PERSONAL DATA USE POLICY
Website – customer and partner relations
The US English version is authoritative and binding on all parties.
Last update on August 10, 2020
Website management and customer relationship
Activities related to the www.enlaps.io website and to customer and partner relations involve the processing of personal data.
What is the policy on the use of personal data?
This policy informs you of the features of these processing operations and of your rights regarding your personal data. This privacy policy is drafted in accordance with the French law no. 78-17 of January 6, 1978 (known as the “Information Technology and Freedoms Law” or “LIL”) and the General Data Protection Regulation (“GDPR”) no. 2016/679.
Who is responsible for this policy?
Enlaps
Simplified joint-stock company with a capital of 200,000 euros
Registered with the Grenoble Trade and Companies Registry under number 813 731 262,
Whose registered office is located: 26 Avenue Jean Kuntzmann 38330 Montbonnot-Saint-Martin
Represented by Antoine Auberton, acting as Chairman, and Director of Publication, duly authorised for the purposes hereof.
Contact details for the individual responsible for the personal data use policy
Mr. Antoine Auberton.
Email: info@enlaps.fr
Who is this policy for?
This policy is intended for users of the site.
It concerns:
-those who sign up for the technical and commercial newsletters (newsletters)
-customers who order products and services
-those to whom we have entrusted technical services related to the site (hosting service provider, maintenance, security)
-those who have access to the back office of the site for its administration
-those who reach out to us for information or to become a partner or reseller
-those who contact us for customer support or technical assistance
-users of the online chat service
-individuals who leave a comment on a blog post
Purposes (what the collected data is used for)
The purpose of the processing is the management of the website.
This processing is for the following:
-management of subscriptions
-management of technical and commercial newsletters (newsletter)
-management of orders for products and services and customer relations, including the online store
-technical management of the site (maintenance, hosting, site security)
-administration of the website
-handling of inquiries and partnerships
-management of requests for after-sales service and technical support
-management of the online chat service
-management of comments on blog posts
Legal basis for the processing activities: which gives us the authority to process the data
The legal foundations for processing activities include:
for subscription management to technical and commercial newsletters (newsletters), the legal foundation is a legitimate interest (technical newsletter) and the subscriber's consent (commercial newsletter)
for order management and customer relationship, the legal foundation is the order placed by these customers (the contract)
for technical site management (maintenance, hosting, site security), the legal foundation is legitimate interest
for website administration, the legal foundation is legitimate interest
for handling requests for information and partnerships, the legal foundation is legitimate interest (enabling online communication) or carrying out pre-contractual actions (providing quotes upon individual requests)
For managing requests to the after-sales service and technical support: the legal foundation is the contract with the customer or legitimate interest
for chat management on the site, the legal foundation is the data subjects' consent
for managing comments on blog articles, the legal foundation is the data subjects' consent
Data retention period
The data processed are retained only for the time necessary to fulfill the purposes for which they were collected (principle of data minimization).
The maximum retention periods are:
for managing newsletter subscriptions: the email address is kept until the individual unsubscribes
for order management and customer relations: 10 years from the end of the contract
for technical management of the website (maintenance, hosting, website security): IP addresses and connection logs are kept for 12 months
for website administration: as long as the individuals are managing the site
for handling information requests: 3 years from the date of the request
for customer service and support inquiries: 5 years from the date of the request if it pertains to a customer – otherwise 3 years
for managing the online chat: 3 years from the request
for managing comments posted on the blog: 5 years from the date of the post
Data processed
The data controller processes the following categories of data:
for the management of newsletter subscriptions (newsletters): the email address
for the management of orders and customer relations: identification data (name, first name, company name, telephone, address, delivery address if different); the products and services ordered
for the technical management of the website (maintenance, hosting, website security): IP addresses and connection logs
for the administration of the website: the identity of the individuals who administer the site
for the management of information requests: type of information (quote/partner), name, first name, email, company name, telephone, country, message
for the management of after-sales service and support requests: type of information (quote/partner), name, first name, email, company name, telephone, country, message, camera serial number
for the management of the online chat: name, email address, question
for the management of comments posted on the blog: name, email address, comment, website address
Whether the data collection is mandatory or optional
The data collected is mandatory for processing purposes, except in certain situations: For online orders, the collected data is necessary to finalize and fulfill the order (contract). However, the company name and the delivery address, if different from the home address, are optional. For inquiries and after-sales service requests, the company name, phone number, and country are optional.
Date source
The data is sent directly by the data subjects.
Recipients of the data
Depending on their specific requirements, the following entities will receive all or a portion of the data: -individuals responsible for technical services (AWS hosting provider, maintenance, website security) -online payment service providers (PayPal, banks) -shipping companies -Social media channels for online chat Enlaps may be obligated to release personal information to the appropriate authorities in efforts to combat any criminal activities.
What security measures are in place?
The data controller must implement suitable technical and organizational measures to ensure a level of security appropriate to the risk involved. The data controller takes steps to ensure that any individual acting under the authority of the data thesis or of the processor, who has access to personal data, does not process them unless instructed by the data thesis, unless required to do so by law.
The transfer or non-transfer of data to a country outside the European Union and associated warranties
The data controller does not perform any transfers of personal data outside the European Union.
Automated decision making
The processing operations do not provide for fully automated decision making.
What happens to personal data after death? – Right to access, rectification, deletion, and data portability
An individual involved in a data processing operation can set directions for the handling, deletion, and sharing of their personal data after their death. These directions can be broad or detailed. The individual affected by a data processing operation also has the right to access, object to, correct, delete, and, in some cases, transfer their personal information. If consent is the legal foundation for processing their data, individuals have the right to revoke this consent at any time. The request must include the individual’s surname and given name, as well as an email or postal address, and it must be signed and include a valid form of identification.
Claim
The individual affected by a processing activity has the right to file a complaint with the regulatory authority (CNIL): https://www.cnil.fr/fr/webform/adresser-une-plainte
COOKIE POLICY
Website
The English version is authoritative and binding on all parties.
Updated on August 10, 2020
What is this Cookie Charter about?
When you visit our www.enlaps.io, cookies (and other trackers) are placed or accessed on the device you're using (computer, mobile, or tablet). This policy outlines the types of cookies we utilize and their purposes. It also details your rights concerning these cookies and how to exercise them. In addition to the cookie banner information that appears when you navigate our site, this Charter provides further details. This Cookies Charter has been prepared under French law no. 78-17 of 6 January 1978 (known as the 'Loi informatique et libertés' or 'LIL') and the General Data Protection Regulation ('GDPR') no. 2016/679.
Who is responsible for this Charter?
Simplified joint-stock company with a capital of 200,000 euros Registered with the Grenoble Trade and Companies Registry under number 813 731 262, whose registered office is located at: 26 Avenue Jean Kuntzmann, Montbonnot-Saint-Martin, Enlaps. Represented by Antoine Auberton, acting as Chairman, duly authorized for the purposes hereof.
Contact details for the individual responsible for the personal data use policy
Mr Antoine Auberton. E-mail address: info@enlaps.fr or by phone at 1-585-555-1234 (cost of a local call) during customer service opening hours, Monday to Friday from 9am to 12pm and 2pm to 6pm (closed on Saturdays, Sundays, and public holidays).
What is a cookie and what is it for?
A cookie is a tracker. When an internet user browses a website, it collects personal information about them. When the internet user uses their computer, cookies are managed by your web browser (Internet Explorer, Firefox, Safari or Google Chrome). There are other types of trackers in addition to cookies (e.g. invisible pixel, fingerprinting, local storage, flash cookie). Some cookies are internal to the website, others are third party cookies placed on the site by third party companies. For simplicity, we will use the term “cookies” in this policy to refer to different types of trackers. A cookie can collect various personal data about you, such as the IP address of your computer, the browser used, the date and time of connection, the pages visited on the site, etc.
What types of cookies do we use on this website?
Necessary cookies for website operation:
Purposes: these cookies enable you to navigate the Site and are essential for the proper functioning of the Site. Disabling them will result in difficulties in using the Site and will prevent access to certain features.
Cookies: _icl_current_admin_language, cookie_notice_accepted, _icl_current_language, wfwaf-authcookie, woocommerce_cart_hash, wp_woocommerce_session, woocommerce_items_in_cart, wp-settings, wordpress_logged_in, wordfence_verifiedHuman, wordpress_test_cookie, wp-settings-time, 240planBAK, 240planD, wfvt, ppviewtimer
Performance and statistics cookies (audience measurement):
Purposes: these cookies collect information about how Users use the Site (number of visits, number of pages viewed, visitor activity) using Google Analytics and Facebook analysis tools. These cookies also assist us in identifying and resolving Site functionality issues and improving it.
Cookies: hubspotutk, gat, hssc, hssrc, hstc, ga, gid, zb_admin_last_url, zb_static, zb_static_dr_currentsessiontimevisit, zb_static_dr_firsttimevisit, zb_static_dr_widgetsupdatetime, zb_stats_impression, zb_stats_impression, zb_stats_impression_freemium_, zb_stats_visit
Learn more about https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=en
Advertising cookies:
Purposes: We use cookies to make advertising more appealing to users and more valuable for publishers and advertisers. Moreover, cookies enable the selection of ads based on their relevance to the user, the enhancement of campaign performance reporting, and the avoidance of displaying ads the user has already seen.
We utilize cookies such as "NID" and "SID" to tailor ads on Google properties, like Google Search. For example, we use them to remember your most recent searches, past interactions with an advertiser's ads or search results, and your visits to an advertiser’s site. This helps us in delivering personalized ads on Google.
We also deploy one or more cookies for the ads that we serve on the web. A key advertising cookie on third-party sites is named "IDE" and is located in browsers under the domain doubleclick.net. Another one, present in google.com, is dubbed ANID. We also make use of other cookies like DSID, FLC, AID, TAID, and exchange_uid. Other Google services, such as YouTube, might utilize cookies to show you more relevant advertisements.
It's conceivable that the site you’re visiting employs advertising cookies. When it comes to the ads we present on the internet, the website you visit may use cookies named "__gads" or "__gac". These cookies are different from Google’s own website cookies; they can't be read by Google when you're on a website other than the one where they were set initially. They may be used for measuring your interactions with ads on a site and preventing the same ad from displaying to you repeatedly.
Google also uses cookies to track ad conversions, which primarily aid advertisers in determining the number of people who clicked on an ad and later visited their site. These cookies help Google and the advertiser to ascertain whether you clicked on an ad and subsequently visited the advertiser’s site. Conversion tracking cookies are not leveraged by Google for ad targeting and retain data only for a short period. A cookie named "Conversion" is allocated for this purpose and usually originates from the domains googleadservices.com or google.com (a list of domains utilized for advertising cookies can be found below this page). Certain other cookies may also be employed for measuring conversion events, like those from DoubleClick and Google Analytics.
We also use cookies like "AID", "DSID", and "TAID" to synchronize your activity across multiple devices if you’re signed into your Google Account on a different device. We do this to coordinate the ads you see across devices and to track conversion events. These cookies may be housed in google.com/ads, google.com/ads/measurement, or googleadservices.com. If you prefer that the ads you encounter are not coordinated across your devices, you can opt out of Ad Personalization in your ad settings.
Cookies: ga, gat
You can discover a tool to block the gathering and use of data by Google Analytics Cookies by following this link: https://tools.google.com/dlpage/gaoptout?hl=en opt-out or opt-out
Learn more about https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=en Analytics cookies and privacy >.
Social networking and sharing cookies:
Purpose: these cookies enable users to share pages and content via third-party social networks and to determine the advertising that will be displayed on these networks. Social networks are capable of recognizing you if you click on sharing buttons on our site, even if you didn’t use these buttons during your visit to our site. Such application buttons can allow social networks to monitor your browsing activity on our site simply because your account is active on your device (session open) while you navigate our website. We recommend you review the privacy policies of these social networks to understand the utilization of browsing information they may gather through these application buttons – particularly for advertising purposes.
More information:
Facebook: https://www.facebook.com/about/privacy/cookies
Twitter: https://twitter.com/privacy?lang=en
Google: https://www.google.com/policies/technologies/cookies/
Cookies: _icl_current_admin_language, cookie_notice_accepted, _icl_current_language, wfwaf-authcookie, woocommerce_cart_hash, wp_woocommerce_session, woocommerce_items_in_cart, wp-settings, wordpress_logged_in, wordfence_verifiedHuman, wordpress_test_cookie, wp-settings-time, 240planBAK, 240planD, wfvt, ppviewtimer
Performance and statistical cookies (audience measurement):
Purposes: These cookies gather data about how Users utilize the Site (number of visits, pages viewed, visitor activity) via the Google Analytics and Facebook analysis tools. We also employ these cookies to pinpoint and solve malfunctions of the Site, thereby enhancing it.
Cookies: hubspotutk, gat, hssc, hssrc, hstc, ga, gid, zb_admin_last_url, zb_static, zb_static_dr_currentsessiontimevisit, zb_static_dr_firsttimevisit, zb_static_dr_widgetsupdatetime, zb_stats_impression, zb_stats_impression_freemium, zb_stats_visit
Learn more about https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=en
What are your rights regarding cookies?
Pursuant to Article 82 of the Data Protection Act of January 6, 1978, internet users are informed about the handling of personal data via the use of cookies.
This charter meets the obligation to inform.
Additionally, if we use cookies that require the consent of the internet user, such consent is obtained when a Cookie banner is displayed on the website.
Until the internet user has been notified and has provided their explicit consent, these types of cookies are neither placed nor read on their device.
Consent is solicited for each category of cookie (by purpose).
The enumeration of the third-party cookie providers is presented at the time consent is procured.
The user is given the opportunity to postpone their decision and select their preferences later. Until their consent has been afforded, no cookie is installed.
The user is afforded the option to decline the installation of these cookies.
It is possible for them to retract their consent at any time and with the same ease as they granted it.
The cookies installed are given a maximum lifespan of 13 months. After such period, consent will be sought anew.
Internet users are apprised that they can deactivate cookies by adjusting their web browser settings:
If the internet user desires to remove the cookies stored on their device and configure their browser to decline cookies, they can do this via the preferences of their web browser.
Such options related to cookie navigation are typically found in the 'Options', 'Preferences', or 'Tools' menus of the web browser.
To become more acquainted with the regulations governing cookies, internet users may refer to the subsequent links:
https://www.cnil.fr/fr/cookies-et-autres-traceurs-la-cnil-publie-de-nouvelles-lignes-directrices
https://www.legifrance.gouv.fr/affichTexte.do?cidTexte=JORFTEXT000038783337
Handling of personal data after death – Right of access, rectification, erasure, and data portability
The individual concerned by processing may establish instructions regarding the management, deletion, and sharing of their personal data after their passing. These directives can be either general or specific.
An individual has the right to review, object to, amend, remove, and, in certain scenarios, transfer their personal data. The affected person has the right to revoke their consent at any time, should consent serve as the legal ground for processing.
The application must contain the concerned individual's first and last names, email or postal address, and must be signed and submitted alongside valid identification.
An individual subjected to a procedure has the right to file a complaint with the supervisory authority (CNIL): https://www.cnil.fr/fr/webform/adresser-une-plainte
