Financing tomorrow’s real economy

Privacy policy

Personal data – Website management

Activities relating to the https://otentiqpm.com/ website involve the processing of personal data.

What does the privacy policy cover?

The present policy informs you of the characteristics of this processing and of your rights regarding your personal data.

This privacy policy has been drafted in accordance with Law no. 78-17 of January 6, 1978 (known as the “Loi informatique et libertés” or “LIL”) and the General Regulation on the Protection of Personal Data (“RGDP”) no. 2016/679.

Who is responsible for this policy?

The data controller is Access Solution Partners, represented by its legal representative Jean-Baptiste Bourdié.

The contact details of the data controller are as follows: 16 rue Portalis 75008 Paris.

The manager can be contacted on 06 51 32 82 89.

The contact e-mail address is: jean-baptiste.bourdie@access-asp.com

Who is this policy aimed at?

This policy is intended for users of the site: Internet users browsing the site.

It also covers :

  • Newsletter subscribers
  • Candidates who apply on the site (online recruitment)
  • Persons to whom we have entrusted technical services (hosting provider, maintenance, site security)
  • People who have access to the site’s back office for administration purposes
  • People who write or are quoted in site content
  • People who contact us using the site’s contact form
  • People who book an appointment with us from an e-calendar
  • People we list on the site as partners

Purposes (what data is collected for)

The purpose of the processing is to manage the website.

This treatment allows :

  • Newsletter subscription management
  • Online application management (online recruitment)
  • Technical management of the site (maintenance, hosting, site security)
  • Website administration
  • Managing the site’s editorial content
  • Managing inquiries via the contact form
  • Appointment management (e-calendar)
  • Referencing partners on the site

Legal basis for processing: what gives us the right to process data

The legal bases for processing are as follows:

  • To manage newsletter subscriptions, the legal basis is the subscriber’s consent.
  • For the management of online applications (online recruitment), the legal basis is the candidate’s consent.
  • For technical management of the site (maintenance, hosting, site security), the legal basis is legitimate interest.
  • For the administration of the website, the legal basis is legitimate interest
  • For the management of editorial content on the site, the legal basis is the consent of the persons whose information is published.
  • For the management of requests for information via the contact form, the legal basis is the legitimate interest (enabling online communication) or the execution of pre-contractual measures (production of quotations at the request of individuals).
  • For the referencing of partners on the site, the legal basis is the consent of these partners.

Data retention period

Data is kept for no longer than is necessary for the purposes for which it was recorded (principle of minimization of processing).

Maximum shelf lives are as follows:

  • To manage newsletter subscriptions: the e-mail address is kept until the person concerned unsubscribes.
  • For online application management (online recruitment): 2 years for unsuccessful applications
  • For technical site management (maintenance, hosting, site security): 12 months for IP addresses and connection logs
  • For website administration: as long as the persons concerned administer the site
  • For site editorial content management: 5 years from publication date
  • For the management of requests for information via the contact form: 3 years from the date of the request
  • For partner listings on the site: 5 years from publication date

Processed data

The data controller processes the following categories of data:

  • Civil status, identity, identification data, images (surname, first name, address, photograph, date and place of birth, etc.)
  • Connection data (IP addresses, logs, terminal identifiers, connection identifiers, timestamp information, etc.)
  • Professional life (CV, employment status, education, training, awards, diplomas, etc.)

Whether data collection is mandatory or optional

The data collected is mandatory for the purposes of processing.

Data sources

The data is transmitted directly by the data subject.

Data recipients

The personal data collected is reserved for the use of the data controller. No personal data is transferred by the data controller to third parties.

What safety measures are in place?

The data controller implements appropriate technical and organizational measures to guarantee a level of security appropriate to the risk.

The controller shall take steps to ensure that any natural person acting under the authority of the controller or the processor, who has access to personal data, does not process them unless instructed to do so by the controller, unless obliged to do so.

The following special safety measures have been taken:

  • All processed data is transmitted encrypted using the HTTPS protocol;
  • The various forms are protected against spam;
  • The server features anti-DDOS protection and a firewall configured specifically for WordPress ;

Whether or not data is transferred to a country outside the European Union, and associated guarantees

The data controller does not transfer any personal data outside the European Union.

Automated decision-making

The processing does not involve fully automated decision-making.

Fate of personal data after death – Right of access, rectification, deletion and portability of data

The person concerned by a processing operation can define directives concerning the conservation, deletion and communication of his or her personal data after his or her death. These directives may be general or specific.

Data subjects also have the right to access, object to, rectify, delete and, under certain conditions, port their personal data. The data subject has the right to withdraw consent at any time if consent is the legal basis for processing.

The request must indicate the first and last name, e-mail or postal address of the person concerned, and must be signed and accompanied by valid proof of identity.

To exercise these rights, please contact :

COORDINATES REFERENT RGPD HERE

Claim

The person concerned by a processing operation has the right to lodge a complaint with the supervisory authority (CNIL): https: //www.cnil.fr/fr/webform/adresser-une-plainte