IRIS Interactive processes personal data (hereinafter the “Personal Data)” concerning you in the context of the use of this website (hereinafter the “Site”).
As data controller, we respect privacy and protect the personal data of users of our Site.
This policy aims to inform you of the methods of collection, processing and use of Your Personal Data and of your rights in terms of protection of personal data with regard to the applicable provisions in this matter, in particular Law 78-17. of January 6, 1978 relating to data processing, files and freedoms known as "Data processing and freedoms" in its latest version and with the RGPD (General Data Protection Regulation) in application since May 25, 2018.
Article 1 - Scope of this personal data protection policy
This Policy sets out the principles and guidelines for the protection of Your Personal Data, which includes Personal Data collected on - or through - the Site.
IRIS Interactive collects Personal Data (online, including by e-mail, or offline); this policy applies regardless of the method of collection or processing.
The notion of Personal Data refers to any information relating to an identified or identifiable natural person. A person is “identifiable” when he can be identified, directly or indirectly, in particular by reference to an identification number or to one or more elements which are specific to him.
“Non-Personal Data” corresponds to information that does not allow a person to be identified.
Article 2 - Places of storage of Personal Data
All Personal Data is stored exclusively in France, by our web hosting provider:
OVH SAS: 2 rue Kellermann - BP 80157 59053 ROUBAIX CEDEX 1
Article 3 - Data controller
The person responsible for processing Your Personal Data is:
4 Rue du PNDF
Pensio digital city
43000 Le Puy-en-Velay
Certain technical services are entrusted to our service providers. In accordance with Article 28 of the RGPD, this service provider is bound by a strict confidentiality clause which prohibits any use of the data entrusted to it not provided for in the service contract and which requires it to implement technical measures and that meet the requirements of security and protection of personal data.
Article 4 - Data collected
Personal Data may include the following:
Name of your organization / company
And any other Personal Data that may be relevant for the purposes set out below.
Note for visitors and users of the Site: certain functions and characteristics of the Site can only be used if You provide IRIS Interactive with certain Personal Data when You visit or use the Site. You are free to provide or not, all or part of Your Personal Data.
However, if You choose not to provide them, such a decision could prevent the achievement or satisfactory achievement of the objectives described below, certain services and certain features of the Site may not function properly and / or You will be refused the access to certain pages of the Site.
Cookies and other trackers
Cookies can be permanent (and remain after Your disconnection from the Site in order to be used during Your subsequent visits to the Site) or temporary (and disappear as soon as You disconnect from the Site).
- allowing a service to recognize Your equipment, so You will not have to provide the same information several times in order to perform the same task;
- recognizing the username and password You have already provided so that You do not have to re-enter them on each web page that requests them.
- measure the number of users of the services, thus making them easier to use and ensuring their ability to respond quickly to Your requests;
- help IRIS Interactive understand how users interact with the services in order to improve them.
IRIS Interactive may also use the services of third-party providers for the purposes of performing the services on its behalf and in particular for:
- analyze Your browsing habits and measure the audience of the Sites and Applications;
- analyze Your areas of interest and offer You targeted marketing or advertising offers;
- allow you to share the content of the Applications' Sites with other people on social networks or to let these other people know what You are watching or what You think (eg the "Like" button on Facebook)
In this case, invisible "pixels" and cookies provided by these third-party providers could be used and stored. When transmitting the information generated by these cookies, the cookie settings ensure that the IP address is made anonymous before geolocation and before storage. Our service providers will use this information for the purposes of evaluating Your use of the Site, compiling reports on Site activity for IRIS Interactive, and providing You with better services and advertising targeted to Your needs. They will not associate your IP address with any other of their data.
When you browse the Site, cookies are enabled by default and data can be read or stored locally on your hardware. You will be notified the first time You receive a cookie and You can thus decide to accept or reject it. By continuing to use the Sites, You expressly agree to IRIS Interactive's use of such cookies.
If you wish to modify or delete your information, please refer to Article 8: Your rights.
You can access your cookie management panel to configure the storage and reading of cookies.
By type of data:
- Civil status data (name, first name, postal address, etc.): 3 years max. ;
- Connection data: 3 years max. ;
- Location data = 48h;
We only keep Your Personal Data for a period of time necessary and proportionate to the purpose for which it was collected, namely for a maximum period of 3 years from the last exchange you had with us and carried out at your initiative.
Beyond the aforementioned periods, your data will be purely deleted or anonymized.
Article 5 - Purposes of the collection of personal data
As indicated above, You provide Your Personal Data on a voluntary basis.
Personal Data is generally collected for the needs of IRIS Interactive's activity such as improving IRIS Interactive's marketing and advertising efforts, better tailoring IRIS Interactive's products and services to customer needs or compliance with reporting obligations. prescribed by law, and other similar activities.
IRIS Interactive collects and uses Personal Data concerning You for the purposes of its activity and in particular for the following purposes:
We process your data in whole or in part for the purposes of:
- Respond to requests sent via contact forms.
- Contact you by email or phone.
- Send you newsletters.
Subject to applicable local legislation, by providing Your e-mail address, You expressly authorize IRIS Interactive to use it with other Personal Data useful to send You commercial or marketing messages.
IRIS Interactive may also use Your email address for administrative or other non-marketing purposes (for example, to notify You of important changes to the Site).
Article 6 - Conditions for processing and storing personal data
The "processing" of Personal Data includes in particular the use, conservation, recording, transfer, adaptation, analysis, modification, declaration, sharing and destruction of Personal Data depending on what is necessary in view of the circumstances or legal requirements.
All Personal Data collected is kept for a limited period depending on the purpose of the processing and only for the period provided for by the applicable legislation.
All Personal Data collected is stored in mainland France.
Article 7 - Links to websites not controlled by IRIS Interactive
The Site may provide links to third party websites that may be of interest to You.
IRIS Interactive has no control over the content of third party sites or the practices of these third parties in terms of the protection of Personal Data that they may collect. Consequently, IRIS Interactive declines any responsibility concerning the processing by these third parties of Your Personal Data. It is your responsibility to find out about the personal data protection policies of these third parties.
Article 8 - Transfer of personal data
Your Personal Data may be disclosed within IRIS Interactive for the purposes set out in Article 3 of this Policy.
IRIS Interactive may transfer Your Personal Data outside the European Union, provided that it ensures, before transferring it, that entities outside the European Union offer an adequate level of protection, in accordance with European legislation. force.
If IRIS Interactive learns that a third party to which IRIS Interactive has communicated Personal Data for the purposes set out in Article 3 above, is using or disclosing Personal Data without complying with this Policy or in violation of applicable law, IRIS Interactive will take any reasonable measure to prevent or terminate such use or disclosure.
You also have the right to authorize or not IRIS Interactive to use Your Personal Data for a purpose other than those for which this Personal Data was initially collected. You can object to this use by referring to Article 8 below.
IRIS Interactive may also be required to transfer Your Personal Data to third parties if IRIS Interactive considers that such a transfer is necessary for technical reasons (for example, for hosting services by a third party) or to protect its legal interests ( for example, in the event of sale of assets to a third party company, change of control or total or partial liquidation of IRIS Interactive).
In addition, IRIS Interactive may share Your Personal Data with the reseller on whom You depend or assigned to the territory in which You are located for the purposes of IRIS Interactive's activity. IRIS Interactive may also share your Personal Data with business partners when IRIS Interactive and the business partner jointly sponsor an event or jointly participate in a marketing promotion in which You engage.
IRIS Interactive may disclose Your Personal Data if required by law or if IRIS Interactive believes in good faith that such disclosure is reasonably necessary to comply with a legal process (for example, a warrant, a subpoena or any other court decision) or to protect the rights, property or personal safety of IRIS Interactive, our customers or the public.
If the applicable legislation allows it, IRIS Interactive may also share Your Personal Data with third parties in order to provide You with targeted marketing or advertising offers.
These transfers may take place via the Internet or by any other method deemed appropriate by IRIS Interactive in accordance with applicable legislation and IRIS Interactive Group's internal security policies.
Article 9 - Your rights
Your right to access and rectify your data
You have the right to access and have your personal data corrected.
You can ask us that your personal data be, depending on the case, rectified, completed if they are inaccurate, incomplete, equivocal or out of date.
Your right to have your data deleted
You can ask us to erase your personal data when one of the following reasons applies:
- the personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
- you withdraw the consent previously given;
- you object to the processing of your personal data for legitimate reasons;
- the processing of personal data does not comply with the provisions of applicable law and regulations.
Nevertheless, the exercise of this right will not be possible when the conservation of your personal data is necessary with regard to the legislation or the regulations and in particular for example for the establishment, the exercise or the defense of rights in court.
Your right to limit data processing
You can request the limitation of the processing of your personal data in the cases provided for by law and regulation.
Your right to object to data processing
You have the right to object to the processing of personal data concerning you when the processing is based on the legitimate interest of the controller.
Your right to the portability of your data
Since May 25, 2018, you will have the right to the portability of your personal data.
The data on which this right can be exercised are:
- only your personal data, which excludes anonymized personal data or data that does not concern you;
- declarative personal data as well as the personal operating data mentioned above;
- personal data which does not infringe the rights and freedoms of third parties, such as those protected by business secrecy.
This right is limited to processing based on consent or on a contract as well as personal data that you have personally generated.
This right does not include derived data or inferred data, which is personal data created by IRIS Interactive.
Your right to withdraw your consent
When the data processing that we carry out is based on your consent, you can withdraw it at any time. We then stop processing your personal data without the previous operations for which you had consented being called into question.
Your right to lodge an appeal
You have the right to lodge a complaint with the CNIL on French territory, without prejudice to any other administrative or judicial appeal.
Your right to set post-mortem guidelines
You have the possibility to define guidelines relating to the conservation, erasure and communication of your personal data after your death and this with a trusted third party, certified and responsible for ensuring that the will of the deceased is respected in accordance with the requirements of the applicable legal framework.
How to exercise your rights
All the rights listed above can be exercised:
- by post to the following address:
4 Rue du PNDF
Pensio digital city
43000 Le Puy-en-Velay
by attaching a copy of your identity card and proof of address;
- via our email address firstname.lastname@example.org. A procedure will then be sent to you in order to validate your identity.
Note: the documents sent within the framework of this procedure will be purely destroyed, and the data potentially collected during the procedure will be definitively deleted, at the end of the latter.
Also note that any requests that do not meet these guidelines will be ignored.
We undertake to respond to these requests within 1 month of receipt of the request. This period may be extended by 2 months depending on the complexity and the number of requests received, i.e. 3 months in total.
If you have an account, you can exercise Your rights of access and rectification by logging into your account.
However, with regard to the exercise of the right to information, we may not have the obligation to act on it if:
- you already have this information;
- the recording or communication of your personal data is expressly provided for by law;
- communication of information proves impossible;
- providing information would require disproportionate effort.
Article 10 - Data security and recipients
IRIS Interactive takes care to protect and secure the Personal Data that You have chosen to communicate to it, in order to ensure their confidentiality and prevent them from being distorted, damaged, destroyed or disclosed to unauthorized third parties.
IRIS Interactive has taken physical, electronic and organizational protection measures to prevent any loss, misuse, unauthorized access or dissemination, alteration or possible destruction of this Personal Data. Among these protection measures, IRIS Interactive incorporates technologies specially designed to protect Personal Data during their transfer. However, despite IRIS Interactive's efforts to protect Your Personal Data, IRIS Interactive cannot guarantee the infallibility of this protection due to inevitable risks that may arise during the transmission of Personal Data.
All Personal Data being confidential, their access is limited to IRIS Interactive employees and service providers who need it in the performance of their mission. All persons having access to Your Personal Data are bound by an obligation of confidentiality and are exposed to disciplinary measures and / or other sanctions if they do not comply with these obligations.
However, it is important that You exercise caution to prevent unauthorized access to Your Personal Data. You are responsible for the confidentiality of Your password and the information contained in Your account. Consequently, You must ensure that You close Your session in the event of shared use of the same computer or the same terminal.
Article 11 - Conflict resolution
Although IRIS Interactive has taken reasonable measures to protect Personal Data, no transmission or storage technology is completely foolproof.
However, IRIS Interactive is careful to guarantee the protection of Personal Data. If You have reason to believe that the security of Your Personal Data has been compromised or that they have been misused, You are invited to contact IRIS Interactive at the following address: dpo @ iris-interactive .Fr.
IRIS Interactive will investigate complaints regarding the use and disclosure of Personal Data and will attempt to resolve them in accordance with the principles contained in this Policy.
Unauthorized access to Personal Data or its misuse may constitute an offense under local law.
Article 12 - Contact
For any questions concerning this Policy, to no longer receive information from IRIS Interactive or for any request for rectification, addition, update or deletion of Your Personal Data, You can send an email to the address following email: email@example.com.
Article 13 - Date of entry into force and revisions of the personal data protection policy
This Policy may be updated according to IRIS Interactive's needs and circumstances or if required by law. We therefore invite you to regularly take note of the updates.
Last modification: September 17, 2021