LEGAL INFORMATION
In accordance with the provisions of law no. 2004-575 of June 21, 2004 on confidence in the digital economy, users of the Furtiveo website are informed of the identity of the various parties involved in its creation and follow-up.
Site edition The present site, accessible at the URL www.furtiveo.com (the "Site"), is published by FURTIVE MEDIA (RCS: 981 816 036 RCS Lille Métropole) - Head office: 87 Rue du Fontenoy, 59100 Roubaix.
HostingTheSite is hosted by OVH SAS, located at 2 rue Kellermann - BP 80157 - 59053 Roubaix Cedex 1, (telephone contact or e-mail: 1007).
Director of publication The Site's Director of publication is Thibaut Lemay.
DATA PROTECTION POLICY
January 8, 2024 version
Collecting and processing your data
SUBJECT
This Policy is drawn up by FURTIVE MEDIA (hereinafter referred to as the "Data Controller"). The purpose of this Policy is to inform Users of the furtiveo.com website and all its domain sub-names (hereinafter the "Site"), of the manner in which data is collected and processed by the Data Controller, both when using the Site and in the context of providing its products and services to its Customers. This Policy is part of the Data Controller's desire to act transparently, in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the "General Data Protection Regulation"). If the User wishes to react to any of the practices described below, he may contact the Data Controller by writing to the address of the Company's registered office or by e-mail to the contact address info@furtiveo.com.
CONSENT
By accessing and using the Site, or when contracting with the Data Controller, the User declares that he/she has read the information described below, accepts this Policy and expressly consents to the Data Controller collecting and processing, in accordance with the methods and principles described in this Policy, his/her personal data that he/she communicates via the Site and/or when purchasing the products and/or services offered, for the purposes indicated below. The User has the right to withdraw his consent at any time, which automatically implies the cessation of use of the Site by the User and/or the cessation of the supply of services carried out exclusively via the Site by the Data Controller to this User who is also a Customer. Withdrawal of consent does not compromise the lawfulness of processing based on consent previously given.
DATA COLLECTED - WHAT DATA DO WE COLLECT?
By visiting and using the Site, as well as during any interactions he may have with the Data Controller online or via social networks, the User expressly consents to the Data Controller collecting and processing the following personal data, in accordance with the methods and principles described below: The User's domain (automatically detected by the Controller's server), including dynamic IP address; The User's e-mail address if the User has previously disclosed it in any way, in particular by communicating with the Controller by e-mail, etc.; The User's e-mail address if the User has previously disclosed it in any way, in particular by communicating with the Controller by e-mail, etc. The User's first name; Any information that the User voluntarily provides, including his/her first and last name, business address, cell phone number, billing and payment details, etc.; Any information that the User himself/herself has manifestly made public, such as his/her profile picture on social networks. By using the services of the Data Controller or by purchasing its products online, the User becomes a Customer within the meaning of the Company's general terms and conditions, and as such consents to the Data Controller collecting and processing the following personal data in accordance with the methods and principles described below: All data enabling the Customer to be identified, for the purposes of invoicing, customer management and the proper execution of the services offered by the Company; The Customer's banking and financial data, for the same purposes as those mentioned above. The Data Controller may also collect non-personal data. Such data is considered non-personal because it does not directly or indirectly identify a specific individual, or concern legal entities. It may therefore be used for any purpose whatsoever, for example to improve the Site, the products and services offered by the Data Controller or its advertising. In the event that non-personal data is combined with personal data in such a way that it is possible to identify the persons concerned, such data will be treated as personal data until such time as it is impossible to associate it with a specific individual.
Collection methods - How do we collect data?
The Data Controller collects personal data via : All data filled in manually by the User via the contact form or other data collection forms present on the Site or on other Internet pages operated by the Data Controller; The use of cookies or similar technologies; The use of data analysis tools offered by companies such as Facebook, Google or other search service providers; By receipt of e-mails sent by the User to the Data Controller; During the sale of products or the provision of services by the Data Controller; During registration and/or participation by the User in events, webinars, challenges, and/or group coaching sessions organized by the Data Controller, whether face-to-face or online.
Purposes of processing - For what purpose(s) do we collect data?
The User's personal data is collected and processed solely for the purposes mentioned below: To ensure the management and control of the execution of the services offered and to respond to orders placed; To send promotional information on the products and services of the Data Controller for canvassing purposes; To send, where appropriate, offers of products or services on preferential terms; To send invitations to events organized by the Data Controller; To respond to questions from the User; To improve the quality of the Site and the services offered by the Data Controller; Transmit information about new services offered by the Data Controller; Promote and market the Site and services to the User, i.e. for direct marketing purposes; Enable better identification of the User's areas of interest; Enable invoices to be sent and purchases and/or services to be paid for; Inform the User when updates and changes are made to the Site and/or this Policy; Enable User complaints to be followed up; For any other purpose for which the User has authorized the Data Controller. Customer personal data is collected and processed solely for the following purposes: To ensure the proper execution of services and follow-up of orders on behalf of the Customer; To invoice for services provided and products sold; To maintain an excellent commercial relationship with the Customer; To respond to the Customer's questions, needs and expectations; To anticipate possible requests from the Customer; To evaluate and improve the services of the Data Controller; Any other purpose for which the Customer has given his consent to the Data Controller. The Data Controller may carry out processing operations that are not yet provided for in this Policy. In this case, the Data Controller will contact the User and/or Customer before re-using his/her personal data, in order to inform him/her of the changes and give him/her the opportunity, where appropriate, to refuse such re-use.
Retention period - How long will data be kept?
The Data Controller keeps personal data only for as long as is reasonably necessary for the purposes for which it is to be used and in accordance with legal and regulatory requirements. Users who have made a request to object to processing or have asserted their right to be forgotten will have their data deleted from the Data Controller's database no later than the end of the quarter during which they made such a request to the Data Controller. The data of Users who have been inactive for a period of at least six months is also deleted from the Data Controller's database at the latest at the end of the quarter in which the six-month period of inactivity was reached. The personal data of a User qualified as a Customer is kept for a maximum of 2 years after the end of the contractual relationship between the User and the Data Controller. However, the Data Controller reserves the right to keep any accounting documents, such as invoices, in which personal data may appear, for a period of 10 years after they have been drawn up. In this case, the data contained in these documents will not be reused by the Data Controller. Once the retention period has elapsed, the Data Controller makes every effort to ensure that the personal data has been made unavailable.
Your data rights
Data access and copying By means of a written, dated and signed request sent to the Data Controller at the Company's head office address or by e-mail to info@furtiveo.com, the User may, after proving his identity, obtain free of charge written communication or a copy of the personal data concerning him that has been collected. The Data Controller may charge a reasonable fee based on administrative costs for any additional copies requested by the User. Where the User submits such a request electronically, the information is provided in a commonly used electronic form, unless the User requests otherwise. A copy of the User's data will be sent to the User no later than 30 days after receipt of the request.
Right of rectification
By means of a written, dated and signed request sent to the Data Controller at the address of the Company's registered office or by e-mail to info@furtiveo.com, the User may, after proving his identity, obtain free of charge, as soon as possible and at the latest within 30 days, the rectification of his personal data which are inaccurate, incomplete or irrelevant.
Right to object to processing
By means of a written, dated and signed request sent to the Data Controller at the Company's head office address or by e-mail to info@furtiveo.com, the User may, at any time and after providing proof of his/her identity, object, without justification and free of charge, to the processing of his/her personal data when such data is collected for direct marketing purposes (including profiling). The Data Controller is obliged to respond to the User's request as soon as possible and within 30 days at the latest, and to give reasons for its response if it intends not to comply with such a request.
Right to restrict processing
By means of a written, dated and signed request sent to the Data Controller at the address of the Company's registered office or by e-mail to info@furtiveo.com, the User may, after providing proof of his identity, obtain the limitation of the processing of his personal data in the cases listed below: When the User contests the accuracy of a piece of data, and only for as long as it takes for the Data Controller to check it; When the processing is unlawful, and the User prefers the limitation of processing to deletion; When, although no longer necessary for the purposes of the processing, the User needs it for the establishment, exercise or defense of his legal rights; During the time required to examine the validity of a request for opposition made by the User, in other words the time required for the Data Controller to check the balance of interests between the legitimate interests of the Data Controller and those of the User. The Data Controller will inform the User when the processing restriction is lifted.
Right to be forgotten
By means of a written, dated and signed request sent to the Data Controller at the Company's head office address or by e-mail to info@furtiveo.com, the User may, after providing proof of his identity, obtain the deletion of personal data concerning him, when one of the following reasons applies: The data is no longer necessary for the purposes of the processing; The User has withdrawn his/her consent to his/her data being processed and there is no other legal basis for the processing; The User objects to the processing and there is no compelling legitimate reason for the processing and/or the User exercises his/her specific right to object in relation to direct marketing (including profiling); The personal data has been processed unlawfully; The personal data must be erased to comply with a legal obligation (under Union or Member State law) to which the Data Controller is subject. The Data Controller may object to the deletion of personal data in the cases provided for by the General Data Protection Regulation and by any legal norm applicable at the time of the data deletion request. The Data Controller is obliged to respond to the User's request as soon as possible and within 30 days at the latest, and to give reasons for its response if it intends not to comply with such a request. The User also has the right, under the same conditions, to obtain, free of charge, the deletion or prohibition of use of any personal data concerning him or her which, given the purpose of the processing, is incomplete or irrelevant, or the recording, communication or storage of which is prohibited, or which has been stored beyond the necessary and authorized period.
Right to data portability
By means of a written, dated and signed request sent to the Data Controller at the address of the Company's registered office or by e-mail, and after having provided proof of his/her identity, the User may at any time request to receive, free of charge, his/her personal data in a structured, commonly used and machine-readable format, with a view in particular to transmitting them to another Data Controller, when: the data processing is carried out using automated processes; and when the processing is based on the User's consent or on a contract concluded between the latter and the Data Controller. Under the same conditions and according to the same procedures, the User has the right to obtain from the Data Controller that personal data concerning him be transmitted directly to another Data Controller, insofar as this is technically possible.
Data recipients and disclosure to third parties
The recipients of the data collected and processed are, in addition to the Data Controller itself, its employees or other subcontractors, its carefully selected business partners, located in Belgium or in the European Union, who collaborate with the Data Controller in the development of its products and the provision of its services. The Data Controller undertakes to comply with all the provisions of the European Regulation on the Protection of Personal Data when using a subcontractor, and in particular invites the subcontractor to: Process data solely for the sole purpose(s) for which the data is processed; Process data in accordance with the Data Controller's documented instructions; Guarantee the confidentiality of personal data processed under the agreement binding it to the Data Controller; Inform the Data Controller of any breach of personal data within a maximum of 48 hours of becoming aware of it; Undertake to implement various security measures appropriate to the intended purpose. In the event that data is disclosed to third parties for direct marketing or canvassing purposes, the User will be informed in advance so that he/she can choose whether or not to accept this processing of his/her data by third parties. By means of a dated and signed written request sent to the Data Controller at the Company's registered office or by e-mail, the User may at any time object, free of charge, to the transmission of his/her data to third parties for marketing purposes. The Data Controller complies with the legal and regulatory provisions in force and will ensure in all cases that its partners, employees, subcontractors or other third parties with access to personal data comply with this Policy. The Data Controller reserves the right to disclose the User's personal data in the event that a law, legal proceedings or an order from a public authority makes such disclosure necessary. All data transfers outside the European Union are carried out exclusively with co-contractors who comply with the requirements of the European Data Protection Regulation.
Cookies
The User has the option of accepting or rejecting all cookies on the Site, or of managing the cookies he or she accepts or rejects individually. You may also consult the Data Controller's cookie management policy. In the event that the User disables certain cookies, it is possible that certain parts of the Site may not be consultable and/or usable, or that they may only be partially consultable and/or usable.
Security
The Data Controller implements the appropriate technical and organizational measures to guarantee a level of security for the processing and data collected that is appropriate to the risks presented by the processing and the nature of the data to be protected. It takes into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing, as well as the risks to the rights and freedoms of Users and Customers. The Data Controller always uses encryption technologies that are recognized as industry standards within the IT sector when transferring or receiving data on the Site or when providing its services. The Data Controller has implemented appropriate security measures to protect and prevent the loss, misuse or alteration of information received on the Site or during the provision of its services, in particular through the use of a secure server.
IN THE EVENT OF A PROBLEM
Claims and complaints
The User may lodge a complaint with the Data Protection Authority on which the Data Controller depends, i.e. the CNIL. The User may also lodge a complaint with the court of first instance in his place of residence.
Contact data
For any questions and/or complaints, the User may contact the Data Controller: By e-mail: info@furtiveo.com
Applicable law
Any dispute as to the validity, interpretation or execution of this Policy shall be governed by Belgian law.
Miscellaneous provisions
The Data Controller reserves the right to modify the provisions of this Policy at any time. Modifications will be published with a warning as to their entry into force.