Confidentiality

Personal data – Website management 

The website activities on https://www.communicationqualite.fr/ involve the processing of personal data.

What does this privacy policy cover?

This policy informs you about the features of this processing and your rights regarding your personal data.

This privacy policy is drafted in accordance with French Law No. 78-17 of 6 January 1978 (known as the « Data Protection Act » or « LIL ») and Regulation (EU) 2016/679, the General Data Protection Regulation (« GDPR »).

Who is responsible for this policy? 

The data controller is Communication Qualité, represented by its legal representative Guillaume PATERNOT.
The contact email address is: guillaumepaternot@outlook.com

Who is this policy for? 

This policy applies to site users: internet users browsing the site.

It also applies to:

-people who subscribe to the newsletter (newsletters)
-people who create an account on the site
-people who contact us through the site's contact form
-people who post reviews and comments on our site
-people who book appointments with us through an e-calendar
-people we list on the site as partners

Purposes (what the collected data are used for)?

The purpose of the processing is website management. 

This processing enables:

- managing newsletter subscriptions (newsletters)
- managing information requests through the contact form
- managing reviews and comments posted on the site
- managing appointments (e-calendar)
- listing partner people on the site 

Legal basis for the processing

The legal bases for the processing are as follows:

- for managing newsletter subscriptions (newsletters), the legal basis is the subscriber's consent
- for managing information requests through the contact form, the legal basis is legitimate interest (enabling online communication) or the performance of pre-contractual measures (providing quotes at people's request)
- for managing reviews and comments posted on the site, the legal basis is the consent of the data subjects
- for listing partner people on the site, the legal basis is the consent of those people.

Data retention period

The data subject to processing are kept for no longer than is necessary for the purposes for which they are collected (the principle of data minimization).

The maximum retention periods are as follows: 

- for managing newsletter subscriptions (newsletters): the email address is kept until the data subject unsubscribes
- for managing information requests through the contact form: 3 years from the request
- for managing reviews and comments posted on the site: 5 years from publication
- for listing partner people on the site: 5 years from publication

Processed data

The data controller processes the following categories of data:

- Civil status, identity, identification data, images (last name, first name, address, photograph, date and place of birth, etc.)
- Connection data (IP addresses, logs, device identifiers, login identifiers, timestamp information, etc.)

Whether data collection is mandatory or optional

The collected data are mandatory to achieve the processing purposes.

Sources of the data

The data are provided directly by the data subject.

Recipients of the data

The collected personal data are reserved for the use of the data controller. No personal data are transferred by the data controller to recipients.

What security measures are in place?

The data controller implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk. 

The data controller takes measures to ensure that any natural person acting under the authority of the data controller or under that of the processor, who has access to personal data, does not process them except on instructions from the data controller, unless required to do so.

The following specific security measures have been taken:

The website is hosted by Framer.

Whether or not data are transferred to a country outside the European Union and associated safeguards

The data controller transfers personal data outside the European Union.

The data controller undertakes to ensure that these transfers are carried out:

-to countries offering an adequate level of protection within the meaning of the European data protection authorities or with appropriate safeguards under Article 46 of the GDPR or
-in compliance with Article 49 of the GDPR.​

Automated decision-making 

The processing does not involve fully automated decision-making.

What happens to personal data after death - Right of access, rectification, erasure, and data portability.

The data subject may set out instructions regarding the retention, erasure, and disclosure of their personal data after death. These instructions may be general or specific.

The data subject also has the right to access, object to, rectify, erase, and, under certain conditions, port their personal data. The data subject has the right to withdraw consent at any time if consent is the legal basis for the processing.

The request must state the data subject's first and last name, email or postal address, and must be signed and accompanied by valid proof of identity.

These rights may be exercised by contacting:

Communication Qualité
257 rue saint martin, 75003 Paris
+33 6 85 00 67 53
guillaume.paternot@communicationqualite.fr

Complaint

The data subject has the right to lodge a complaint with the supervisory authority (CNIL) : https://www.cnil.fr/fr/webform/adresser-une-plainte