- 1. Purpose
The present Privacy and Personal Data Collection Policy is an integral part of the Terms and Conditions .
- 2. Definitions
Personal data: information relating to an identified or identifiable individual; ‘identifiable individual’ means any individual who can be identified, directly or indirectly, through log-in details, such as a name, ID number, localisation data, online username, or one or several personal traits relating to his/her physical, physiological, genetic, psychological, economic, cultural or social identity.
Processing of personal data: any operation or set of operations undertaken with or without automated processes and relating to data or datasets of a personal nature – such as collecting, recording, organising, structuring, retaining, adapting, modifying, extracting, consulting, using, disclosing by transmission, dissemination or otherwise making available, aligning, interconnecting, restricting, erasing or destroying.
Cookie: a cookie is information placed on the hard drive of a web user when visiting a website, by the web server of that particular website. Cookies contain different bits of data: the name of the server that sent the cookie, a unique identifier, and sometimes an expiry date. This information can be stored in a simple text file on the visitor’s computer, to enable the server to read and save that information.
- 3. Collection of personal data
To manage this website and ensure its proper functioning, in its capacity as a data controller under Act No 78-17 of 6 January 1978 on Information Technology, Data Files and Civil Liberties, Ichwa may collect personal data of its users.
Consequently, Ichwa undertakes to comply with legislation on the protection of personal data, including declaration formalities required by Act No 78-17 of 6 January 1978 on Information Technology, Data Files and Civil Liberties, as modified.
- 4. Data processing – identity of the responsible entity
Responsibility for the collection and processing of your data is incumbent on Ichwa SARL, a company with a capital of 10,000 euros, headquartered at 8 chemin Dou Sarpout, 33610 Cestas, France, registered with the RCS (Bordeaux trade register) under No 524 255 007, and represented by its manager, Ms Assmae Tantaoui.
- 5. Recipients of personal data
Ichwa collects and processes personal data of users. This data may be shared with subcontractors whom Ichwa may call upon for the provision of services.
Ichwa does not sell or otherwise transfer personal data to third parties for business or marketing purposes.
Excluding the aforementioned cases, sharing of personal data with third parties will only be permitted in the following cases:
if users provide permission to do so;
if a request is made by legally competent authorities, a court order or in the context of a legal dispute.
- 6. Collection of personal data – type and purpose
6.1 Email addresses
The email address provided by the user for a file upload is first used to send an email to the user to confirm the publication request. As a second step, and only once the publication has been verified by our team, the email address is used to inform the user as to whether the posting of the publication has been approved or rejected.
Email addresses entered by users in the contact form are solely used to answer their messages. In no instance will these email addresses be used for other purposes or shared with third parties.
6.2 IP addresses
As soon as a user browses our website, Ichwa collects his/her/its IP address to analyse website traffic and control the user’s activity, to ensure that the user does not undertake actions in breach of the Terms and Conditions of this website.
6.3 Connection data
In accordance with Decree No 2011-219 of 25 February 2011 on the retention and communication of data identifying any person who has contributed to the creation of online content, Ichwa collects the following data:
The log-in identifier at the origin of the communication;
The identifier assigned by the information system to the content, subject of the operation;
The types of protocols used to connect to the service and transfer content;
The nature of the operation.
- 7. Use of external service providers
Ichwa relies on external service providers for the following:
Storing of personal data,
The sending of transactional emails necessary to ensure the good functioning of its services.
IIchwa has selected the service provider OVH, and for the stockage of data, has chosen web servers exclusively based in the European Union. Ichwa undertakes not to transfer data outside of the European Union.
OVH’s policy on the protection of personal data is available at the following address: https://www.ovh.co.uk/personal-data-protection/.
- 8. Duration of the retention of personal data
Ichwa retains personal data in a secure environment for the length of time necessary to fulfil the purposes for which such data was collected.
In accordance with Decree No 2011-219 of 25 February 2011 on the retention and communication of data identifying any person who has contributed to the creation of online content, all log-in data that Ichwa holds will be retained for a year.
- 9. Security of personal data
Ichwa has taken all necessary precautions to preserve the security and confidentiality of personal data and prevent such data from being distorted, damaged or disclosed to non-authorised third parties.
These measures include:
Data encryption using the HTTPS technology, to ensure secure data transmission over the entire connection channel.
In accordance with Deliberation No 2013-378 adopted by the CNIL on 5 December 2013, Ichwa informs its users that cookies record certain bits of information that are stored on each user’s hard drive. These cookies enable service provision, website navigation, web audience analytics and the sharing of website pages.
10.1 Types of cookies used
- Technical cookies:
Technical cookies exclusively enable and facilitate navigation through our website and the use of our services. Indeed, these cookies enable our website to recognise you, to flag which pages you visit and to make you feel more comfortable when navigating our website: by adjusting the presentation of the website to match your browser’s display preferences (language, screen resolution), and recording information that you have provided in online forms generated by our website.
Technical cookies also enable us to implement security measures, as outlined in the paragraph on ‘Security of personal data’.
Without these technical cookies, users cannot properly use the website and our services. Therefore, these cookies cannot be deactivated or modified, otherwise access to our website and/or services would be compromised.
- Audience measurement cookies:
Audience measurement cookies enable us to measure user interactions on different parts of our website and in relation to different content, to enhance the functionality of our website, by analysing how frequently each page is visited, and individual user statistics relating to open rates, click rates and bounce rates.
These cookies also detect website navigation issues, thereby enabling us to provide better customer service.
These cookies only produce anonymous statistics and traffic volumes, to the exclusion of any individual information.
- ‘Social media’ cookies:
We may include on our website third-party IT apps designed for content sharing, tagging or commenting. Such as the ‘Share’ and ‘Like’ buttons used by social media networks like Facebook, Twitter, LinkedIn, etc.
If you do not want social media networks to link information collected via our website to your personal social media accounts, you must log-out from those social media networks before visiting our website.
10.2 Managing consent
We participate in IAB Europe's transparency and consent framework and comply with its specifications and guidelines. To this end, we use the Consent Management Platform (CMP) from axeptio, 439 avenue du Maréchal Leclerc 34000 Montpellier - France, as a subcontractor. axeptio's CMP allows you to grant us data protection compliant consent to process your data and to revoke such consent at any time. You may also object to the processing of data based on our legitimate interest.
More information on data protection and the CMP is available on the axeptio website: https://www.axeptio.eu/en/legal-mentions.
- 11. User rights
11.1 Right to access and rectify data
Regulations provide users with a right to access and rectify their personal data. Accordingly, users can ensure the rectification, completion, updating or erasure of personal data that is erroneous, incomplete, ambiguous, has expired or was unlawfully collected, used, shared or retained.
Users also have a right to request the restriction of data processing, and to contest the processing of personal data on legitimate grounds.
11.2 The right to restrict data processing
The user also has the right to request the restriction of data processing, and to contest the processing of his/her personal data in the following cases:
During the period necessary to verify the accuracy of his/her personal data;
Where the processing is unlawful and the user opposes the erasure of his/her personal data, instead requesting the restriction of its use;
Where the data retention period has expired but the user still requires access to his/her personal data to establish, exercise or defend a legal claim;
Where processing has been limited and personal data cannot be processed, aside for storage purposes, without the person’s consent, or to establish, exercise or defend a claim, or to protect the rights of another natural or legal person, or for a reason linked to the national interest of the European Union or one of its Member States.
11.3 Right to erasure
The user has the right to obtain the erasure of personal data concerning him/her as soon as possible if the user has withdrawn consent for the processing or objects to it, where the personal data is no longer necessary in relation to the purposes of the processing, the personal data has been unlawfully processed, or where there is a legal obligation to erase the personal data, a few exceptions permitting.
11.4 Right to data portability
The user has the right to request and receive personal data concerning him/her in a structured, commonly used, machine-readable and interoperable format, and to transmit such data to another data controller without hindrance from the initial data controller.
11.5 Right to object
The user has the right to object at any time to the processing of data, if the processing is required for a task carried out in the public interest or for the legitimate interests of the data controller. The user can also object to processing undertaken for market research purposes.
The user also has the right to request the restriction of the processing, and to object to the processing of his/her personal data on legitimate grounds.
Where applicable, the user may request the portability of his/her personal data, or, if the processing was based on the user’s consent, he/she may withdraw their consent at any time.
The user can exercise his/her rights by emailing email@example.com or writing to:
France Ichwa SARL - 8 Chemin Dou Sarpout 33610 Cestas – France
The request must include a photocopy of valid ID. We remind you that excessive requests are punishable by law.
If your objection is rejected, you can file a claim with the CNIL, by referring to the following Internet address: https://www.cnil.fr/
Any modification, by Ichwa, of the present policy, will be flagged on the website.
We invite the user to regularly consult the present policy to keep abreast of any updates or modifications.
Any questions relating to the Personal Data Collection Policy of public-files.com can be sent to firstname.lastname@example.org