I. Introduction
This privacy policy describes www.advanceparis.com's privacy practices. This privacy policy applies solely to personal data collected by this website and sets out the general conditions for the processing of personal data. It informs you of the following:
- What personally identifiable information is collected from you through the website, how it is used and with whom it may be shared.
- The choices available to you regarding the use of your data.
- The security procedures in place to protect the misuse of your information.
- how you can correct any inaccuracies in the information.
Advance Paris is committed to complying with the applicable regulatory and legal requirements in which we operate and when we collect, use, store and process personal data. As an ongoing activity, we reserve the right to revise and amend the provisions of this policy at any time in order to protect personal data with the assurance of the data subject's right. Customers are invited to consult this policy from time to time.
In the context of our newsletter and taking into account the agreement on the processing of personal data ( DPA ), we entrust the custody, protection and management of data in connection with the newsletter to Sendinblue.
II. What information is collected?
We may collect your personal or non-personal data, directly or indirectly. Personal data refers to any information relating to a natural person who is identified or identifiable, directly or indirectly, by an identifier or by one or more factors specific to his or her identity. This may include, for example, a surname, first name, e-mail address, location, identity card number, IP address, photo, payment details, audio sources, the network you use, etc...
We undertake not to include so-called "sensitive" personal data within the meaning of Article 9 of the GDPR in the mailing lists uploaded to the platform.
The persons concerned by the collection of data are any individual whose email address is included in the distribution list, whose information is stored or collected via our services or the persons to whom we send emails or with whom we engage or communicate via the services and more specifically customers and prospects.
Network Studio does not collect or process "sensitive" data such as ethnic origin, political opinions or beliefs, trade union membership, etc...
Network Studio does not retain documents that may contain personal data beyond their minimum legal retention period:
- Commercial correspondence
- Contract with a supplier or customer
- Quotation, purchase order, invoice
- Hosted customer data
III. Purpose of processing
We will use your information to respond to you, depending on the reason you contacted us. Unless you ask us not to, we may contact you by e-mail in the future to inform you of our special offers, new products or services, or changes to this privacy policy. The following is a non-exhaustive list of the main purposes for which we collect and store personal data:
- register to use the site ;
- buy products, browse, use, subscribe to Advance Paris newsletters via the website; - discover the points of sale;
- visit Advance Paris' various social media platforms and create user-generated content on these platforms (such as likes, comments, discussions, private messages, user requests, etc.) ;
- submission of surveys and/or event questionnaires (e.g. via web forms on the website) and participation in sales promotions;
- registration for product warranties and maintenance services ;
- requests for customer service or assistance on the site;
- Storage of contact listings;
- Sending messages by email or SMS, whether automated or not (including order tracking, order confirmation, newsletters);
- Storage and analysis of email deliverability data;
- Retargeting display;
- Collection of consents;
- Analysis of email recipient behavior (tracking of open rates, click-through rates and bounce rates at individual level);
IV. How is the information collected?
We only have access to the information you voluntarily give us by e-mail or other direct contact. We will not sell or rent this information to anyone.
V. Cookies
A cookie is a small file stored by a server on a user's terminal (computer, telephone, etc.) and associated with a web domain (i.e. in most cases, with all the pages of a single website). This file is automatically sent back when the user contacts the same domain again. We use cookies to facilitate anonymous analysis of site traffic, including tracking the time and date of visits, pages viewed and referring URLs. There are simple ways of refusing all cookies or accepting them whenever they are offered. Consult your browser's help files to find out how to modify cookie settings or delete cookie files.
VI. Social networking
In the context of the activities we offer you on various social networks such as Instagram, Twitter or Facebook, it is your responsibility to examine the privacy and security rules established by the latter, as well as their terms of use.
VII. How do we keep and protect
Information collected ?
We take precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline.
Sendinblue provides a data protection agreement to meet the adequacy and security requirements of the Data Protection Directive issued by the European Parliament and the Council of the European Union, as well as the General Data Protection Regulation (GDPR).
Sendinblue undertakes to take all necessary precautions, in view of the nature of the personal data and the risks presented by the processing, to protect the security of Personal Data and, in particular, to prevent it from being distorted, damaged or accessed by unauthorized third parties.
In this context, Sendinblue undertakes to implement all appropriate technical and organizational security and confidentiality measures. Sendinblue undertakes to notify the Data Controller of any personal data breach, within a maximum of 72 hours of becoming aware of it, in particular to enable the Data Controller to comply with the obligation set out in Article 33 of the RGPD. This notification will be accompanied by any useful documentation to enable the Data Controller, if necessary, to notify this breach to the competent supervisory authority.
Whenever we collect sensitive information (such as credit card details), it is encrypted and transmitted to us securely. You can check this by looking for the closed padlock icon at the bottom of your web browser, or by looking for "https" at the beginning of the web page address.
While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) have access to your personally identifiable information. The computers/servers on which we store personally identifiable information are kept in a secure environment.
We respect your privacy, and ensuring the security of your personal information is an important part of our job. Any personal information you provide is strictly for ordering purposes and is not loaned or sold to anyone for any reason.
As part of its IT expertise/coaching and web design services, Network Studio undertakes to use only tools that comply with the General Regulation on the Protection of Personal Data and to encourage its Customers to comply with this regulation.
In the context of its IT hosting services (housing, managed virtual machine hosting, shared hosting, messaging, etc.), Network Studio refrains from accessing or exploiting its customers' data, in particular connection logs and email content, except at the express and motivated request of the Customer or legal authorities, or in the context of incident management. All Network Studio and customer data is stored exclusively in France. Network Studio ensures the logical security of its own hosting infrastructure in compliance with the state of the art in computer security.
Any incident affecting data confidentiality (unauthorized access, loss, disclosure or alteration of data) is reported to the customer as soon as possible.
Databank France ensures the security of the datacenter where Network Studio's hardware infrastructure is installed in Paris, as well as the telecommunications infrastructure under its responsibility. The Databank Customer Privacy Statement can be downloaded at the following URL: https://www.databank.com/privacy/. Network Studio will not change the location of data without prior notice to the Customer.
VIII. Recipients of personal data
Personal data is only communicated to employees who need to know it in order to provide our services, and these employees are aware of the instructions and undertake to process the data only in strict compliance with them and for no other purpose.
Sendinblue undertakes to keep a register with a list of the processing carried out on behalf of the Data Controller, including all the information listed in Article 30 of the RGPD.
In order to provide the service, Sendinblue may have recourse to subcontractors who will have access to/process the personal data entrusted to them. A list of the relevant subcontractors is available at https://bit.ly/subcontactors-SIB-FR-int. The subcontractor is required to comply with the obligations of the DPA. It is Sendinblue's responsibility to ensure that the subsequent processor presents sufficient guarantees regarding the implementation of appropriate technical and organizational measures so that the processing meets the requirements of the RGPD. Sendinblue remains fully liable to the data controller for the subsequent processor's performance of its obligations.
In accordance with the legal provisions of the General Regulation on the Protection of Personal Data, Network Studio only collects and processes the personal data of its stakeholders necessary for its activity. This includes only contact details collected and stored for business development purposes or for the administration of services sold.
We will not share your information with third parties outside our organization, except as necessary to fulfill your request, for example to ship an order.
IX. Retention period of personal data
The duration of data processing under the DPA corresponds to the duration of the contractual relationship between Sendinblue and Advance Paris, in accordance with Sendinblue's GTC.
At any time during the performance of the services, the data controller may access or delete the personal data processed by Sendinblue directly from its account. At the end of the contractual relationship, at the choice of the data controller, Sendinblue undertakes to destroy all personal data, or to return them to the data controller or to a third party. 4 another subcontractor designated by it, if this is technically feasible and within a maximum period of 3 months. The return will be accompanied by the destruction of existing copies in Sendinblue's information systems, unless applicable law requires their retention. Sendinblue undertakes to provide the data controller, upon request, with proof of such destruction.
Advance Paris is solely responsible for managing data retention periods. Sendinblue is only responsible for deleting data at the end of the contractual relationship.
Network Studio does not retain documents that may contain personal data beyond their minimum legal retention period:
- Commercial correspondence: 3 years from the end of the commercial relationship
- Contract with a supplier or customer: 5 years from the date of expiry of the document
- Quotations, purchase orders, invoices: 10 years from year-end.
- Hosted customer data: at the end of the service
- Connection logs: 1 year
X. User rights: right to refuse collection, right to access, rectify and delete data
You may choose not to be contacted by us at any time. You can do this at any time by contacting us at the e-mail address or telephone number shown on our website:
- See what data we hold about you, if any.
- Modify/correct the data we hold about you.
- Ask us to delete all the data we hold about you.
- Express any concerns about our use of your data.
Sendinblue undertakes to process data only for the purposes of performing the services, to process personal data in accordance with the instructions of the controller. If Sendinblue considers that an instruction constitutes a breach of the GDPR, it will inform us immediately.
XI. Right to withdraw consent and time limits for ceasing data processing
As part of our data processing activities based on your consent, you have the right to withdraw your consent at any time. This can be done by using the link available at the end of each e-mail sent to you, or by contacting us at the following e-mail address: info@advanceparis.com. Please note that withdrawing your consent may prevent us from responding to your requests or providing you with our services.
XII. Right to provide instructions about your Collected Information
It is possible to provide us with instructions on what to do with your personal information in the event of your death.
XIII. Your rights as a subject
If you wish to exercise your rights as described above, or for any contact related to the protection of privacy, please contact Advance Paris S.A.S. by sending your request to Advance Paris S.A.S., 13 rue du Coq gaulois, 77170 Brie Comte Robert, France or by sending an e-mail to info@advanceparis.com.
XIV. Children's privacy
We do not knowingly collect personal information from children under the age of thirteen (13), as our products and services are not intended for them. If it is brought to our attention that we have collected or received information from a child under the age of thirteen (13), we will delete that information.
XV. Changes to the Privacy Policy
The website reserves the right to modify this privacy policy at any time. If a modification is made to the present personal data protection clause, the website undertakes to publish the new version on its site. The website will also inform users of the change by e-mail, at least 15 days before the effective date. If the user does not agree with the terms of the new wording of the personal data protection clause, he/she may delete his/her account.
XVI. Data controller
Advance Paris S.A.S. 13 Rue du Coq gaulois, 77170 Brie Comte Robert, France is the data controller and the party responsible for processing the information collected.
XVII. Contact us
If you have any questions about our privacy policy, please call +33(0)160 185 900 or email info@advanceparis.com.
- Advance Paris
- 13 Rue du Coq gaulois - 77170 Brie Comte Robert - France
- Website: www.advanceparis.com
- Tel: +33 1 60 18 59 00
- Fax: + 33 1 60 18 58 95
- E-Mail: info@advanceparis.com
- Company headquarters: Paris
- Paris Commercial Court
- RCS Paris 504 534 140 000 26
- Intracommunity VAT number: FR76 504 534 140
- Hosting Tel: 04 66 59 56 64
- data protection officer (newsletter): dpo@sendinblue.com