Personal data protection declaration
APIZEE intends to make control of your data and respect for your privacy a fundamental concern that is a part of our values of trust and transparency.
In accordance with the General Data Protection Regulations (RGPD) No. 2016/679 came into effect on May 25, 2018, we are committed to applying a very strict policy of your personal data.
Our policy is bound to evolve, due to legislative and regulatory developments, and we therefore invite you to consult it regularly.
1. THE TYPE OF DATA COLLECTED
A. THE DATA YOU PROVIDE:
- On our websites
To access the resources of Apizee websites and contact the commercial department, we are likely to collect your email address, your names and surnames, the name of the company on which you access our resources, your phone number, your country, and if necessary, the content of the message you send us.
- For your account/subscription
To benefit from the services as a customer, you must be registered with APIZEE, either through our websites or under a contract with you.
APIZEE collects all the personal data you provide when you check in as a customer, namely your name, first name, and if applicable postal address, phone number, email address and in some special cases your civility and your date of birth.
- For the completion of transactions
To make orders or transactions with APIZEE, you must provide your payment information (bank card number) and your name, first name, country, phone number and email address, which will be handled securely by our partner STRIPE®.
- To contact customer support
When you contact our customer support, we are likely to collect:
- Your email address if you send us an email and / or your name, first name, address and possibly the phone and email or fax if you send us a form;
- The content of the messages you send us, by email, by form or via our customer support chat. (We may also collect technical data on your internet connection and IP address in some cases, your browser, and your devices).
B. THE DATA WE AUTOMATICALLY COLLECT THROUGH YOUR USE OF OUR SERVICES
We record usage data when you access our service (or use it in any way).
APIZEE may be required to collect, store or even use the following data: IP address, user’s visitor number, displayed page statistics, conversation his or her history, browsing history, downloaded resource history, physical contact information (such as city), and any other information provided by the user (name, email address) or possible identification.
We use login credentials and cookies to improve your browsing experience and analyze how you use our services.
Information about cookies used on our website is available below in our COOKIES GESTION POLICY.
2. USING YOUR DATA
We process your personal data for the following legal purposes and based on the following legal bases:
APIZEE does not transfer data to third parties. We do not share your personal data with third parties without informing you and obtaining your consent.
3. DATA CONTROLLER
APIZEE is solely Data Controller of the personal data of its users.
APIZEE, registered at Saint-Brieuc under no.790503973, with its head office at Espace Corinne Erhel – Bâtiment W9, 4 Rue Louis de Broglie – 22300 Lannion, represented by Mr. Michel L’Hostis, in his capacity as Managing Director, is Data Controller of the data it collects.
4. DATA RECIPIENTS
The Personal Data collected is intended for APIZEE, Data Controller. Only those involved in data processing for one of the above purposes will be able to access your data only for this purpose.
Are likely to have access to some of your data:
- Subcontractors – data processors
They provide services on our behalf, including:
- Execution of services and benefits,
- Management of solicitations and requests,
- Personalizing contents,
- Completion of maintenance operations and technical developments,
- Securing online payments and fighting fraud,
- Collection customer reviews,
- Providing analytical solutions or audience measurement statistics.
Our subcontractors’ access to your data is based on signed contracts that mention their obligations to protect data security and confidentiality.
- Social networking platforms
The use of social networks to interact with our sites and applications (including Facebook’s “share” buttons, Twitter) is likely to lead to data exchanges. For example, if you are connected to the Facebook social network and you visit a page on the site, Facebook may collect that information. Somilarly, if you view an article on the site and click the “tweeter” button, Twitter will collect this information. We invite you to consult the personal data management policies of the various social networks to learn about the collections and treatments they carry out on your data.
- Our business partners
They promote products or services for their own account or for that of advertisers. We draw your attention to the fact that if you decide to subscribe to the products or services of our business partners and you let them access some of your information, including by connecting to their sites or applications, their privacy policies and their cookie filings are against you. We have no control over the collection or processing of your data implemented by our trading partners on their own platform.
- Police authorities, judicial or administrative authorities
When we have a legal obligation to do so or to guarantee the rights, property, and security of APIZEE.
The data may also be transferred to public bodies and institutions in case of legal obligation (for example, at the request of tax authorities or judicial authorities).
5. IS THE DATA TRANSFERRED OUTSIDE THE EUROPEAN UNION?
A transfer of personal data to organizations outside the European Union (designated by “third countries”) may therefore occur (a) that such a transfer is necessary to use a feature and to carry out the delivery, (b) as required by law, (c) or that you have given your consent. In this case, we ensure that this transfer is carried out in accordance with personal data transfer legislation and that a sufficient level of protection of your personal data is guaranteed.
6. RETENTION PERIODS
Your personal data is retained as long as it remains necessary to carry out contractual and legal obligations. When data is no longer necessary for the performance of contractual obligations, it is regularly erased or anonymized, except where commercial or tax legal obligations require further processing involving an extended shelf life.
The length of time your personal data is stored varies depending on the purpose of collecting it:
7. YOUR RIGHTS
In accordance with the regulations on personal data, including Law 78-17 of 6 January 1978, amended by Act No. 2002-801 of 6 August 2004, known as the Computer and Freedoms Act, and the European Data Protection Regulation No. 2016/670, known as “RGPD”, you have the following rights regarding your personal data:
- ACCESS: it is your right to get confirmation whether your data is being processed, and if so, to access that data (under the terms of art. 15 RGPD);
- RECTIFICATION: this is your right to get your inaccurate data corrected as soon as possible, and your incomplete data to be completed. You can also, at any time, change personal data (under the conditions of art. 16 RGPD);
- ERASURE: this is your right to obtain, as soon as possible, the erasure of your data, except those that are necessary for APIZEE in accordance with the instructions of heading 6 (under the conditions of art. 17 RGPD);
- LIMITATION: it is your right to obtain treatment limitation when you object to it, when you question the accuracy of your data, when you think its processing is illegal, or when you need it for the recognition, exercise or defence of your rights in court (under the conditions of s. 18 RGPD);
- OPPOSITION: it is your right to object at any time to the processing of your data by APIZEE, when it is necessary for the legitimate interests of APIZEE. You may object to the treatment done for prospecting purposes (under the conditions of art. 21 RGPD);
- Where the processing of your personal data is based on consent that you have granted, you have the right to withdraw your consent at any time, without the legality of the consent-based treatment made prior to that withdrawal being impaired (under the terms ofArticles 6, 1, a), and 7 RGPD);
- PORTABILITY: it is your right to receive your data in a structured, commonly used, machine-readable and interoperable format, and to pass it on to another processing manager without us obstructing it (under the conditions of art. 20 RGPD).
Finally, you also have the following rights:
- Right to be informed within one month of the measures taken following a request (under the conditions of art. 12 RGPD);
- Right to be informed of acts of rectification, erasure, or limitation (under the conditions of art. 19 RGPD);
- Right to be informed as soon as possible in the event of a data breach that could pose a high risk to rights or freedoms (under the conditions of art. 34 RGPD);
- If you are challenging the conditions for collecting and processing your personal data, you also have the right to lodge a claim with the regulator (www.cnil.fr);
- You can also provide instructions on how to store, erase and disclose your data after your death. In the absence of direction from you, you are informed that your heirs have the right to object to the continuation of the processing of your personal data or to have them updated.
The exercise of your rights with APIZEE must be carried out by contacting APIZEE at the contact details below.
8. DATA PROTECTION
- By email: email@example.com
- By using this online form: https://www.apizee.com/contact-us/
- By sending a letter to: APIZEE – Data Protection – Espace Corinne Erhel – Bâtiment W9, 4 Rue Louis de Broglie – 22300 Lannion
You must justify your identity and provide the context in which you provided us with your Personal Character Data (the date of the claim and/or reason).
9. DATA SECURITY
As a Data Controller or Data Processor for our customers, we implement appropriate technical and organizational measures inaccordance with applicable legal provisions to protect your personal data from tampering, accidental or unlawful loss, unauthorized use, disclosure, or access, including:
- The appointment of a data protection delegate;
- Monitoring our security of information systems;
- Awareness of the confidentiality requirements of our employees who must access your personal data;
- Securing access to our premises and IT platforms;
- Implementing a company’s general IT security policy;
- Securing access, sharing and data transfer;
- The high level of data protection requirements when selecting our subcontractors and partners.
Our protection measures include firewalls, organisational measures (such as an ID/password system, physical protection, etc.).
In addition, when you transmit information about your credit card during a transaction,an SSL (Secure Socket Layer) encryption technology helps to secure your exchanges. Our STRIPE® transaction management partner is a PCI DSS (Payment Card Industry Data Security Standard) data security standard applicable to the payment card industry. This PCI DSS standard aims to reduce online fraud.