ARTICLE 1: PREAMBLE
• The way in which their personal data are collected and processed. All data that can identify a user should be considered as personal data. These include the first and last name, age, postal address, email address, location of the user or its IP address;
• What are the rights of users regarding these data;
• Who is responsible for the processing of personal data collected and processed;
• To whom this data is transmitted;
• Possibly, the site's policy regarding "cookies" files.
Legal notice: https://www.coodoc.com/legalnotice-en.php
General conditions of use: https://www.coodoc.com/termsofservice-en.php
ARTICLE 2: GENERAL PRINCIPLES FOR DATA COLLECTION AND PROCESSING
In accordance with the provisions of Article 5 of the European Regulation 2016/679, the collection and processing of site users' data complies with the following principles:
• • Lawfulness, loyalty and transparency: data can only be collected and processed with the consent of the user who owns the data. Whenever personal data are collected, the user will be informed that his / her data is being collected, and for what reasons his / her data is collected;
• • Limited Purposes: Data collection and processing is performed to fulfill one or more of the objectives identified in Terms of Service;
• • Minimizing the collection and processing of data: only the data necessary for the proper execution of the objectives pursued by the site are collected;
• • Conservation of data reduced in time: the data are kept for a limited time, of which the user is informed;
• • Integrity and confidentiality of the data collected and processed: the data controller is committed to ensuring the integrity and confidentiality of the data collected.
In order to be lawful, and in accordance with the requirements of Article 6 of European Regulation 2016/679, the collection and processing of personal data may only take place if they comply with at least one of the conditions set out above, hereby listed:
• The user has expressly consented to the treatment;
• Processing is necessary for the proper performance of a contract;
• Treatment meets a legal obligation;
• Treatment is due to a need to safeguard the vital interests of the data subject or other natural person;
• The treatment can be explained by a necessity related to the performance of a mission of public interest or that comes under the exercise of the public authority;
• The processing and collection of personal data is necessary for the legitimate and private interests pursued
ARTICLE 3: PERSONAL DATA COLLECTED AND PROCESSED IN THE CONTEXT OF NAVIGATION ON THE SITE
DATA COLLECTED AND PROCESSED AND METHOD OF COLLECTION
The personal data collected on the site coodoc.com are as follows:
• The information given by the user in the form of user profile (name, surname, company name, username, password,…) in order to be able to create or access to the website content,
• The technical characteristics of the means of connection to the website (screen size, IP address ...),
• And possibly the information relating to the use of the site: number of orders, time spent, articles consulted ...
This data is collected when the user performs one of the following operations on the site:
• register on the site,
• saves a document,
• buys a product on the site,
• consult an article of information,
• subscribes to a newsletter,
• requires technical or legal assistance online or by phone.
Moreover, during a payment on the site, it will be kept in the computer systems of the publisher of the site a proof of the transaction including the purchase order and the invoice. The data controller will keep in his computer systems of the site and in conditions of reasonable security all the data collected for a period of: between 1 day and 3 years, for simple visits, up to 5 years if the user validates an order. The collection and processing of data is intended, inter alia, for the following purposes:
• creation and control of access to customer accounts,
• creation of documents,
• connection between users,
• achievement of the formalities,
• followed by payment and billing,
• connection with third-party partners,
• sending marketing and sales information.
Targeting and advertisement.
And more generally all activities related to the sale of services or products related to the information presented on the website.
1. TRANSMISSION OF DATA TO THIRD PARTIES
1.1. Sharing your personal data with third-party companies
When browsing the Site, users' personal data may be transmitted to external service providers. These third parties provide service on our behalf and on our behalf for the purpose of enabling credit card payments and other Services to function properly, or are likely to offer their services or products to users.
Personal data may be transferred to countries outside the European Union (such as the United States) for the purpose of processing your requests and securing personal data.
In accordance with the GDPR, all transfers of personal data to a country outside the European Union and / or not offering a level of protection considered sufficient by the European Commission have been the subject of transboundary flow agreements in accordance with standard contractual clauses enacted by the European Commission and declared to the CNIL. Other transfers of personal data to the United States, especially for CRM, are governed by EU-US PRIVACY SHIELD.
We will never share, without obtaining your prior consent, your personal data with third-party companies for marketing and / or commercial purposes.
1.2. Sharing with the authorities
We may disclose your personal data to the administrative or judicial authorities when their disclosure is necessary for the identification, prosecution or prosecution of any individual who may harm our rights, any other user or a third. We can finally be legally obliged to disclose your personal data and cannot in this case oppose it.
2. HOSTING DATA
Coodoc.com is hosted by: FastComet, whose headquarters are located at the following address:
350 Townsend Street Suite 300 - # 846 San Francisco, California 94107.
The host can be contacted at the following number: + 448000868062.
The data collected and processed by the site are exclusively hosted and processed in the Netherlands.
ARTICLE 4: RESPONSIBLE FOR DATA PROCESSING AND DELEGATE FOR DATA PROTECTION
1. THE PERSON RESPONSIBLE FOR DATA PROCESSING
The controller of personal data processing is: Mohammad Ekhteraei.
He can be contacted as follows:
By phone at 06 86 61 75 06 Monday to Friday from 9:30 to 17:30 Central European Time or by email at firstname.lastname@example.org
The person responsible for data processing is responsible for determining the purposes and means used for the processing of personal data.
OBLIGATIONS OF DATA PROCESSING MANAGER
The data controller undertakes to protect the collected personal data, not to transmit it to third parties without the user having been informed and to respect the purposes for which the data was collected.
The site has an SSL certificate to ensure that information and data transfer through the site is secure. An SSL certificate ("Secure Socket Layer" Certificate) aims to secure the data exchanged between the user and the site.
In addition, the Data Controller agrees to notify the user in case of rectification or deletion of the data, unless this entails for it disproportionate formalities, costs and procedures.
In the event that the integrity, confidentiality or security of the user's personal data is compromised, the controller commits himself to inform the user by any means
ARTICLE 5: RIGHTS OF THE USER
In accordance with the regulations on the processing of personal data, the user has the rights listed below.
In order for the Data Controller to comply with the request, the user is required to provide him / her with: first name, last name, e-mail address and, if applicable, his account number or personal space number or subscriber.
The data controller is responsible for responding to the user within a maximum of 30 (thirty) days.
PRESENTATION OF THE RIGHTS OF THE USER IN COLLECTION AND DATA PROCESSING
1. Right of access, rectification and right to cancellation
The user can take knowledge, update, modify or request the deletion of the data concerning him, by respecting the following procedure stated: the user must send an email to the controller of personal data, specifying the purpose of his request and using the contact email address that is provided above.
If he has one, the user has the right to request the removal of his personal space by following the following procedure: the user must send an email to the controller of personal data, specifying his personal space number. The request to delete the data will be processed within 30 working days
2. Right to portability of data
The user has the right to request the portability of his personal data, held by the site, to another site, by following the procedure below: the user must make a request for portability of his personal data to the data controller, by sending an email to the address provided above.
3. Right to limitation and opposition of data processing
The user has the right to request the limitation or to oppose the treatment of his data by the site, without the site can refuse, except to demonstrate the existence of legitimate and compelling reasons that may prevail over the interests and the rights and freedoms of the user. In order to request the limitation of the processing of his data or to oppose the processing of his data, the user must follow the following procedure: the user must make a request for limitation to the processing of his personal data with the person responsible for data processing, by sending an email to the address provided above
4. Right not to be the subject of a decision based exclusively on an automated process:
In accordance with the provisions of Regulation 2016/679, the user has the right not to be the subject of a decision based exclusively on an automated process if the decision has legal effects on it or significantly affects it. similar way.
5. Right to determine the fate of data after death: The user is reminded that he can organize what should be the future of his data collected and processed if he dies, in accordance with the law n ° 2016-1321 of October 7th, 2016.
6. Right to seize the competent supervisory authority: If the data controller decides not to respond to the request of the user, and the user wishes to contest the decision, or if he thinks that one of the rights listed above, it is entitled to refer to the CNIL (National Commission for Computing and Freedoms, https://www.cnil.fr) or any competent judge.
PERSONAL DATA OF MINOR PERSONS In accordance with the provisions of Article 8 of European Regulation 2016/679 and the Data Protection Act, only minors aged 15 or over can consent to the processing of their personal data. If the user is a minor under the age of 15, the consent of a legal representative will be required so that personal data can be collected and processed. The publisher of the site reserves the right to verify by any means that the user is older than 15 years, or that he has obtained the consent of a legal representative before browsing the site.
The publisher of the site reserves the right to modify it to guarantee its conformity with the law in force.