Article 1. Responsibility for data processing
Collection and processing of personal data in the scope of visits to the Site is undertaken by the Publisher in accordance with the European Union rules in effect.
Article 2. Purpose of data collection
Data is collected and processed on or through the Site for the following purposes:
- to optimise the management of relations between the Publisher and the Site’s users, notably analysis and measurement of site traffic
- to enable users to interact with the Site through social network buttons (comments, opinions, like, share, etc.).
- to enable users to contact the Site’s Publisher through a contact form and thereafter to continue the exchange
Article 3. User consent
Personal data is never collected on or through the Site without the person in question being given clear access to the relevant information and the opportunity to declare their prior consent to such collection. To ensure this is the case, a banner is displayed each time a user connects to the Site, informing or reminding them that by proceeding further into the Site they implicitly consent to receiving cookies and to the collection of certain information resulting from their visit. In concrete terms, this means that scrolling the page on which the banner appears, clicking on any link in the Site, or clicking the “OK” button on the notification banner are all indisputable signs of consent.
Users’ consent is systematically and explicitly obtained by clear, unambiguous means any time Site features are used that by nature rely on data being entered or collected (registration, contact, etc.).
Article 4. Content of data collection
Article 4.1. Data collected during consultation of the Site
By default, consulting information on the Site entails the collection of only such data as is strictly necessary to the analysis and measurement of Site traffic: IP address data (identification of Internet connection and terminal), pages consulted, and all types of data accessible via basic Google Analytics (audience statistics), for example number of page views, origin of traffic, dates and times, approximate locality of consultation.
Article 4.2. Data collected when the Site’s features are used
The content of the processed data varies according to how the Site is used and can include one of more of the following:
- E-mail to contact
- Phone number
- Message content
When information can be required or optional, it is indicated accordingly, directly on line.
Users undertake to enter only information that is complete, accurate, and valid. They release the Publisher from all liability for damage resulting from their own errors in this regard. The personal data is secure and hosted in France in accordance with the French and EU regulatory framework (GDPR).
The information collected is used solely for developing the Site’s design and layout and generally enhancing its use.
Cookies do not gather any data that can be used to identify a user, neither on the computer’s hard disk nor on line, and all information collected is anonymous or anonymised.
The Publisher recommends that users choose privacy settings that accept cookies and thus favour consultation and use of the Site.
Here are French data privacy authority CNIL’s guidelines on this subject: https://www.cnil.fr/en/cookies-and-other-tracking-devices-cnil-publishes-new-guidelines
Article 6. Interaction with third-party sites and applications
Users can interact with the Site by clicking buttons redirecting them to third-party sites and applications (notably social network links).
Users acknowledge that the effect of these buttons is to transfer information to the Publisher as well as to the sites in question, and that it is their responsibility and theirs alone if they choose to enter into contractual relations with these sites or networks, who have their own privacy policies governing the personal data thus transferred, collected, and processed (profile, parameters, etc.).
The Publisher can in no event be held liable for damage of any kind whatsoever suffered by users or a third party as a result of using this functionality and is accountable only for data processing that is directly under its charge.
Article 7. Data processing security
The Publisher undertakes to implement all necessary precautions to ensure the security of collected data during processing, observing physical and logical security standards within its own perimeter of action (protection of premises and servers, password/authentication policy, regular backups, encryption where appropriate, etc.), excepting backup and/or security obligations that are the responsibility of the Site hosting company.
The Publisher implements special measures to prevent corruption or alteration of processed data and to prevent unauthorised third parties’ gaining access thereto, notably by controlling access to the data’s processing (securing of the Site, use of HTTPS, encryption, etc.).
All information on the Internet reached via an outgoing link from the Site is outside the control of the Publisher, who therefore declines any responsibility for its content or for any system security weaknesses, as well as for all consequences resulting therefrom.
Article 8. Data processing confidentiality
The Publisher does not communicate any personal data collected during visits to the Site to any third party in any shape or form, with the legitimate exception of the persons mentioned below, to whom the strictest conditions of confidentiality apply:
- All staff in the Publisher’s employment (including trainees)
- Technical providers responsible for developing and/or maintaining and/or hosting the Site, and only when strictly necessary
- Person(s) who perform the Publisher’s bookkeeping, be it in-house or at an external provider
- Third parties so authorised by law (notably legal or accounting authorities, etc., upon formal requisition)
Article 9. Data retention period
Article 9.1. Renewal of user consent
The collected data is kept as long as the valid purpose for which it was initially collected is still active, legitimate, proportionate to needs, and consented to by the user concerned.
The collected data’s retention period varies according to the data type, to various legal and regulatory requirements authorising a longer period, or conversely, dictating its deletion, and in all cases, to the Publisher’s need to fulfil its contractual obligations. The retention periods are set as follows:
- fourteen (14) months for cookies, connection data, and traffic measurement
- a maximum of three (3) years for other types of data
Upon expiry of this period, the Publisher undertakes to seek further consent from users to continue using their personal data. Without explicit renewal of a user’s consent, the Publisher must cease sending newsletters or any other unsolicited commercial documents or information.
Article 9.2. Data archiving
Upon expiry of the aforementioned retention periods, and in the absence of any formal opposition by the user to retaining their personal data, any collected data that has not been validly deleted may be archived for possible use as proof on a computer medium with strictly limited access. In such cases, the retention periods for the data as regards its legal archiving are defined by the following official baseline, which takes account of the nature of the data: https://www.cnil.fr/fr/reglement-europeen-protection-donnees
Article 10. Persons’ rights over data collected from them
Users retain the right of access, rectification, denial of use, and/or deletion of data concerning them, a right they can exercise at any time by sending an e-mail to the address firstname.lastname@example.org, or a letter to Actys Immo, 73 rue Boileau, 69006 Lyon, France.
The Publisher undertakes to give effect to all reasoned requests for said data and to reply within thirty (30) calendar days of receiving the request. These requests can be sent by e-mail to the address email@example.com, and will be formally acknowledged by e-mail, indicating receipt and execution of the request.
Users acknowledge that in the event of their reasoned request for deletion of their personal data, said data will be purged irrecoverably and the deletion could in certain cases disrupt their contractual relations.
Article 11. Claims, differences, litigation