Privacy Policy
Personal data – Website management
Activities relating to the website https://agence24-7.wixstudio.io/charles-lauzier involve the processing of personal data.
What does the privacy policy cover?
This policy informs you of the characteristics of these treatments and your rights over the personal data concerning you.
This privacy policy is drafted in accordance with Law No. 78-17 of January 6, 1978 (known as the “Data Protection Act” or “LIL”) and the General Data Protection Regulation (“GDPR”) No. 2016/679.
Who is responsible for this policy?
The data controller is the company CHARLES LAUZIER, represented by its legal representative GANNARD Jean-Yves.
The contact details of the data controller are as follows: 240 route de Valencin, 38790 SAINT-GEORGES-D'ESPÉRANCHE.
The manager can be reached at the following number: 04 78 96 61 00.
The contact email address is: jygannard@charles-lauzier.com
Who is this policy for?
This policy is intended for users of the site: Internet users who browse the site.
It also concerns:
-people to whom we have entrusted technical services (hosting provider, maintenance, site security)
-people who have access to the site's back office for its administration
-people who contact us using the site's contact form
Purposes (what is the data collected used for)
The processing is intended for the management of the website.
This treatment allows:
-technical management of the site (maintenance, hosting, site security)
-website administration
-management of requests for information via the contact form
Legal basis for processing: what gives us the right to process data
The legal bases for the processing are as follows:
-for the technical management of the site (maintenance, hosting, site security), the legal basis is legitimate interest
- for the administration of the website, the legal basis is legitimate interest
- for the management of the editorial content of the site, the legal basis is the consent of the persons whose information is published
- for the management of requests for information via the contact form, the legal basis is the legitimate interest (to enable online communication) or the execution of pre-contractual measures (production of quotes at the request of individuals)
Data retention period
The data being processed are kept for a period not exceeding that necessary for the purposes for which they are recorded (principle of minimizing processing).
The maximum retention periods are as follows:
-for technical management of the site (maintenance, hosting, site security): 12 months for IP addresses and connection logs
-for the administration of the website: as long as the persons concerned administer the site
-for the management of requests for information via the contact form: 3 years from the request
Data processed
The data controller processes the following categories of data:
-Identification data (name, first name, email address)
-Connection data (IP addresses, logs, terminal identifiers, connection identifiers, timestamp information, etc.)
Mandatory or optional nature of data collection
The data collected is mandatory to achieve the processing purposes.
Data sources
The data is transmitted directly by the person concerned.
The recipients of the data
Depending on their respective needs, the following are recipients of all or part of the data:
-people in charge of technical services (hosting provider, maintenance, site security)
What security measures are in place?
The data controller implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk.
The controller shall take measures to ensure that any natural person acting under the authority of the controller or processor, who has access to personal data, does not process them except on instructions from the controller, unless required to do so.
The existence or not of a transfer of data to a country outside the European Union and associated guarantees
The data controller carries out transfers of personal data outside the European Union.
The data controller undertakes to ensure that these transfers are carried out:
- to countries with a level of protection deemed adequate according to the European data protection authorities or
-with appropriate safeguards pursuant to Article 46 of the GDPR or
-in compliance with Article 49 of the GDPR.
The data collected by Wix is subject to data transfer. Their policy can be viewed at this link: https://fr.wix.com/about/privacy
Automated decision making
The processing does not provide for fully automated decision-making.
Fate of personal data after death - Right of access, rectification, deletion and portability of data
The person concerned by a processing may define guidelines relating to the retention, deletion and communication of their personal data after their death. These guidelines may be general or specific.
The person concerned by processing also benefits from a right of access, opposition, rectification, deletion and, under certain conditions, portability of his personal data. The person concerned has the right to withdraw his consent at any time if consent constitutes the legal basis of the processing.
The request must indicate the first and last name, email or postal address of the person concerned, and be signed and accompanied by valid proof of identity.
She can exercise these rights by contacting:
GANNARD Jean-Yves
04 78 96 61 00
Claim
The person concerned by processing has the right to lodge a complaint with the supervisory authority (CNIL): https://www.cnil.fr/fr/webform/adresse-une-plainte