ARTICLE 1 : PREAMBLE
The way in which their personal data is collected and processed.
Personal data is any data that can be used to identify a user. This includes the first and last name, age, postal address, email address, location of the user or his IP address;
- What are the rights of the users concerning these data
- Who is responsible for the processing of the personal data collected and processed?
- To whom this data is transmitted;
ARTICLE 2: GENERAL PRINCIPLES OF DATA COLLECTION AND PROCESSING
In accordance with the provisions of Article 5 of the European Regulation 2016/679, the collection and processing of data of the users of the site respect the following principles:
Lawfulness, fairness and transparency: data can only be collected and processed with the consent of the user who owns the data. Whenever personal data is collected, the user will be informed that his/her data is being collected and for what purpose his/her data is being collected
Limited purposes: the collection and processing of data is carried out to meet one or more of the purposes determined in these general conditions of use: the minimization of the collection and processing of data: only the data necessary for the proper execution of the purposes pursued by the site are collected
Conservation of data reduced in time: the data are kept for a limited period of time, of which the user is informed. When this information cannot be communicated, the user is informed of the criteria used to determine the duration of conservation
Integrity and confidentiality of the data collected and processed: the data controller undertakes to guarantee the integrity and confidentiality of the data collected.
In order to be lawful, and in accordance with the requirements of Article 6 of the European Regulation 2016/679, the collection and processing of personal data may only take place if they comply with at least one of the conditions listed below:
The user expressly consents to the processing ;
- The processing is necessary for the proper performance of a contract
- The processing meets a legal obligation;
- The processing is necessary for the protection of the vital interests of the data subject or of another natural person;
- Processing may be necessary for the performance of a task carried out in the public interest or in the exercise of official authority
- The processing and collection of personal data is necessary for the purposes of the legitimate and private interests pursued by the controller or by a third party.
ARTICLE 3: PERSONAL DATA COLLECTED AND PROCESSED IN THE CONTEXT OF NAVIGATION ON THE SITE
1. DATA COLLECTED AND PROCESSED AND METHOD OF COLLECTION
The personal data collected on the WHISPEAK.IO website are the following:
- First name, last name
- E-mail address
- Telephone number
- Any information provided by the user in the contact forms.
The collection and processing of data is done for the following purposes:
- Uses of the demo
- Contact (from all pages of the website)
2. TRANSMISSION OF DATA TO THIRD PARTIES
The personal data collected by the site are not transmitted to any third party, and are processed only by the site editor.
ARTICLE 4: DATA CONTROLLER AND DATA PROTECTION OFFICER
1. THE DATA CONTROLLER
The person responsible for processing personal data is: Sylvain BONNEFON.
The data controller can be contacted by e-mail at firstname.lastname@example.org, from 9am to 5pm, Monday to Friday.
The data controller is responsible for determining the purposes and means of processing personal data.
2. OBLIGATIONS OF THE DATA CONTROLLER
The data controller undertakes to protect the personal data collected, not to transmit them to third parties without the user’s knowledge and to respect the purposes for which the data were collected.
The site has an SSL certificate to ensure that the information and data transfer through the site is secure.
The purpose of an SSL certificate (“Secure Socket Layer® ” Certificate) is to secure the data exchanged between the user and the site.
In addition, the data controller undertakes to notify the user in case of rectification or deletion of the data, unless this would entail disproportionate formalities, costs and steps for him.
In the event that the integrity, confidentiality or security of the user’s personal data is compromised, the data controller undertakes to inform the user by any means.
3. THE DATA PROTECTION OFFICER
Furthermore, the user is informed that a Data Protection Officer has been appointed: Sylvain BONNEFON.
The role of the Data Protection Officer is to ensure the proper implementation of national and supranational provisions relating to the collection and processing of personal data. He or she may also be named DPO.
The Data Protection Officer can be reached as follows Monday to Friday from 9am to 5pm by e-mail: email@example.com
ARTICLE 5: USER’S RIGHTS
In accordance with the regulations concerning the processing of personal data, the user has the rights listed below.
In order for the data controller to comply with the user’s request, the user is required to provide the data controller with his/her first and last name and e-mail address.
The data controller is obliged to respond to the user within a maximum of 30 (thirty) days.
1. PRESENTATION OF THE USER’S RIGHTS REGARDING THE COLLECTION AND PROCESSING OF DATA
A. Right of access, rectification and deletion
In accordance with the regulations applicable to personal data, users have the following rights
- the right of access: they can exercise their right of access, to know the personal data concerning them, by writing to the e-mail address mentioned below. In this case, before implementing this right, the Platform may request proof of the user’s identity in order to verify its accuracy
- the right of rectification if the personal data held by the Website are inaccurate, they can request the update of the information
- the right to deletion of data: users may request the deletion of their personal data, in accordance with the applicable data protection laws
- the right to limitation of processing: users may request the Website to limit the processing of personal data in accordance with the assumptions provided for by the GPRD
- the right to object to the processing of data: users may object to their data being processed in accordance with the assumptions provided for by the GDPR
- the right to portability: users may request that the Website give them the personal data they have provided in order to transfer to a new Platform.
The user must send an e-mail to the person responsible for the processing of personal data, specifying the purpose of the request, to the contact e-mail address.
WHISPEAK undertakes to delete this data in accordance with the General Data Protection Regulation (GDPR).
All requests must be accompanied by a photocopy of a valid, signed identity document and must mention the address at which the publisher can contact the applicant. The reply will be sent within one month of receipt of the request. This one-month period may be extended by two months if the complexity of the request and/or the number of requests so requires.
B. Right to limit and oppose the processing of data
The user has the right to request the limitation of or to object to the processing of his/her data by the site, without the site being able to refuse, unless it can be shown that there are legitimate and compelling reasons, which can override the interests and rights and freedoms of the user.
In order to request the limitation of the processing of his/her data or to formulate an opposition to the processing of his/her data, the user must follow the following procedure:
The User must refuse any type of cookie using the bar that is displayed upon arrival at the website. It is also possible to prevent the loading of third-party cookies from the browser.
Since the contact form collects personal data, the User who refuses the processing of his/her data should not use it.
C. Right not to be subject to a decision based exclusively on an automated process
In accordance with the provisions of Regulation 2016/679, the User has the right not to be subject to a decision based exclusively on an automated process if the decision produces legal effects concerning him or her, or significantly affects him or her in a similar way.
D. Right to determine the fate of data after death
The user is reminded that he/she can organize what should be the fate of his/her collected and processed data if he/she dies, in accordance with Law No. 2016-1321 of 7 October 2016.
E. Right to refer to the competent supervisory authority
In the event that the data controller decides not to respond to the user’s request, and the user wishes to contest this decision, or, if he/she believes that one of the rights listed above is infringed, he/she is entitled to refer the matter to the CNIL (Commission Nationale de l’Informatique et des Libertés, https://www.cnil.fr) or any competent judge.
2. PERSONAL DATA OF MINORS
In accordance with the provisions of Article 8 of the European Regulation 2016/679 and the Data Protection Act, only minors aged 15 years or older may consent to the processing of their personal data.
If the user is a minor under the age of 15, the consent of a legal representative will be required in order for personal data to be collected and processed.
The site editor reserves the right to verify by any means that the user is over 15 years of age, or that he has obtained the consent of a legal representative before browsing the site.
ARTICLE 6: USE OF “COOKIES” FILES
The site uses “cookies” techniques.
A “cookie” is a small file (less than 4 kb), stored by the site on the user’s hard disk, containing information about the user’s browsing habits.
These files allow the site to process statistics and information on traffic, to facilitate navigation and to improve the service for the user’s comfort.
For the use of “cookies” files involving the storage and analysis of personal data, the user’s consent is necessarily requested.
This consent of the user is considered valid for a maximum period of 6 (six) months. At the end of this period, the site will again request the user’s authorization to save “cookies” files on his or her hard drive.
Opposition of the user to the use of “cookies” files by the site
Cookies that are not essential to the operation of the site are only deposited on the user’s terminal after having obtained his consent. The user may withdraw his consent in the following manner:
The User must refuse any type of cookie by means of the bar that is displayed upon arrival at the website.
It is also possible to prevent the loading of third-party cookies from the browser.
More generally, the user is informed that he/she can oppose the recording of these “cookies” files by configuring his/her browser software.
For information, the user can find at the following addresses the steps to follow in order to configure his browser to oppose the recording of “cookies” files:
Opera : https://help.opera.com/en/latest/web-preferences/#cookies
If the user decides to deactivate the “cookies” files, he will be able to continue browsing the site. However, any dysfunction of the site caused by this manipulation could not be considered as being due to the editor of the site.
Description of the “cookies” files used by the site
The editor of the site draws the attention of the user to the fact that the following cookies are used during his navigation:
- Cookie : Google Analytics and Google Tag Manager ; Issuer : Google LLC ; Purpose : Use of web statistics.
- Cookie : Hotjar ; Issuer : Hotjar ; Purpose : Use of web statistics.
When browsing the site, the user is informed that third party “cookies” files may be recorded.
Moreover, the site integrates social network buttons, allowing the user to share his activity on the site. Cookies from these social networks may therefore be stored on the user’s computer when using these features.
ARTICLE 8: CONTACT
You can contact WHISPEAK at the following e-mail address: firstname.lastname@example.org
Indicate in the subject line of the e-mail: “Privacy information”.