ARTICLE 1: Nature of the data collected
Within the framework of the use of the Sites, www.lescitadelles.com is likely to collect the following categories of data concerning its Users:
- Identification data (surname, first name, e-mail)
- Connection data (IP addresses, etc.)
The data is collected :
- When you send us a message, so that we can answer you.
www.lescitadelles.com undertakes to keep a written record of all categories of processing activities carried out in its capacity as data controller.
ARTICLE 2: Information and users' rights
The Publisher hereby clearly informs you about the processing of personal data that it implements in the context of its activity, how the data is collected, used and protected.
Any User has the right to ask the controller, i.e. the Publisher
- Access to the personal data provided,
- Rectification or deletion of the data,
- A limitation of the processing relating to his person,
- To object to the processing,
- To the portability of data,
- To lodge a complaint with the CNIL.
ARTICLE 3: Communication of data to a third party
Communication to the authorities on the basis of legal obligations: On the basis of legal obligations, your personal data may be disclosed in application of a law, a regulation or by virtue of a decision of a competent regulatory or judicial authority.
In general, we undertake to comply with all legal rules that may prevent, limit or regulate the dissemination of information or data and in particular to comply with Law No. 78-17 of 6 January 1978 relating to information technology, files and freedoms and the European Union's General Data Protection Regulation (GDPR).
Communication to third parties according to the account settings: Your personal data is strictly confidential and may not be disclosed to third parties, except with your consent.
ARTICLE 4: Aggregation of data
Aggregation with Non-Personal Data: We may publish, disclose and use Aggregate Information (information about all of our Users or specific groups or categories of Users that we combine in such a way that an individual User can no longer be identified or referred to) and Non-Personal Information for industry and market analysis, demographic profiling, promotional and advertising purposes, and other business purposes.
ARTICLE 5: Cookies
Cookie retention period: In accordance with the recommendations of the CNIL, the maximum retention period for cookies is 13 months after they are first deposited in the User's terminal, as is the duration of the validity of the User's consent to the use of these cookies. The lifetime of cookies is not extended with each visit. The User's consent must therefore be renewed at the end of this period.
Purpose of cookies : Cookies may be used for statistical purposes, in particular to optimise the services rendered to the User, based on the processing of information concerning the frequency of access, the personalisation of pages as well as the operations carried out and the information consulted.
You are informed that the Publisher may place cookies on your terminal. The cookie records information relating to navigation on the service (the pages you consulted, the date and time of the consultation, etc.) which we can read during your subsequent visits.
If you leave a comment on our site, you will be asked to save your name and email address in cookies. This is only for your convenience so that you do not have to enter this information if you leave another comment later. These cookies expire after one year.
For more details on the cookies used on our site, please consult our page dedicated to Cookies.
ARTICLE 6: Statistics and audience measurement
Our website uses Google Analytics to measure the audience and to carry out statistics of use of the website.
Google Analytics protects the privacy of Google Analytics data in several ways: The Google Analytics Terms of Service, to which all Google Analytics customers must adhere, prohibit the transmission of personal information to Google Analytics. This information includes any data that can be used by Google to reasonably identify an individual, including (but not limited to) names, email addresses or billing information.
ARTICLE 7: Retention of technical data
Duration of retention of technical data: Technical data is retained for the time strictly necessary to achieve the purposes mentioned above.
ARTICLE 8: Retention period for personal data
Conservation of data for the duration of the contractual relationship: In accordance with article 6-5° of the law n°78-17 of 6 January 1978 relating to data processing, files and freedoms, personal data subject to processing are not kept beyond the time necessary for the execution of the obligations defined at the time of the conclusion of the contract or the predefined duration of the contractual relationship.
Retention of anonymised data beyond the contractual relationship / after deletion of the account: We retain personal data for the period of time strictly necessary to fulfil the purposes described in this Policy. Beyond this period, they will be anonymised and kept exclusively for statistical purposes and will not be used in any way whatsoever.
ARTICLE 9: Indications in the event of a security breach detected by the editor
Information to the User in the event of a security breach: We undertake to implement all appropriate technical and organisational measures using physical and logistical means of security in order to guarantee a level of security adapted to the risks of accidental, unauthorised or illegal access, disclosure, alteration, loss or destruction of your personal data.
In the event that we become aware of unlawful access to your personal data stored on our servers or those of our service providers, or of unauthorised access resulting in the risks identified above, we undertake to
- Notify you of the incident as soon as possible if this is required by law,
- Examine the causes of the incident,
- to take reasonable steps to mitigate any adverse effects and damages that may result from the incident.
Limitation of Liability: In no event shall the undertakings set out in the above point relating to notification of a security breach be construed as an admission of fault or liability for the occurrence of the incident in question.