Article 1 – Preamble
The company GOS (hereinafter "The publisher"), concerned about the rights of individuals, and in a desire for total transparency, has implemented a confidentiality policy setting out the way in which the personal data of users of the site https://www.le-grand-jardin.fr/ (hereinafter "the Site"), the purposes pursued by this processing, as well as the means of action made available to individuals so that they can best exercise their rights.
Personal data means any information concerning an identified or identifiable natural person, directly or indirectly, in particular by reference to a name, an identification number, or to one or more specific elements specific to his physical, physiological, genetic, psychological identity, economic, cultural or social.
User (hereinafter “the User”): Internet user connecting and using the site. Users are considered to be all Internet users who connect, browse, read, view and use the site.
Article 2 – Management of personal data
The user is informed of the regulations concerning marketing communication, the law of June 21, 2014 for confidence in the Digital Economy, the Data Protection Act of August 06, 2004 as well as the General Data Protection Regulations (RGPD: n ° 2016-679).
Article 3 – Data collected
The data is collected and processed only with the consent of the user who owns the data and is limited to what is strictly necessary. Each time personal data is collected, the user is informed that his data is collected, and for what reasons his data is collected.
The collection and processing of data are carried out to meet one or more previously determined objectives, and only the data necessary for the proper execution of the objectives pursued by the site are collected (minimization of data).
The personal data collected on the site are as follows:
- IP adress
This data is collected when the user performs one of the following operations on the site:
– When the user connects to the site
Article 4 – Purposes of the data collected
The collection and processing of data meets the following purposes:
– The IP address is collected for statistical purposes, for the management of the optimization of the site, to prevent and fight against computer fraud in the event of deemed abnormal use of the forms of the site. The IP address is collected to determine the city from which the user connects. This is immediately anonymized after use and the publisher of the site can therefore in no way trace it back to a natural person.
Article 5 – Transmission of data
The publisher does not sell users' personal data, which is therefore only used out of necessity or for statistical and analysis purposes. The personal data collected by the site is not transmitted to any third party, and is only processed by the site editor.
The publisher is prohibited from processing, hosting or transferring the information collected on its users to a country located outside the European Union or recognized as "unsuitable" by the European Commission without informing the users beforehand. However, the publisher remains free to choose its technical and commercial subcontractors, on the condition that they present sufficient guarantees with regard to the requirements of the General Regulations on Data Protection (RGPD: n ° 2016-679) .
Personal data may nevertheless be shared with third-party companies, exclusively in the European Union, in the following cases:
– When the site uses the services of service providers to provide assistance, advertising or online payment services. These service providers have limited access to user data, as part of the performance of these services, and have a contractual obligation to use them in accordance with the provisions of the applicable data protection regulations. personal character.
– If required by law, the site may transmit data to respond to claims against the site and to comply with administrative and legal procedures.
Article 6 – Data retention
The publisher will keep user data in a secure environment for the time necessary to achieve the purposes for which it was collected and in compliance with the regulations in force.
To the extent reasonably necessary or required to meet legal or regulatory obligations, settle disputes, prevent fraud and abuse or enforce terms and conditions, the publisher may also retain certain information for an additional period.
Article 7 – Data security
The publisher undertakes to take all necessary precautions to preserve the security of the information and in particular that it is not communicated to unauthorized persons. However, if an incident affecting the integrity or confidentiality of user information is brought to the attention of the publisher, the latter must inform users as soon as possible and communicate to them the corrective measures taken. Furthermore, the site does not collect any “sensitive data”.
Within the limits of their respective powers and for the purposes mentioned above, the main people likely to have access to user data are mainly the publisher's customer service agents.
Article 8 – User rights
In accordance with the European regulations in force, users of the site have many rights related to personal data. In particular, users have the right to access their data, to correct any errors, as well as the right to have personal data erased, to limit their processing or to oppose it. Users also have the right to withdraw consent, to object to the receipt of marketing materials in the future, and in certain circumstances, the right to ensure that information is transferred to users or transferred to a third.
– Right of access, right of rectification: The user has the right to access the personal data that the publisher holds about him, to have his personal data rectified if they are inaccurate, obsolete or incomplete.
– Right to erasure, right to be forgotten: The user has the right to have his data erased or deleted. This right may however be limited by a legal reason or a legitimate interest of the publisher to keep the personal data.
– Right of opposition: The user has the right to request the limitation or to oppose the processing of his data by the site, without the site being able to refuse, except to demonstrate the existence of legitimate and compelling reasons, that may prevail over the interests and rights and freedoms of the user.
– Right to withdraw consent for data processing based on consent: The user may withdraw his consent to the processing of his data at any time when this processing is based on consent.
– Right to data portability: The user has the right to move, copy or transfer data held by the site to another site. This right applies only to data provided by the user and when this data is subject to automated processing based on his consent or on a contract.
– Right to determine the fate of data after death: The user can organize what should become of his data collected and processed if he dies and choose, if he wishes, whether the publisher will have to communicate his data to a third party that he has previously designated.
8.1. Application of rights
If the user wishes to know how the publisher uses his personal data, or ask to rectify it, oppose its processing or delete it, he can contact the Data Protection Officer who is available to users for any question relating to the protection of personal data.
All requests must be accompanied by a photocopy of a valid identity document, signed, and mention the address at which the publisher can contact the applicant. The response will be sent within one month of receipt of the request. This one-month period may be extended by 2 (two) months if the complexity of the request so requires.
Requests for the deletion of personal data will be subject to the obligations imposed on the publisher by law, in particular with regard to the conservation or archiving of documents.
In the event that the data controller decides not to respond to the user's request, and the user wishes to contest this decision, or, if he thinks that one of the rights listed above, he is entitled to appeal to the CNIL (Commission Nationale de l'Informatique et des Libertés) or any competent judge.
Users can file a complaint with the supervisory authorities, and in particular the CNIL, at the following address: https://www.cnil.fr/.
Article 9 – Data Protection Officer
The role of the Data Protection Officer is to ensure the proper implementation of national and supranational provisions relating to the collection and processing of personal data. He can also be appointed DPO (for Data Protection Officer).
The user is informed that the following person has been appointed Data Protection Officer by the site editor: Grégory Dupré. The data protection officer can be reached by e-mail at the following address: contact|at|le-grand-jardin.fr or by post at the following address: Domaine Le Grand Jardin - 20, Chemin de la Clapouze - 07150 - Vallon Pont d'Arc – France.