LEGAL NOTICES
In accordance with the provisions of Law No. 2004-575 of 21 June 2004 on confidence in the digital economy, users of the Furtiveo website are informed of the identity of the various parties involved in its creation and follow-up.
Site editing This site, accessible at the URL www.furtiveo.com (the "Site"), is published by FURTIVE MEDIA (RCS: 981 816 036 RCS Lille Métropole) - Registered office: 87 Rue du Fontenoy, 59100 Roubaix.
HostingThe Site is hosted by OVH SAS, located at 2 rue Kellermann - BP 80157 - 59053 Roubaix Cedex 1, (telephone contact or email: 1007).
Director of publication The Site's Publication Director is Thibaut Lemay.
DATA PROTECTION POLICY
Version dated 8 January 2024
Collecting and processing your data
SUBJECT
This Policy is established by the company FURTIVE MEDIA (hereinafter referred to as the "Data Controller"). The purpose of this Policy is to inform Users of the furtiveo.com Internet site and all its domain sub-names (hereinafter the "Site"), of the way in which data is collected and processed by the Data Controller, both when using the Site and when supplying its products and services to its Clients. This Policy is part of the Data Controller's desire to act transparently, in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the "General Data Protection Regulation"). If the User wishes to react to any of the practices described below, he/she may contact the Data Controller by writing to the address of the Company's registered office or by e-mail to the contact address info@furtiveo.com.
CONSENT
By accessing and using the Site, or when contracting with the Data Controller, the User declares that he/she has read the information described below, accepts this Policy and expressly consents to the Data Controller collecting and processing, in accordance with the methods and principles described in this Policy, his/her personal data that he/she communicates via the Site and/or when purchasing the products and/or services offered, for the purposes indicated below. The User has the right to withdraw his/her consent at any time, which automatically implies the cessation of use of the Site by the User and/or the cessation of the supply of services carried out exclusively via the Site by the Data Controller to this User who is also a Customer. Withdrawal of consent does not compromise the lawfulness of processing based on consent previously given.
DATA COLLECTED - WHAT DATA DO WE COLLECT?
By visiting and using the Site, as well as during any interactions he/she may have with the Data Controller online or via social networks, the User expressly consents to the Data Controller collecting and processing, in accordance with the methods and principles described below, the following personal data: The User's domain (detected automatically by the Controller's server), including the dynamic IP address; The User's e-mail address if the User has previously disclosed it in any way, in particular by communicating with the Controller by e-mail, etc.; The User's first name; Any information that the User voluntarily provides, including the User's first and last name, business address, mobile telephone number, billing and payment details, etc.; Any information that the User has obviously made public, such as the User's profile photo on social networks. By using the services of the Data Controller or by purchasing its products online, the User becomes a Customer within the meaning of the Company's general terms and conditions and therefore consents to the Data Controller collecting and processing the following personal data in accordance with the methods and principles described below: All data enabling the Customer to be identified for the purposes of invoicing, customer management and the proper performance of the services offered by the Company; The Customer's banking and financial data for the same purposes as those mentioned above. The Data Controller may also collect non-personal data. This data is qualified as non-personal data because it does not directly or indirectly identify a particular individual or concern legal entities. It may therefore be used for any purpose whatsoever, for example to improve the Site, the products and services offered by the Data Controller or its advertising. In the event that non-personal data is combined with personal data in such a way that it is possible to identify the persons concerned, this data will be treated as personal data until such time as it is impossible to link it to a specific individual.
Collection methods - How do we collect data?
The Data Controller collects personal data via : All data filled in manually by the User via the contact form or other data collection forms present on the Site or on other Internet pages operated by the Data Controller; The use of cookies or similar technologies; The use of data analysis tools offered by companies such as Facebook, Google or other search service providers; When the User registers for and/or participates in events, webinars, challenges and/or group coaching sessions organised by the Data Controller, whether this takes place face-to-face or online.
Purposes of processing - For what purpose(s) do we collect data?
The User's personal data is collected and processed solely for the purposes mentioned below: To ensure the management and control of the execution of the services offered and to respond to orders placed; To send promotional information on the products and services of the Data Controller for canvassing purposes; To send, where appropriate, offers of products or services on preferential terms; To send invitations to events organised by the Data Controller; To respond to questions from the User; To improve the quality of the Site and the services offered by the Data Controller; To send information about new services offered by the Data Controller; To promote and market the Site and services for the User, i.e. for direct marketing purposes; To enable better identification of the User's areas of interest; To enable invoices to be sent and purchases and/or services to be paid for; To inform the User when updates and changes are made to the Site and/or this Policy; To enable User complaints to be followed up; For any other purpose for which the User has authorised the Data Controller. The Customer's personal data is collected and processed solely for the following purposes: To ensure the correct execution of services and the follow-up of orders on behalf of the Customer; To invoice the services provided and the products sold; To maintain an excellent commercial relationship with the Customer; To respond to the Customer's questions, needs and expectations; To anticipate any requests from the Customer; To evaluate and improve the services of the Data Controller; Any other purpose for which the Customer has given his consent to the Data Controller. The Data Controller may carry out processing operations that are not yet provided for in this Policy. In this case, the Data Controller will contact the User and/or the Customer before re-using his/her personal data, in order to inform him/her of the changes and give him/her the opportunity, where applicable, to refuse such re-use.
Retention period - How long will data be kept?
The Data Controller only keeps personal data for as long as is reasonably necessary for the purposes pursued and in accordance with legal and regulatory requirements. Users who have made a request to object to processing or have exercised their right to be forgotten will have their data deleted from the Data Controller's database no later than the end of the quarter during which they made such a request to the Data Controller. The data of Users who have become inactive for a period of at least six months is also deleted from the Data Controller's database no later than the end of the quarter during which the six-month period of inactivity was reached. The personal data of a User qualified as a Customer is kept for a maximum of 2 years after the end of the contractual relationship between this User and the Data Controller. However, the Data Controller reserves the right to keep any accounting documents, such as invoices, in which personal data may appear, for a period of 10 years after they have been drawn up. In this case, the data contained in these documents will not be re-used by the Data Controller. At the end of the retention period, the Data Controller will do everything possible to ensure that the personal data has been made unavailable.
Your rights to your data
Access to and copying of data By means of a written, dated and signed request sent to the Data Controller at the address of the Company's registered office or by e-mail to info@furtiveo.com, the User may, after providing proof of his/her identity, obtain free of charge written communication or a copy of the personal data concerning him/her that has been collected. The Data Controller may charge a reasonable fee based on administrative costs for any additional copies requested by the User. Where the User submits this request electronically, the information will be provided in a commonly used electronic form, unless the User requests otherwise. The User will be sent a copy of his/her data within 30 days of receipt of the request.
Right of rectification
By means of a written, dated and signed request sent to the Data Controller at the Company's registered office or by e-mail to info@furtiveo.com, the User may, after providing proof of his/her identity, obtain free of charge, as soon as possible and at the latest within 30 days, the rectification of any personal data that is inaccurate, incomplete or irrelevant.
Right to object to processing
By means of a written, dated and signed request sent to the Data Controller at the address of the Company's registered office or by e-mail to info@furtiveo.com, the User may, at any time and after providing proof of his/her identity, oppose, without justification and free of charge, the processing of personal data concerning him/her when his/her data is collected for direct marketing purposes (including profiling). The Data Controller is obliged to respond to the User's request as soon as possible and within 30 days at the latest, and to give reasons for its response if it intends not to comply with such a request.
Right to restrict processing
By means of a written, dated and signed request sent to the Data Controller at the address of the Company's registered office or by e-mail to info@furtiveo.com, the User may, after providing proof of his/her identity, obtain a restriction on the processing of his/her personal data in the cases listed below: When the User disputes the accuracy of a piece of data and only for as long as it takes the Data Controller to check it; When the processing is unlawful and the User prefers the limitation of the processing to deletion; When, although it is no longer necessary for the purposes of the processing, the User needs it for the establishment, exercise or defence of his legal rights; During the time required to examine the validity of a request for opposition made by the User, in other words the time required for the Data Controller to check the balance of interests between the legitimate interests of the Data Controller and those of the User. The Data Controller will inform the User when the processing restriction is lifted.
Right to be forgotten
By means of a written, dated and signed request sent to the Data Controller at the address of the Company's registered office or by e-mail to info@furtiveo.com, the User may, after providing proof of his/her identity, obtain the deletion of his/her personal data, when one of the following reasons applies: The data is no longer necessary for the purposes of the processing; The User has withdrawn his/her consent to his/her data being processed and there is no other legal basis for the processing; The User objects to the processing and there is no compelling legitimate reason for the processing and/or the User exercises his/her specific right to object in relation to direct marketing (including profiling); The personal data has been processed unlawfully; The personal data must be deleted in order to comply with a legal obligation (under EU law or the law of the Member State) to which the Data Controller is subject. The Data Controller may object to the deletion of personal data in the cases provided for by the General Data Protection Regulation and by any legal regulation applicable at the time of the request for deletion of the data. The Data Controller is obliged to respond to the User's request as soon as possible and at the latest within 30 days and to give reasons for its response if it intends not to comply with such a request. The User also has the right, under the same conditions, to obtain, free of charge, the deletion or prohibition of use of any personal data concerning him or her which, given the purpose of the Processing, is incomplete or irrelevant or the recording, communication or storage of which is prohibited or which has been stored beyond the necessary and authorised period.
Right to data portability
By means of a written, dated and signed request sent to the Data Controller at the address of the Company's registered office or by e-mail and after providing proof of his/her identity, the User may at any time request to receive his/her personal data free of charge in a structured, commonly used and machine-readable format, with a view in particular to transmitting it to another Data Controller, when: the data processing is carried out using automated processes; and when the processing is based on the User's consent or on a contract concluded between the User and the Data Controller. Under the same conditions and in accordance with the same procedures, the User has the right to obtain from the Data Controller that personal data concerning him or her be transmitted directly to another Data Controller, insofar as this is technically possible.
Recipients of data and disclosure to third parties
The recipients of the data collected and processed are, in addition to the Data Controller itself, its employees or other subcontractors, its carefully selected commercial partners, located in Belgium or in the European Union, who collaborate with the Data Controller in the development of its products and the provision of its services. The Data Controller undertakes to comply with all the provisions of the European Regulation on the protection of personal data when using a processor, and in particular invites the processor to: Process the data solely for the sole purpose(s) for which it has been subcontracted; Process the data in accordance with the Data Controller's documented instructions; Guarantee the confidentiality of the personal data processed under the agreement binding it to the Data Controller; Inform the Data Controller of any personal data breach within a maximum of 48 hours of becoming aware of it; Undertake to implement various security measures appropriate to the intended purpose. In the event that the data is disclosed to third parties for direct marketing or canvassing purposes, the User will be informed in advance so that he/she can choose whether or not to accept this processing of his/her data by third parties. By means of a written, dated and signed request sent to the Data Controller at the address of the Company's registered office or by e-mail, the User may at any time oppose, free of charge, the transmission of his/her data to third parties for marketing purposes. The Data Controller complies with the legal and regulatory provisions in force and will ensure in all cases that its partners, employees, subcontractors or other third parties with access to this personal data comply with this Policy. The Data Controller reserves the right to disclose the User's personal data in the event that a law, legal proceedings or an order from a public authority makes such disclosure necessary. All transfers of data outside the European Union are made exclusively to co-contractors who comply with the provisions of the European Regulation on the Protection of Personal Data.
Cookies
The User has the option of accepting or refusing all cookies on the Site or managing individually those that he accepts or refuses. They may also consult the Data Controller's cookie management policy. If the User deactivates certain cookies, it is possible that certain parts of the Site may not be consultable and/or usable, or that they may only be partially so.
Security
The Data Controller implements the appropriate technical and organisational measures to guarantee a level of security for the processing and the data collected in relation to the risks presented by the processing and the nature of the data to be protected adapted to the risk. It takes into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing as well as the risks to the rights and freedoms of Users and Customers. The Data Controller always uses encryption technologies that are recognised as industry standards within the IT sector when transferring or receiving data on the Site or when providing its services. The Data Controller has put in place appropriate security measures to protect and prevent the loss, misuse or alteration of information received on the Site or during the provision of its services, in particular through the use of a secure server.
IN THE EVENT OF A PROBLEM
Claims and complaints
The User may lodge a complaint with the Data Protection Authority on which the Data Controller depends, i.e. the CNIL. The User may also lodge a complaint with the court of first instance in his/her place of residence.
Contact details
For any questions and/or complaints, the User may contact the Data Controller: By e-mail: info@furtiveo.com
Applicable law
Any dispute as to the validity, interpretation or execution of this Policy shall be governed by Belgian law.
Miscellaneous provisions
The Data Controller reserves the right to modify the provisions of this Policy at any time. Amendments will be published with a warning as to their entry into force.