Respect for your private life and the protection of personal data is a priority and constant concern of SOFACTO, which adopts a “Privacy by Design” approach. This implies in particular that the personal data concerning you are protected by default, both in terms of the design of our information system and SOFACTO’s practices. Processing is carried out with transparency, in compliance with your rights recognized by the laws and regulations in force as well as by this processing policy. The protection of your privacy is ensured throughout the processing, from the design of the application to the erasure of your data. You acknowledge having read this data processing policy.
It is essential to distinguish the processing of personal data that concerns you as a customer of SOFACTO and / or a user of the Sofacto application.
These processing operations are recorded in our register of processing activities and our company is responsible for them within the meaning of Law 78-17 of 6 January 1978 on data processing, files and freedoms (hereinafter the Data Protection Act).
The purpose of this processing policy is to inform the people concerned by the various processing operations and the ordering clients who then have the status of Data Controller about the scope of their rights and obligations.
1. OUR PRINCIPLES, OUR ETHICS
Our ethics for the protection of privacy and personal data revolve around the following principles:
– Transparency and fairness: you know what information is collected, by whom, by what means and for what uses. You can request details of the processing carried out at any time by contacting our services.
– Consent: the data is processed with your express, free, specific and unambiguous informed consent. The interests of the persons concerned are systematically privileged: we provide for strict and implicit measures to protect the privacy of customers and users, but also ergonomics and user experience, particularly in terms of information.
– Proportionality and legitimacy: the processing of personal data that we implement tends towards data minimization. We only process information that is useful for the fulfillment of specific, explicit, legitimate purposes. The retention period of data concerning you is also limited in time.
– Anonymization: as soon as it is no longer useful to have the information in an identifying form, it is deleted or anonymized. More generally, SOFACTO always seeks to work from already anonymized datasets.
– Relevance and accuracy: procedures for updating and correcting information are implemented and constantly available to you.
– Security and confidentiality: we take all necessary precautions with regard to the nature of the data and the risks presented by the processing to preserve the security of the data and, in particular, to prevent them from being distorted, damaged, or from unauthorized third parties. have access.
2. SOME DEFINITIONS
Occasional contact: any person approached within the framework of their professional or charitable activity, without voluntary action on their part and, in particular, any person likely to be interested in our services and who does not maintain regular exchanges with us.
– Regular contact: anyone who takes a positive approach with a view to maintaining regular exchanges with us as part of their professional or associative activity.
– Personal data: this is the data that identifies you directly or indirectly. Hereinafter “Personal Data” or “Data”.
– Sensitive data: this is data which directly or indirectly reveals the ethnic origins, political, philosophical or religious opinions or trade union membership of people, or which relates to health or sexual life.
– Specific data: these are biometric, genetic data relating to convictions, offenses and security measures, the social security number, assessments of the psychological and social capacities of people.
– Limitation of processing: this is the marking of stored personal data, with a view to limiting their future processing.
– Processing of personal data: any operation carried out by any means whatsoever relating to personal data.
– Controller: this is the person who decides on the purpose and means of the Processing. Hereinafter “the Manager”.
– Subcontractor: this is the natural or legal person, public authority, department or other body which processes personal data on behalf of the controller.
– Personal data breach: a security breach resulting, accidentally or unlawfully, in the destruction, loss, alteration, unauthorized disclosure of personal data transmitted, stored or otherwise processed, or unauthorized access to such data.
WHO IS RESPONSIBLE FOR YOUR PERSONAL DATA?
SOFACTO is responsible for data concerning its customers, the personnel of its customers with whom SOFACTO is in contact as well as data concerning its prospects.
SOFACTO SAS, whose registered office is located at 256 rue de Thor 34 000 Montpellier, is registered with the Montpellier Trade and Companies Register under number 810 193 177. Its legal representative is Frederi SCOTTO, Chairman of SOFACTO.
We inform you that the processing of personal data is an asset of companies which may have to be transmitted during a transfer. In such a case, you will retain the benefit of this processing policy.
WHAT PERSONAL DATA DO WE COLLECT?
– When browsing the website:
Simply consulting the SOFACTO website as a visitor does not require a personal registration. On the other hand, certain information about you is collected automatically when you browse the website (IP address, visit time, type of browser, as well as the categories of the site visited).
While browsing the site, you may be asked to accept cookies. These text files are placed on your computer’s hard drive, and then read by a server, in order to facilitate your navigation by recognizing you during your subsequent visits to the website. You can deactivate cookies at any time in your browser settings. However, SOFACTO informs you that certain features of its site are not guaranteed if cookies are blocked.
– When you want to discover our services:
We collect data relating to the monitoring of the commercial relationship: identification data, contact details, documentation requests, test requests, service or subscription taken out, quantity, amount, periodicity, history of services, correspondence with the customer, exchanges and comments from customers and prospects, people in charge of customer relations.
– When you subscribe to our services:
When you subscribe to our services, we collect data relating to the means of payment and in particular a bank identity statement. We can also collect data relating to the payment of invoices: payment methods, check number, transfer or direct debit reference, discounts granted, balances and unpaid bills.
In general, we do not collect any sensitive data such as religion, trade union membership, racial and ethnic origins, criminal convictions or data relating to health, nor any specific data concerning you.
WHAT DO WE DO WITH YOUR DATA?
The processing of your personal data is based on the legitimate interest of SOFACTO.
To deliver the best possible quality services best suited to your needs, SOFACTO must process information that concerns you. We also process personal data in order to improve our services. To this end, we carry out statistics in particular, we can practice segmentation to offer you the services most suited to your needs.
We carry out operations relating to customer management concerning: contracts; the bills ; accounting and, in particular, the management of customer accounts; monitoring customer relations such as carrying out satisfaction surveys, handling complaints; management of unpaid bills and litigation; the selection of clients to carry out studies, surveys and tests.
We carry out operations relating to prospecting. Your data can be used to compile trade statistics; the management of requests for the right of access, rectification and opposition; management of people’s opinions on services or content.
As long as you have not expressly agreed to the collection of data by us, you are an occasional Contact. Thus, the Manager can only send you a single message to request your consent to receive our messages.
From the moment you communicate your agreement to us or maintain a regular relationship with us, you become a regular contact.
The data collected are:
– your name, name at birth, name of use, first name;
– your civility;
– your postal address;
– your email ;
– your landline number;
– your mobile phone number;
– your LinkedIn profile;
– your Twitter profile.
You will then be asked to choose whether you prefer to be contacted by email, phone, mail or during a face-to-face meeting.
HOW LONG IS YOUR DATA KEPT?
– Regarding your browsing data on the website:
SOFACTO keeps your browsing data on our website for a maximum period of 6 months (period recommended by the CNIL).
– Regarding the data you provide us to know about our services:
The personal data that you provide to us when you wish to discover our services will be kept for a maximum period of 3 years (period recommended by the CNIL).
– Regarding your Customer data when you subscribe to our services:
We use and keep your Customer data for as long as our contractual relationship lasts, in order to manage our exchanges, monitor the commercial, contractual and technical relationship. At the end of the contract, we keep your data for 3 years (period recommended by the CNIL) to contact you, offer you new offers related to our services, or meet our legal and / or contractual obligations.
These cookies are purely technical and have very short lifetimes (less than 24 hours). You can accept or refuse these cookies at any time by clicking on the banner at the bottom right of each page of the site.
SOFACTO does not use any tracking cookies.
The refusal of cookies does not entail any adverse consequences.
You can give or withdraw your consent to the installation of cookies at any time.
WHAT ARE YOUR RIGHTS AND HOW TO EXERCISE THEM?
In accordance with the regulations in force, you have the following rights regarding your personal data:
– Right of access: you can, at any time, access the personal data that we hold about you. To do this, you retain the possibility of contacting us in order to access your data as well as the purposes to which they are attached.
– Right of rectification: if you notice an error, an oversight or an ambiguity in your personal data, you can make a request in order to complete or make a correction, or a clarification of your personal information.
– Right to erasure: you can also ask us to delete your personal data.
– Right to restriction of processing: you can claim the limitation of the future processing of your personal data under certain conditions: when you dispute the accuracy of a given, when you need it for the establishment, exercise or defending your rights in court. You can also demand the restriction of the processing of your data if the processing is unlawful and you do not wish to proceed with an erasure.
– Right to portability: as a customer, you have the right to receive data concerning you in a structured, commonly used and machine-readable format. You can also request that we transmit your personal data to another organization.
– Right to object: you retain, at any time, the right to object to the use of your personal data in the context of the activities carried out by our company with regard to the processing of your data based on legitimate interest SOFACTO, such as commercial prospecting, for example.
In order to exercise your rights or for any request for information and / or contact, please contact: SOFACTO SAS – 256 rue de Thor – 34000 Montpellier or send an email to: firstname.lastname@example.org
In addition, you have the right to lodge a complaint with a supervisory authority (CNIL): https://www.cnil.fr/fr/agir