Data Controller’s Identity
As defined in Article 4, paragraph 7 of the General Data Protection Regulation of the European Union (hereinafter “GDPR”), the company JDECHAUME, located at 1 RUE LOUIS ARMAND 95130 LE PLESSIS-BOUCHARD, is responsible for processing your personal data.
Processing of Your Personal Data
During each visit to our website, your browser automatically transfers to JDECHAUME’s server the data necessary for the services requested by you, whether during a visit to the site, the use of the offered services, or exchanges with JDECHAUME via the contact form.
By providing this information, you expressly consent to its processing by JDECHAUME.
Website and Cookies
The personal data collected by JDECHAUME refers to information about the following subjects:
- Contact information: name, first names, email address, postal address, phone number. If you engage with us on social media, we may also collect your username and profile information. These data are indicated by an asterisk (*).
- Cookies: Defined by the CNIL, a cookie is a small file stored by a server on a user’s device (computer, phone, etc.) and associated with a web domain (i.e., in most cases, all pages of the same website). This file is automatically sent back during subsequent contacts with the same domain. These cookies can be used to remember your customer ID with a merchant site, the language of the web page display, an identifier allowing tracking of your navigation for statistical purposes regarding the components of the site.
Cookies have purposes that require user consent. However, blocking cookies may prevent the correct display of certain pages, or you may receive a message from the site indicating that you need to authorize cookies to view the site.
Purpose of Processing
The personal data that users provide to JDECHAUME aims to ensure:
- The operation and improvement of the website, as well as the offered services
- The administration of contact and information requests
- The management of user rights requests regarding their data
These personal data can only be accessed by:
- Persons working within JDECHAUME, including the sales department, marketing department, and customer service
- JDECHAUME subcontractors (IT service providers or hosting providers)
- Social media platforms used by JDECHAUME: (Facebook, Twitter, LinkedIn, Instagram, etc.)
The user is invited to review the data privacy policies of these social media platforms.
Data Retention Period
Personal information is retained by JDECHAUME only for the time corresponding to the purpose of the processing as indicated above.
Here are the key figures to remember regarding the obligations of the General Data Protection Regulation (GDPR):
- User data is retained for the duration of the contractual relationship.
- 13 months: Every 13 months, visitors’ consent to the processing of cookies on the website must be requested again.
- User data is retained for a period of three years from the last contact made by the user, only if they are not considered a customer;
Cookies are retained for a maximum duration of thirteen (13) months. The configuration of each browser for managing cookies and choices is different. It is described in the browser’s help menu, which will enable the user to know how to modify their cookie preferences.
Security of Personal Data
JDECHAUME has implemented technical and organizational security measures to ensure the security of the data transmitted to it against destruction, loss, alteration, unauthorized disclosure, or access.
JDECHAUME expects the same level of security from its service providers, subcontractors, and data recipients.
Users have rights regarding their personal information:
- Right to information, i.e., confirmation whether personal data concerning the user is being processed or not and, if so, the possibility to know this data (Art. 15 of the GDPR)
- Right to rectify and/or complete data (Art. 16 of the GDPR)
- Right to restrict processing (Art. 18 of the GDPR): If the user disputes the accuracy of the data used by the organization or opposes the processing of their data, the law allows the organization to verify or examine their request for a certain period. During this period, the user has the option to request the organization to freeze the use of their data. The organization must no longer use the data but must keep it.
- Right to data portability (Art. 20 of the GDPR): The data subject has the option to retrieve part of their data in a machine-readable format.
- Right to erasure or right to be forgotten (Art. 17 of the GDPR): The data subject can ask the data controller to erase personal data concerning them, but only in the cases mentioned below:
- Consent was required when collecting sensitive data.
- The data is no longer necessary for the purposes for which it was collected.
- The person exercises their right to object “on grounds relating to their particular situation.” The data controller must now demonstrate the existence of legitimate and compelling reasons to oppose the request.
- The data has been processed unlawfully.
- The collected data relates to a minor.
- Erasure is required by a legal obligation.
Data subjects also have the possibility, for legitimate reasons, to object to the processing of data concerning them by directly writing to the Data Controller, either at the following postal address: 1 RUE LOUIS ARMAND 95130 LE PLESSIS-BOUCHARD or by email at email@example.com, accompanied by an up-to-date proof of identity.
Furthermore, if the user believes that JDECHAUME is not fulfilling its obligations regarding their Personal Information, they can lodge a complaint or a request with the competent authority: the CNIL.