The French version is the only legally valid binding version.
PRIVACY POLICY

 

 

POLITIQUE D’UTILISATION DES DONNÉES PERSONNELLES
Website – customer and partner relations

Updated on August 10, 2020

Downloadable version of the policy

 

Website management and customer relations

Activities relating to the www.enlaps.io website and to customer and partner relations involve the processing of personal data.

What is the policy on the use of personal data?

This policy informs you of the features of these processing operations and of your rights regarding your personal data. This privacy policy is drafted in accordance with the French law no. 78-17 of 6 January 1978 (known as the “Loi informatique et libertés” or “LIL”) and the General Data Protection Regulation (“GDPR”) no. 2016/679.

Who is responsible for this policy?

Enlaps

Simplified joint-stock company with a capital of 200,000 euros 

Registered with the Grenoble Trade and Companies Registry under number 813 731 262,

Whose registered office is located: 26 Avenue Jean Kuntzmann 38330 Montbonnot-Saint-Martin 

Represented by Antoine Auberton, acting as Chairman, and Director of Publication, duly authorised for the purposes hereof.

Contact details of the person in charge of the personal data use policy

Mr Antoine Auberton.

E-mail address: 

Who is this policy for?

This policy is intended for users of the site.

 

It concerns:

-those who sign up to the technical and commercial newsletters (newsletters)

-customers who order products and services

-those to whom we have entrusted technical services relating to the site (hosting service provider, maintenance, security) 

-those who have access to the back office of the site for its administration

-those who contact us for information or to become a partner or reseller

-those who contact us for the after-sales service or technical assistance

-those who use the online chat service

-those who leave a comment about a blog post 

Purposes (what the collected data is used for)

The purpose of the processing is the management of the website.

 

This processing is for the following:

-management of subscriptions 

-management of technical and commercial newsletters (newsletter)

-management of orders for products and services and customer relations, including the online shop

-technical management of the site (maintenance, hosting, site security)

-administration of the website

-management of inquiries and partnerships

-management of requests for the after-sales service and technical assistance

-management of the online chat service

-management of comments on blog posts

Legal basis of the processing operations: which gives us the right to process the data

The legal bases of the processing operations are as follows:

 

  • for the management of subscriptions to technical and commercial newsletters (newsletters), the legal basis is the legitimate interest (technical newsletter) and the consent of the subscriber (commercial newsletter)

 

  • for the management of orders and customer relations, the legal basis is the order placed by these customers (the contract)

 

  • for the technical management of the site (maintenance, hosting, site security), the legal basis is legitimate interest

 

  • for the administration of the website, the legal basis is the legitimate interest

 

  • for the management of requests for information and partnership, the legal basis is the legitimate interest (allowing online communication) or the execution of pre-contractual measures (making quotes at the request of individuals)

 

  • For the management of requests for the after-sales service and technical support: the legal basis is the contract concluded with the customer or the legitimate interest

 

  • for the management of the chat on the site, the legal basis is the consent of the data subjects

 

  • for the management of comments on blog articles, the legal basis is the consent of the data subjects

Data retention period

Data that are being processed are kept for no longer than is necessary for the purposes for which they are recorded (principle of data minimisation).

 

The maximum storage times are as follows:

 

  • for the management of newsletter subscriptions (newsletter): the e-mail address is retained until the data subject unsubscribes 
  • for order management and customer relationship management: 10 years from the end of the contract
  • for the technical management of the site (maintenance, hosting, site security): 12 months for IP addresses and connection logs 
  • for the administration of the website: as long as the data subjects administer the site
  • for the management of inquiries: 3 years from the request
  • for the management of requests for the after-sales service and assistance: 5 years from the request if it is a client – Otherwise, 3 years
  • for the management of online chats: 3 years as of the request
  • for the management of comments published on the blog: 5 years from publication

Data processed

The controller processes the following categories of data:

 

-for the management of newsletter subscriptions (newsletter): the e-mail address 

 

-for order management and customer relationship management: identification data (last name, first name, company name, telephone, address, delivery address if different); products and services ordered

 

-for the technical management of the site (maintenance, hosting, site security): IP addresses and connection logs 

 

-for the administration of the website: the identity of the people administering the site

 

-for the management of inquiries: nature of the information (quote/partner), last name, first name, email, company name, telephone, country, message

 

-for the management of requests for the after-sales service and assistance: type of information (quote/partner), name, first name, email, company name, phone, country, message, camera serial number

 

-for the management of online chats: name, e-mail address, question

 

-for the management of comments published on the blog: name, email address, comment, site address

Mandatory or optional nature of the data collection

The data collected are compulsory for the purposes of processing, except in certain cases: For online orders, the collected data is required for the conclusion and execution of the order (contract). However, the name of the company and the delivery address, if different from the address of domicile, are optional data. For enquiries and after-sales service requests, the company name, telephone number and country are optional data.

Data Sources

The data are sent directly by the data subjects.

Recipients of the data

Depending on their respective needs, the following will receive all or part of the data: -people in charge of technical services (AWS hosting provider, maintenance, site security) -providers of online payment services (PayPal, banks) -carriers -Social intents for online chat Enlaps may be required to disclose personal data to the competent authorities as part of operations aimed at combating any criminally reprehensible activity.

What security measures are in place?

The data controller shall implement appropriate technical and organisational measures to ensure a level of security commensurate with the risk involved. The data controller takes measures to ensure that any natural person acting under the authority of the data controller or under that of the processor, who has access to personal data, does not process them, unless instructed to do so by the data controller, provided that it is not obliged to do so.

The transfer or non-transfer of data to a country outside the European Union and associated warranties

The data controller does not perform any transfers of personal data outside the European Union.

Automated decision making

The processing operations do not provide for fully automated decision making.

What happens to personal data after death? – Right to access, rectification, deletion and data portability

The data subject of a processing operation may lay down guidelines for the storage, erasure and disclosure of their personal data after their death. These guidelines may be general or specific. The person concerned by a processing operation also has a right of access, opposition, rectification, deletion and, under certain conditions, the portability of their personal data. The data subject shall have the right to withdraw their consent at any time if consent constitutes the legal basis for the processing operation. The application must indicate the last name and first name, e-mail or postal address of the data subject, and be signed and accompanied by valid proof of identity.

Claim

The person concerned by a processing operation has the right to lodge a complaint with the supervisory authority (CNIL): https://www.cnil.fr/fr/webform/adresser-une-plainte

COOKIE POLICY
website

Updated on August 10, 2020

Downloadable version of the policy

What is this Cookie Charter about?

When you visit our www.enlaps.io cookies (and other trackers) are deposited or read on the terminal you use (computer, mobile or tablet). This policy tells you what types of cookies we use and for what purposes. We also explain what your rights are regarding these cookies and how you can exercise them. This charter gives you additional information to that which you can find in the cookie banner that you see when you browse our site. This Charter relating to Cookies was drawn up in accordance with the French law no. 78-17 of 6 January 1978 (known as the “Loi informatique et libertés” or “LIL”) and the General Data Protection Regulation (“GDPR”) no. 2016/679.

Who is responsible for this Charter?

Simplified joint-stock company with a capital of 200,000 euros Registered with the Grenoble Trade and Companies Registry under number 813 731 262, Whose registered office is located: 26 Avenue Jean Kuntzmann 38330 Montbonnot-Saint-Martin Enlaps. Represented by Antoine Auberton, acting as Chairman, duly authorised for the purposes hereof.

Contact details of the person in charge of the personal data use policy

Mr Antoine Auberton. E-mail address: info@enlaps.fr or by phone at +33 04-58-00-57-30 (price of a local call from a landline) during customer service opening hours, Monday to Friday from 9am-12pm and 2pm-6pm (closed on Saturdays, Sundays and public holidays).

What is a cookie and what is it for?

A cookie is a tracker. When an internet user browses a website, it collects personal information about them. When the internet user uses their computer, cookies are managed by your web browser (Internet Explorer, Firefox, Safari or Google Chrome). There are other types of trackers in addition to cookies (e.g. invisible pixel, fingerprinting, local storage, flash cookie). Some cookies are internal to the website, others are third party cookies placed on the site by third party companies. For simplicity, we will use the term “cookies” in this policy to refer to different types of trackers. A cookie can collect various personal data about you, such as the IP address of your computer, the browser used, the date and time of connection, the pages visited on the site, etc.

What types of cookies do we use on this website?
  • Cookies necessary for the operation of the website:

Purposes: These cookies allow you to navigate on the Site and are essential for the Site to function properly. Deactivating them will cause problems when using the Site and will prevent access to certain features.

Cookies: _icl_current_admin_language, cookie_notice_accepted, _icl_current_language, wfwaf-authcookie, woocommerce_cart_hash, wp_woocommerce_session, woocommerce_items_in_cart, wp-settings, wordpress_logged_in, wordfence_verifiedHuman, wordpress_test_cookie, wp-settings-time, 240planBAK, 240planD, wfvt, ppviewtimer

 

  • Performance and statistical cookies (audience measurement): 

 

Purposes: These cookies collect information on how Users use the Site (number of visits, number of pages viewed, visitor activity using the Google Analytics and Facebook analysis tools. We also use these cookies to identify and resolve problems with the operation of the Site and to improve it.

Cookies: hubspotutk, gat, hssc, hssrc, hstc, ga, gid, zb_admin_last_url, zb_static, zb_static_dr_currentsessiontimevisit, zb_static_dr_firsttimevisit, zb_static_dr_widgetsupdatetime, zb_stats_impression, zb_stats_impression_freemium, zb_stats_visit

 

Learn more about

What are your rights regarding cookies?

In accordance with Article 82 of the French Data Protection Act of 6 January 1978, the internet user must be notified that their personal data are processed using cookies.

 

This charter fulfils this obligation to provide information.

 

Furthermore, if we use cookies requiring the consent of the internet user, the consent is obtained when a Cookie banner appears on the website.

As long as the internet user has not been informed and has not given his express consent, this type of cookie is not installed or read on their terminal.

Consent is requested for each type of cookie (by purpose).

The list of third party cookie providers is given when the consent is obtained.

The user can delay their choice and decide later. Until consent is given, no cookies are installed.

The user can refuse the installation of these cookies.

They may withdraw consent at any time by a process that is as easy as when the consent was given.

Installed cookies have a maximum lifespan of 13 months. At the end of this period, consent is requested again.

 

The internet user is notified that they can deactivate cookies by configuring their internet browser:

If the internet user wishes to delete the cookies saved on their terminal and set their browser to refuse cookies, they can do so in their web browser settings.

These cookie-related browsing options are usually found in the browser’s “Options”, “Preferences” or “Tools” menus.

 

To learn more about the rules applicable to cookies, the internet user can consult the following links:

https://www.cnil.fr/fr/cookies-et-autres-traceurs-la-cnil-publie-de-nouvelles-lignes-directrices

https://www.legifrance.gouv.fr/affichTexte.do?cidTexte=JORFTEXT000038783337

What happens to personal data after death? – Right to access, rectification, deletion and data portability