Article 1 Preamble
– The way in which personal data are collected and processed. All data that could identify a user should be considered as personal data. These include the first name, last name, age, postal address, email address, location of the user or his IP address;
– What are the rights of users regarding this data;
– Who is responsible for the processing of personal data collected or processed;
– to whom this data is transmitted;
– Possibly, the site’s policy regarding “cookies” files.
Article 2 General principles for data collection and processing
In accordance with the provisions of Article 5 of European Regulation 2016/679, the collection and processing of site users’ data complies with the following principles:
– Lawfulness, loyalty and transparency: data can only be collected and processed with the consent of the user who owns the data. Whenever personal data are collected, the user will be informed that his / her data are being collected, and for what reasons his / her data is collected;
– Minimizing the collection and processing of data: only the data necessary for the proper execution of the objectives pursued by the site are collected;
– Retention of data reduced in time: the data are kept for a limited time, of which the user is informed. When this information can not be communicated, the user is informed of the criteria used to determine the duration of conservation;
– Integrity and confidentiality of the data collected and processed: the data controller is committed to ensuring the integrity and confidentiality of the data collected.
In order to be lawful, and in accordance with the requirements of Article 6 of the European Regulation 2016/679, the collection and processing of personal data can only take place if they comply with at least one of the conditions set out above. after listed:
– the user has expressly consented to the treatment;
– the treatment is necessary for the good performance of a contract;
– the treatment meets a legal obligation;
– The treatment is due to the need to safeguard the vital interests of the data subject or of another natural person;
– The treatment can be explained by a necessity linked to the performance of a mission of public interest or which comes under the exercise of public authority;
– The processing is the collection of personal data are necessary for donations of legitimate and private interests pursued by the controller or by a third party.
Article 3 Personal crater data collected and processed as part of site navigation
A) Collected and processed data and collection method
The personal data collected on the Biomede website are as follows:
– Civil status, identity, identification data, images (eg surname, first name, address, photograph, date and place of birth, etc.)
– Economic and financial information (eg income, financial situation, banking data, etc.)
– Connection data (eg IP addresses, logs, terminal identifiers, login credentials, time stamp information, etc.)
– Information on the use of the site: number of orders, time spent, articles viewed
– Location data (eg travel, GPS data, GSM, …)
This data is collected when the user performs one of the following operations on the site:
– Registration on the website
– Navigation on the website
– Request the backup of his data
– Purchase of a good / service on the website
– Consultation of an information article
– Subscribe to a newsletter
– Request for assistance online or by phone
– Request a quote
Moreover, during a payment on the site, it will be kept in the computer systems of the site and under reasonable conditions of safety all data collected for a period of: 1 year.
The collection and processing of data serves the following purposes:
– Creating and controlling access to customer accounts
– Creation of documents
– Achievements of formalities
– Payment tracking and billing
– Sending marketing and commercial information
– Satisfaction survey
– Customer Management
– Targeting and filtering advertisements offered to the user
– Optimization of the website
B) transmission of data to third parties
The personal data collected by the site are not transmitted to any third party, and are processed only by the site manager.
C) data hosting
The Biomede site is hosted by OVH, whose headquarters are located at the following address:
2 rue Kellermann – 59100 Roubaix – France
The host can be contacted at the following number: +33 9 72 10 10 07
The data collected and processed by the site are exclusively hosted and processed in France.
Article 4 Responsible for data processing delegated to data protection
A) the data controller
The person responsible for the processing of personal data is Ludovic Vincent. He can be contacted as follows:
The data controller can be contacted by phone at +33 6 51 93 83 36
The person responsible for data processing is responsible for determining the purposes and means used for the processing of personal data.
B) obligations of the controller rarely data
The data controller undertakes to protect the collected personal data, not to transmit it to third parties without the user having been informed and to respect the purposes for which the data was collected.
The site has an SSL certificate to ensure that information and data transfer through the site is secure.
An SSL certificate (“Secure Socket Layer” Certificate) aims to secure the data exchanged between the user and the site.
In addition, the Data Controller agrees to notify the user in the event of rectification or deletion of the data, unless this entails for it disproportionate formalities, costs and procedures.
In the event that the integrity, confidentiality or security of the user’s personal data is compromised, the controller commits to inform the user by any means.
C) the data protection officer
In addition, the user is informed that the following person has been appointed Data Protection Officer: Ludovic Vincent.
The role of the Data Protection Officer is to ensure the proper implementation of national and supranational provisions relating to the collection and processing of personal data.
It is sometimes called DPO (Data Protection Officer).
The Data Protection Officer can be reached as follows:
By phone: +33 6 51 93 83 36
By mail: firstname.lastname@example.org
Article 5 Rights of the user
In accordance with the regulations on the processing of personal data, the user has the rights listed below.
In order for the person responsible for data processing to grant his request, the user must communicate to him: his first and last name as well as his email address, and if it is relevant, his account number or personal space or ‘subscriber.
The data controller is responsible for responding to the user within a maximum of 30 (thirty) days.
A) Presentation of user rights in data collection and processing
Right of access, rectification and right of cancellation
The user can read, update, modify or request the deletion of the data concerning him, by respecting the following procedure:
The user must send an e-mail to the person in charge of the processing of personal data, specifying the subject of his request and using the contact e-mail address provided above.
If he has one, the user has the right to request the removal of his personal space by following the procedure below:
The user must send an e-mail, specifying his personal space number. The deletion request will be processed within 10 (ten) business days.
Right to data portability
The user has the right to request the portability of his personal data, held by the site, to another site, by following the procedure below:
The user must make a request for portability of his personal data to the person responsible for data processing, by sending an e-mail to the address provided above.
Right to limitation and opposition of data processing
In order to request the limitation of the processing of his data or to oppose the processing of his data, the user must follow the following procedure:
The user must make a request for limitation to the processing of his personal data with the controller, by sending an e-mail to the address provided above.
Right not to be the subject of a decision based exclusively on an automated process
In accordance with the provisions of Regulation 2016/679, the user has the right not to be the subject of a decision based exclusively on an automated process if the decision has legal effects on it or significantly affects it. similar way.
Right to determine the fate of data after death
The user is reminded that he can organize the right to be the future of his data collected and processed if he dies, in accordance with the law n ° 2016-1321 of October 7th, 2016.
Right to seize the competent supervisory authority
In the event that the data controller decides not to respond to the request of the user, and the user wishes to challenge this decision, or if he thinks that one of the his rights listed above, he has the right to refer to the CNIL (National Commission for Computing and Liberties, https://www.cnil.fr) or any competent judge.
B) Personal data of minors
In accordance with the provisions of Article 8 of European Regulation 2016/679 and the Data Protection Act, only minors aged 15 or over may consent to the processing of their personal data.
If the user is a minor under the age of 15, the consent of a legal representative will be required so that personal data can be collected and processed.
The site manager reserves the right to verify by any means that the user is older than 15 years, or that he has obtained the consent of a legal representative before browsing the site.
Article 6 Use of “cookie” files
The site may use “cookies” techniques.
A “cookie” is a small file (less than 4KB), stored by the site on the user’s hard drive, containing information about the user’s browsing habits.
These files allow him to process statistics and traffic information, facilitate navigation and improve service for the user’s convenience.
For the use of “cookie” files involving the backup and analysis of personal data, the consent of the user is necessarily requested.
This consent of the user is considered valid for a maximum duration of 13 (thirteen) months. At the end of this period, the site will request again the user’s permission to save “cookies” files on his hard drive.
Opposition of the user to the use of files “cookies by the site“
It is brought to the attention of the user that he can oppose the registration of these files “cookies”:
– Chrome: https://support.google.com/accounts/answer/61416?hl=en
– Firefox: https://support.mozilla.org/en/kb/enable-and-disable-cookies-website-preferences
– Safari: https://www.apple.com/legal/privacy/en-ww-
– Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manager-cookies
– Opera: http://www.opera.com/help/tutorials/security/cookies
In the case where the user decides to disable the “cookies” files, he can follow his navigation on the site. However, any dysfunction of the site caused by this manipulation could not be considered as being due to the editor of the site.
Description of the “cookie” files used by the site
The site manager draws the user’s attention to the fact that the following cookies are used when browsing:
In addition, the site integrates social network buttons, allowing the user to share his activity on the site. Cookies files of these social networks are therefore likely to be stored on the user’s computer when using these features.
The user’s attention is drawn to the fact that these sites have their own privacy policies and general conditions of use that may differ from the site. The site manager invites users to consult the privacy policies and general conditions of use of these sites.
The person in charge of the site reserves the right to modify it to guarantee its conformity with the law in force.