Welcome to https://www.etiotherapie.com (hereinafter “the site”).
The person responsible for processing your personal data is Patrick LATOUR – IFE (hereinafter “we”).
Postal address: 6 rue Dorian – 75012 PARIS
Email address: firstname.lastname@example.org
This collection of information is limited to what is necessary, in accordance with the principle of data minimization. The definitions provided to l´article 4 du RGPD are applicable herein. In the event of an update, we will not lower the level of confidentiality substantially without first informing the persons concerned.
We hereby endeavor to answer the following questions transparently: What categories of personal data do we process? For what purposes? On what legal basis? What are your rights ? How to exercise them? How long is the data kept? You will also find our commitments regarding subcontracting, transfers, communication to third parties and in the event of a security breach.
For any clarification or complaint, do not hesitate to contact us.
Warnings. If you decide to publish data relating to your private life or sensitive (political and philosophical opinions, union membership, information on your health, sexual orientation, religious beliefs, etc.) on your initiative or deduced via articles or pages open to comments on the site, you must be vigilant because it will be visible. We remind you that processing operations relating to personal data made public by the data subject are not subject to the prohibition in principle on the processing of sensitive data by law (Art. 8, II, 4° of the Data Protection Act and Liberties of 1978).
What personal data do we collect on the site ?
Registration data and information required to comment on certain pages or certain articles and access the members area for members, personal data via the contact form (last name + first name + email etc.) and also more detailed data in the framework of more complete online forms (for example: training). The site verifies that you are not a robot via reCaptcha v3 technology.
Public profile data in the context of a comment: your pseudonym chosen at the time of registration will be visible on the article in question, which you can enrich. To edit and personalize your profile, and only if you wish, you can add a profile photo, a biography, your location, your website and links to your profiles on social networks.
For what purposes is this data collected ?
The purpose of the personal data collected is to manage and process your request (in the case of the contact form), to manage your member account or to display your comment in the case of an article open to them. .
The Captcha tool protects the site against automated mass registration or contact.
How long is your data kept ?
The identifying data for comments is kept for the duration of the article or page being online and until you delete your message or the site is no longer online. In the case of a private message via the “Contact us” section, the data is kept while the request is processed and archived for two years.
Members’ data remains retained for the duration of membership.
We also have obligations to retain connection data in accordance with Decree No. 2011-219 of February 25, 2011 relating to the conservation and communication of data allowing the identification of any person who contributed to the creation of content posted online.
Beyond these periods, you are informed that the personal data we collect may be anonymized and kept for statistical purposes. Otherwise, they will be subject to permanent deletion.
What are your rights ? How to exercise them ?
If you do not wish to be identifiable through your comments, we recommend that you participate under a pseudonym, do not display your face in your profile photo, nor provide links to your personal accounts on social networks or any element that would allow you to identify you directly or indirectly.
Within the limits provided by law, you can access and obtain a copy of the data concerning you, oppose the processing of this data, have it rectified or erased. You also have the right to limit the processing of your data.
Requests to exercise your rights can be sent to the data controller by post or electronically (see contact details at the top of the page).
If you believe after contacting us that the rights to your data have not been respected, you can lodge a complaint with the CNIL.
Our commitments in terms of subcontracting, communication and data transfers
Your personal data is for internal use, it is strictly confidential and cannot be disclosed to third parties, except with express agreement or if you have decided to make it public.
In the event of communication of your personal data to a third party, regardless of its quality, we will first ensure that the latter is required to apply confidentiality conditions identical to ours.
We undertake to ensure that any subcontractor presents sufficient and appropriate contractual guarantees to respect your rights, so that the processing meets the requirements of the GDPR and to respect the dispositions of the GDPR applicable to data transfers.
Based on our legal obligations, your personal data may be disclosed in accordance with a law, a regulation or under a decision of a competent regulatory or judicial authority.
Indications in the event of a data breach
We undertake to implement all appropriate technical and organizational measures using physical and logistical security means to guarantee a level of security adapted to the risks of accidental, unauthorized or illegal access, disclosure, alteration, loss or destruction of personal data concerning you.
In the event that we become aware of illegal access to personal data concerning you, stored on our servers or those of our service providers, or of unauthorized access resulting in the realization of the risks identified above, we will commit to:
- Notify you of the incident as soon as possible if this is likely to create a high risk for your rights and freedoms;
- Examine the causes of the incident;
- Take the necessary measures within reason in order to reduce the negative effects and harm that may result from the said incident.
Under no circumstances can the commitments defined in the point above be assimilated to any recognition of fault or responsibility for the occurrence of the incident in question.