GDPR – Data Protection
1 – Purpose
We only collect the professional data necessary for the marketing and design of our web solutions.
We do not allow ourselves any other use of this data. In particular, the data collected is not shared or resold.
We do not collect indirect data (e.g. purchase of databases, Internet of Things or Big Data).
2 - Legal capacity
Our services are only intended for individuals of legal age, holding a professional position, within a legal entity (company, administration or association for example).
In particular, we verify this capacity through the existence and proper functioning of a professional e-mail address such as firstname.lastname@example.org.
3 - Consent
In order for your professional data to be collected within our information systems, you must have given us prior authorization, by formally accepting our RGPD conditions, when filling in:
- a subscription form for one of our newsletters,
- a test form for one of our web solutions,
- a subscription form to one of our web solutions,
- a contact form,
- an affiliate form,
- a partnership form.
These data collections are independent. For example, you can test one of our web solutions without subscribing to one of our newsletters.
You may revoke any of these consents at any time by sending an e-mail, unsubscribing to one of our newsletters or by using our contact form for this purpose.
4 - Cookies
You can disable these cookies in your browser. Then, our websites and web applications may no longer function optimally.
We do not use any tools to track our users such as Google Analytics or Matomo.
We do not use online video solutions that track users such as youtube.com.
You can verify that we do not use trackers on our websites by installing the Ghostery browser extension.
You will then obtain the following result:
5 - Sensitive data
WebZenitude does not collect any sensitive data:
- racial or ethnic origins,
- political opinions,
- religious or philosophical convictions,
- trade union membership,
- physical or mental health,
- sexual life or orientation,
- genetic data,
- biometric data.
6 - Processing of sensitive data
6 – A – Applications developed by WebZenitude
No fields or tables within the databases of our web solutions are provided for the collection of this sensitive data.
However, some fields in some tables in the databases of our solutions may be misused to record this kind of data. “Additional information” fields for example.
In order to protect our customers from such an illegal practice of our solutions by their users, we provide powerful search functions for administrators and data protection officers.
Ultimately, since our solutions are initially provided without any data, it is up to our customers to ensure that their users comply with the laws concerning sensitive data.
6 – B – Open Source applications used by WebZenitude
WebZenitude strictly selects the Open Source solutions it uses. One of the selection criteria is respect for privacy.
We constantly check that the GDPR is taken into account from the design and during the implementation of these applications.
Our customers can also do the same at any time, as the code for these applications is public.
Ultimately, since these Open Source solutions are initially hosted or integrated without any data, it is up to our customers to ensure that their users comply with the laws concerning sensitive data.
7 - WebZenitude data retention
WebZenitude only stores the professional data necessary to:
- design its web solutions (for example, customer requests for corrections or improvements),
- market its web solutions (for example, requests for information, exchanges of e-mails, business letters or contracts),
- ensure and prove the proper performance of its contractual obligations.
Our data are reviewed on a monthly basis (accounts, decision-makers, deals, for example) and are then cleaned of all unnecessary or outdated information.
8 - Customer data retention
Our customers’ data is stored on servers and in databases of which they are the only users.
This data is their property. Our responsibility is to keep this data until it is returned and/or migrated to another solution or until the end of our contractual commitments.
As soon as the subscription to one of our web solutions ends, the dedicated server and database and their backups are deleted.
As a result, WebZenitude no longer has any way to retrieve and provide the customer with new access to this data.
9 - Data security
WebZenitude only collects and processes professional data that are necessary for the purpose described in Article 1 above.
We do not manage personal data outside the strict minimum, i.e. the first name and last name of our contacts.
This is why the security of personal data does not require additional protection to the already very comprehensive protection of the professional data of WebZenitude and its customers.
All our IT security measures can be consulted on our dedicated page Security of our information systems.
10 - Data rights
As indicated in Article 1 above, we do not collect data other than professional data.
However, at any time, you can use our contact form to:
- access your personal data (this should be limited to your first and last names),
- request the rectification of these data (change of name following a marriage for example),
- object to any use or storage of your personal data,
- request that your personal data be deleted from our information systems,
- limit the use of your personal data.
You can contact the competent authority to enforce these rights. In France, it is the CNIL.
11 - Exercise of your rights
You can exercise your rights at any time by simply using our contact form.
A process is in place to ensure that your request is processed within 48 business hours.
All requests are answered.
We are committed to providing you with sincere, serious and, of course, law-abiding answers.
12 - Sharing of responsibilities
12 – A – WebZenitude’s Responsibilities – Container
We take care of the RGPD obligations of design and maintenance (privacy by design, privacy by default, documentation for example) of our web applications (the container).
We answer to any request (information or rectification for example) concerning our web applications (within the limit of the container and excluding the content).
12 – B – Responsibility of our customers – Content
It is the responsibility of our customers to answer to any request (information or rectification for example) concerning the data they enter in our applications (the content).
Our customers’ data are their property and we will forward to them, within 48 hours, any request that may be sent to us so that they are able to answer it within the legal deadlines.
13 - Data location
Our internal data are located in France.
Our customers’ data can be located, at their choice, at :
- London (United Kingdom),
- Amsterdam (Netherlands),
- Frankfurt (Germany),
- Helsinki (Finland),
- San Jose (United States),
- Chicago (United States),
- or Singapore.
Our customers are therefore able to choose to store their data in an “adequate” country, within the meaning of the GDPR, i.e. a country granting protection equivalent to that of the European Community countries.
14 - Metadata
Update Date : September 11, 2019
Version : 003
15 - Additional information
You can obtain this information by using our contact form.
We guarantee you fast and accurate answers.
35 chemin des Bourguignons
88160 - Le Thillot
SAS with a capital of 5.000 €
RCS Epinal : 813 629 060 00019
N° TVA : FR 47 813 629 060