The purpose of this Privacy Policy is to allow users of the website (hereinafter "Users") to learn more about the processing of their personal data (hereinafter "Personal Data" or "Data") that may be implemented when consulting and using the website accessible at the following URL address www.ddg.fr (hereinafter the "Site").
By using the Site, the User accepts the terms of this Privacy Policy in their entirety, and therefore agrees to the collection and use of their Personal Data in the manner described herein.
Any User who disagrees with any of these terms is free to discontinue using the Site.
Cabinet Deprez Guignot et Associés (hereinafter referred to as "DDG" or the "Firm") collects Users' Personal Data, in particular through the " contact " section and the User's subscription to the "newsletter".
Data may be collected when the User :
As the party responsible for processing the User's Personal Data, the Firm does everything in its power to protect the privacy of the Site's Users, and in particular processes Personal Data in compliance with the applicable laws and regulations.
Personal Data is defined as " any information relating to an identified or identifiable natural person.
An " identifiable natural person" is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.
The term " Regulations " refers to the regulations relating to Personal Data, and in particular to Regulation n°2016/679, known as the General Data Protection Regulation, the French Data Protection Act n°78-17 of 6 January 1978 as well as Law n°2018-493 relating to personal data protection.
The Personal Data collected by the Firm are :
DDG takes into account the principles of minimisation and protection of Personal Data at the outset of processing, and of data protection by default. Accordingly, the Firm ensures that it only collects information that is relevant, adequate and limited to what is necessary for the purposes for which it is processed.
Certain Personal Data must be provided in order to benefit from certain functionalities on the Site (for example, the e-mail address in order to receive the newsletter). This information is then indicated by a "*" sign on the collection medium. In such cases, the User's refusal to provide such information could result in limiting his or her access to certain services or features offered by the Firm, particularly on the Site.
Apart from these cases, the User is free to provide or not all or part of his Personal Data.
It is important that the information provided and shared by the User is correct, both at the time of registration and at any time during the User's use of the Site.
Each User therefore undertakes to update the data and information concerning him/her. In this respect, he/she guarantees the truthfulness, accuracy and completeness of the information transmitted on the Site and will be solely responsible for any error, omission or failure to update.
DDG does not process any Personal Data qualified as "sensitive" (racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning the sex life or sexual orientation of a natural person) within the meaning of the Regulation.
The information communicated on the Site is likely to be collected and processed, as long as it allows DDG to :
DDG may also use personal data for administrative purposes or for any other purpose required by applicable law.
DDG is the sole controller and recipient of the Personal Data collected in the context of its services and on the Site.
DDG may transfer Personal Data of users of the Site to third parties only in the cases listed below:
As soon as DDG gives access to Users' Personal Data to third parties, the latter are bound by an obligation of confidentiality. In particular, DDG requires recipients of Personal Data to undertake to comply with the Regulations.
In the event that DDG uses affiliates or service providers located outside of the European Union, DDG will verify that appropriate measures have been put in place to ensure that Personal Data is afforded an adequate level of protection.
DDG retains the Personal Data communicated to it for a period of time strictly necessary to achieve the purposes for which it was collected. DDG may also keep the Data for a longer period of time in order to comply with its legal obligations.
In particular, DDG retains :
Some Data may however be kept (invoices, estimates, credit notes) for a commercially reasonable period of time, in particular for backup, archiving or audit purposes.
DGG may also retain the Data for research or statistical analysis, in which case the Data will be anonymised and may be retained without any specific time limit.
The Firm may also retain Data for a longer period of time in order to comply with its legal obligations.
In the context of newsletters, DDG will no longer contact Users who have not opened the newsletters for more than three (3) years.
The Personal Data processed by DDG are hosted by OVH (SAS with a capital of €10,069,020, registered with the CS Lille Métropole under the number 424 761 419 00045 and whose registered office is located at 2 rue Kellermann - 59100 Roubaix - France) and/or DDG's partners in order to ensure the functionality of the services, in particular for the sending and management of the newsletter
In any event, DDG has put in place appropriate technical measures to maintain the security of Personal Data.
7.1 Rights concerned
Each User of the Site has a certain number of rights, in accordance with the Regulations in force, in particular
Users' consent must be given in a clear and unambiguous manner. Therefore, DDG endeavours to provide Users with concise, transparent, understandable and easily accessible information on the conditions of the processing of Personal Data and the practices in force.
Users may withdraw their consent at any time. Thus, registered Users who no longer wish to receive communications, in particular in the form of newsletters, may unsubscribe by clicking on the link located at the bottom of each email sent by DDG. However, and in accordance with applicable law, the withdrawal of consent is only valid for the future and does not call into question the lawfulness of the processing carried out prior to this withdrawal.
These rights allow the User to receive confirmation as to whether or not their Personal Data is being processed, and the conditions of such processing. They may also access and receive a copy of the Personal Data that DDG holds about them
This right allows Users to request the correction of inaccurate information about them, by simple request to DDG, as soon as possible.
The applicable regulations provide that this right may be invoked in certain cases, in particular the following:
- the accuracy of the Personal Data is disputed;
- it can be established that the processing of the Personal Data is unlawful but the User objects to the erasure of the Personal Data and demands instead the restriction of the processing;
- when DDG no longer needs the Personal Data but the Personal Data is still necessary to the User, in particular for the establishment, exercise or defence of legal claims;
- when the User objects to the processing which would be based on the legitimate interest of the data controller, during the verification as to whether the legitimate grounds pursued by the data controller prevail over those of the data subject.
This right allows the User to request from DDG the deletion, as soon as possible, of the Personal Data, where one of the following legal grounds applies:
- The Personal Data is no longer necessary for the purposes for which it was collected or otherwise processed;
- The consent on which the processing of the Personal Data was based is withdrawn and there is no other basis for such processing;
- It can be established that the Personal Data has been processed unlawfully; and
- The Personal Data must be erased by virtue of a legal obligation.
Where processing is based on consent (including contractually expressed consent), this right to portability allows the User to request to receive Personal Data provided to DDG in a structured, commonly used, machine-readable format and to transmit such Personal Data to another controller without DDG being able to object.
Where technically possible, the User may also request that his or her Personal Data be directly transferred to another controller by DDG.
This right of objection allows the User to object to his or her Data being used by an organisation for a specific purpose, provided that he or she specifies "the reasons relating to [his or her] particular situation".
When the processing is carried out for the purpose of commercial prospecting, the User may object to the processing at any time, without giving any reason.
However, if the User's request to object does not concern commercial prospecting, the organisation may justify its refusal on the grounds that :
- there are compelling legitimate grounds for processing the data, in particular if the data is necessary for the establishment, exercise or defence of legal claims;
- the User has previously consented - the User must then withdraw that consent and not object;
- a contract binds the User to DDG;
- a legal obligation requires DDG to process the Data;
- the processing is necessary to safeguard the vital interests of the data subject or another natural person.
This right allows the User to regulate the fate of his or her Personal Data post-mortem by adopting general or specific directives, which DDG undertakes to respect. In this respect, the User may decide, in particular, that the data be transmitted to relatives or be deleted.
DDG may, however, even in the absence of a directive, give the heirs the opportunity to exercise certain rights, including the right of access, in order to enable the settlement of the deceased's estate.
If, despite the efforts made by DDG to preserve the confidentiality of the User's Personal Data, the User believes that his or her rights have not been respected, the User may at any time file a complaint with a supervisory authority, in particular the CNIL.
7.2 Exercise of the rights concerned
For any question relating to this Privacy Policy and/or to exercise the rights described above, the User may at any time, and without cost, send a request to DDG, by :
DDG undertakes to respond to the User concerned as soon as possible, and in any event within one month of receipt of the request, it being understood that this period may be extended by two months, taking into account the complexity and number of requests sent to DDG simultaneously. In this case, DDG will indicate to the User the reasons for the extension.
It is possible that DDG does not follow up on the User's request, notably for legal reasons. In this case, DDG undertakes to inform the User of the reasons for its inaction and of the possibility for the User to lodge a complaint with a supervisory authority, in particular the CNIL, and/or to lodge a legal appeal.
DDG takes care to protect and secure Personal Data to ensure its confidentiality and to prevent damage, destruction or disclosure to unauthorised third parties.
8.1. Data integrity
All Personal Data collected is stored on secure servers. Procedures to deal with any breach of personal data have been put in place.
8.2. Malicious uses
Without prejudice to the foregoing, in order to avoid any capture of Data by malicious third parties, independent of DDG, it is the responsibility of Users to exercise caution to prevent any unauthorised access to their personal data, and in particular
8.3. Spoofing/ Phishing
DDG undertakes not to solicit Users by e-mail asking them to provide personal information.
The User is invited not to respond to such solicitations and to immediately forward to DDG any request that he/she finds suspicious.
Depending on the settings of their cookies, each User accepts that the Site may store information concerning their browsing, in order to ensure the proper functioning of the Site, to draw up statistics on the number of visitors to the Site and to optimise the conditions of use and the services offered.
9.1 What is a cookie?
A cookie is a connection indicator, i.e. a small text file deposited on the terminal's hard disk when a website is consulted. It contains some data relating to the connection, in particular the name of the server concerned, most often an identifier in the form of a unique number and, possibly, an expiry date. This identifier may enable the Site to recognise the User's computer, browser, mobile or tablet on each visit. Cookies are managed by the User's internet browser.
9.2 What types of cookies are used by DDG?
Only the issuer of a cookie is likely to read or modify the information contained therein. DDG may, subject to the choices of the Users, install various cookies on their terminal allowing the recognition of the browser of your terminal during the validity period of the cookie concerned, in particular :
Functional cookies
They are used to improve the quality of navigation on the Site, in particular by saving the preferences that the user has expressed during the visit to the Site (language used, display resolution, operating system).
Cookies for audience measurement
These cookies are used by the Site to produce anonymous statistics. They allow us to recognise visitors, to count them and to identify the way in which they move around the Site when they use it. This makes it possible to improve the operation of the Site, the interest and ergonomics of the services, for example by ensuring that Users can easily find what they are looking for.
Cookie enabling third parties to provide social sharing tools
Subject to the User's acceptance, when using one of the sharing buttons on the Site, a cookie may be installed by the relevant social network in order to share the content instantly on the social network. The Site does not block cookies from these third-party sites and has no control over their installation. The User is invited to consult the cookie policy of these social networks for more information.
9.3 User's choice regarding cookies
Several possibilities are offered to allow the User to manage cookies. All settings are likely to modify Internet navigation and the conditions of access to certain services requiring the use of cookies.
The recording of a cookie on a terminal is subject to the will of the terminal User, which can be expressed at any time and free of charge depending on his or her browser software.
If the User accepts in his browser software the recording of cookies in his terminal, the cookies integrated in the pages and contents consulted may be temporarily stored in a dedicated space of his terminal and may be read by their issuer.
The User can choose to refuse cookies, partially or completely.
The User may delete all cookies or only some of them. Deleting cookies does not prevent browsing or their reinstallation during browsing. Rejecting cookies allows the User to control the cookie library of his browser at a given moment.
The technical cookies, necessary for navigation, will however be reinstalled as soon as the User visits the Site again.
It is possible that such a refusal may lead to a degraded functioning of the Site by the Internet user, or even prevent him/her from benefiting from a certain number of functionalities which may be necessary to navigate in certain areas of the Site. This is the case in particular when the content or services require the User to identify himself.
Where applicable, DDG declines all responsibility for the consequences related to the degraded functioning of its services resulting from the impossibility for it to record or consult the cookies necessary for their functioning that the User has refused or deleted.
However, DDG informs the User that certain cookies cannot be deleted insofar as they are strictly necessary for the technical functioning of the Website.
If the User wishes to modify his wishes regarding cookies, he can do so at any time on the Site and by configuring the settings of his browser:
Below, we explain how to refuse cookies, depending on your browser.
For Chrome™: https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDesktop&hl=fr
For Firefox™: https://support.mozilla.org/fr/kb/autoriser-bloquer-cookies-preferences-sites
For Internet Explorer™: https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies
For Safari™: https://support.apple.com/fr-fr/guide/safari/sfri11471/mac
Depending on such settings, browsing may be modified and access to the Site's services more or less limited. In particular, the deactivation of so-called functional cookies will alter, or even make it impossible to visit the Site.
The procedure to follow is explained below according to the browser.
Chrome
From the Chrome menu, select 'Settings'
Display the advanced settings
Go to the 'Privacy' section
Click on 'Content Settings'
In the 'Cookies' section (first section), click on 'Cookies and Site Data'
Look for the cookies you want to delete and click on 'OK'. You can also choose to delete all your cookies.
Firefox
In the Firefox menu, go to "Tools" and then "Options"
On the "Privacy" tab, click on "Show Cookies"
Find the cookies you want to delete and click on "Delete Cookies
Internet Explorer
Internet Explorer does not allow for case-by-case cookie management. To delete all your cookies:
Click on "Tools" and then on "Internet Options"
In the "General" tab, under "Browsing History", click on "Delete"
Check the "Cookies" box and then click on "Delete".
Safari
From the Safari menu, select "Preferences"
In the window that opened, go to the "Security" tab
Click on "Show Cookies"
In the window that opened, find and select the cookies you want to delete, and click "Delete".
Deactivation of third-party cookies
The User may choose to deactivate third-party cookies that are not usually necessary to take advantage of the resources available on the Internet. The procedure for refusing third-party cookies is explained below, depending on the browser.
In Chrome:
In the Chrome menu, select "Settings"
Display the advanced settings
Go to the "Privacy" section
Click on "Content settings"
In the "Cookies" section (first section), check the "Block cookies and data from third-party sites" box, and click on OK to validate the choice
Firefox
In the Firefox menu, go to "Tools" and then "Options"
On the "Privacy" tab, set the "Retention rules" menu to "Use custom settings for history".
Finally, uncheck the "Accept third-party cookies" box.
Internet Explorer
In the menu select Internet Options
Then in the "Privacy" tab and on the "Advanced" button, bring up the Advanced Privacy Settings window.
Then check the "Override automatic cookie handling" box and select "Deny" in the "Third party cookies" column.
The Site is not intended for minors under the age of 16.
However, if information is collected on a minor under the age of 18 by the Site, the minor's legal representative must give his or her prior consent and validate the communication of the data.
DDG may change its Privacy Policy from time to time. The revised Privacy Policy will be posted on the Site by the company with the latest update date.
The User is therefore required to check the Site regularly to remain informed of any changes or updates to the Firm's Privacy Policy.
Any modification will only apply to users of the Site and the Application after the modification has been made.