompanied by a photocopy of a valid, signed identity document and mention the address to which the Editor may contact the applicant. The reply will be sent within one month of receipt of the request. This one-month period may be extended by 2 (two) months if the complexity of the application requires it.
Requests to delete personal data will be subject to the obligations imposed on the Editor by law, in particular as regards the retention or archiving of documents.
In the event that the data controller decides not to respond to the User’s request, and that the User wishes to contest this decision, or if he believes that any of the rights listed above are infringed, he is entitled to refer the matter to the CNIL (Commission Nationale de l’Informatique et des Libertés) or any competent judge.
Users can file a complaint with the supervisory authorities, including the CNIL, at https://www.cnil.fr/
Article 9 – Data Protection Officer
The role of the Data Protection Officer is to ensure the proper implementation of national and supranational provisions on the collection and processing of personal data. He can also be named DPO (Data Protection Officer).
The User is informed that the following person has been appointed Data Protection Officer by the Site Editor: Camille Sarrazin. The Data Protection Officer may be contacted by e-mail at contact|at|itinerairepassion.com or by post at Route des Gorges – 07150 Vallon Pont d’Arc – France.