CONFIDENTIALITY AND PERSONAL DATA PROTECTION POLICY

As part of our activity and for the purposes of our offer, we collect and process the personal data of our users (hereinafter the “Users”). This confidentiality policy that we have put in place is intended to provide Users with summary and global information on the processing of personal data carried out by Synneo.

We attach particular importance to respecting the privacy of Users and the confidentiality of their personal data, and we therefore undertake to process data in compliance with applicable laws and regulations, and in particular Law No. 78-17 of January 6, 1978 relating to data processing, files and freedoms (hereinafter the “Informatics and Freedoms Act”), and Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 relating to the protection of individuals with regard to the processing of personal data and the free movement of such data (hereinafter the “GDPR”).

The main principles of Synneo's confidentiality policy.

Privacy policies are sometimes complicated to decipher. We have done our best to make ours as clear as possible. To help you, here is a summary of how we manage your personal data in our privacy principles below.

These principles illustrate our desire to protect your privacy and manage your personal data in the best way possible.

We only request or collect the personal data we need to provide you with the services, products and experiences you expect.

We give you control over the personal data we hold about you in order to ensure that we that they are accurate and consistent with your preferences.

We ensure that your personal data is always protected.

We are transparent about how we use the personal data in our possession.

We only use your personal data for the purposes for which you left it to us.

We undertake to never sell your personal data and to only share it as indicated in our privacy policy or if you request it.

We will respect your choices and will inform you of the slightest change that would have an impact on the management of your personal data.

We take responsibility for the personal data we hold about you.

Privacy Policy.

DEFINITIONS

Personal data: constitutes personal data any information relating to an identified or identifiable natural person, that is to say who can be identified, directly or indirectly, by reference to an identification number or to one or more elements specific to it.

Processing of personal data: constitutes data processing of a personal nature any operation or set of operations relating to such data, whatever the process used, and in particular the collection, recording, organization, conservation, adaptation or modification, extraction, consultation, use, communication by transmission, diffusion or any other form of posting available, reconciliation or interconnection, as well as blocking, erasure or destruction.

Cookie: a cookie is information deposited on the hard drive of an Internet user by the server of the site he is visiting. It contains several pieces of data: the name of the server that posted it, an identifier in the form of a unique number, possibly an expiration date. This information is sometimes stored on the computer in a simple text file that a server accesses to read and save information.

CONTROLLER

The person responsible for processing the personal data referred to herein is Marie-Cécile Maréchal of the company Synneo, a simplified joint stock company with capital of 30,270,350.80 Euros, registered with the RCS of Melun under number 915 012 231 and whose head office is located 40 Impasse Madeleine Brés 77127 Lieusaint, France.

You can contact the DPO by email or post at the following addresses: dpo@synneo.fr or at SYNNEO/dpo – 40, impasse Madeleine Brès - Parc du Levant - 77127 Lieusaint, specifying “Personal rights” in the subject and attaching a copy of your proof of identity.

DATA COLLECTED

We collect User data in order to provide them with the services they expect when connecting to the site and to best perform the services for which they have chosen us.

We collect personal data that you share with us when you contact us or interact with us on our website, apps, email, phone, booths and events or otherwise.

For example, you will provide us with data when you contact our sales advisors, when you place an order, complete a survey, participate in a contest or questionnaire, update your preferences and account data…

Through these interactions , you could share with us: Your name, address, email address, telephone number and banking details. In some cases, we will need this information to be able to provide you with a product or service that you have requested; for example, we need your banking details when ordering products, and your address to deliver it to you.

The mandatory or optional nature of the data provided is indicated during collection by an asterisk.

The categories of data processed within the framework of the services are as follows:

data relating to the identity of users (surname, first name, date and place of birth, etc.);
users’ telephone number</li >
email address of users
technical identifiers of terminals used by users (address IP, browser type, etc…).

We also like to interact with you on social networks. You may use them to contact us or let others know what you think of our company. We review publicly available social media and websites to better understand what people are saying about us, our products, technologies and services and to assist customers who prefer to contact us through this channel.

Information collected on social networks and websites, including Facebook, YouTube, Twitter, Instagram, Linkedin, sometimes includes personal data posted online and publicly available. We ensure that any information used is correctly credited to its source or made anonymous.

These websites and social networks generally have their own privacy policy which explains how they use and share your personal data. You should carefully review these privacy policies before using these sites to ensure that you are happy with how your personal information is collected and shared.

In addition, certain data is collected automatically due to the User's actions on the site (see the paragraph relating to cookies).

PURPOSE

The personal data that we collect during the provision of services or services are necessary for the execution of contracts concluded with the User, or to enable us to pursue our legitimate interests while respecting the rights of the User. Certain data may also be processed on the basis of obtaining the User's consent.

Data collected during use of the site and access to the services are processed with a view to allowing access to the resources distributed on the site, the identification of users, the improvement of services, the development of audience and attendance statistics, the processing of customer requests and complaints and prospects, and the distribution of editorial content as well as marketing operations commercial prospecting.

The purposes for which we process the data are as follows:

Commercial management and accounting of the contract;
Management of activation and marketing animation;
Detection of malicious behavior (fraud, phishing, spam, etc.);
Improving the site user journey;

DATA RECIPIENTS

The personal data collected is intended for Synneo's sales, marketing and accounting departments. They may be transmitted to our subcontracting companies which we may use as part of the execution of our contracts and services.

In this context, personal data personnel may be transferred to a country that is a member or not of the European Union. We put in place guarantees ensuring the protection and security of this data, in compliance with regulations.

We do not transfer or rent personal data to third parties. for marketing purposes, without the express consent of Users.

Apart from these hypotheses, the disclosure of personal data to third parties may only take place in cases following:

Upon authorization from them ;

At the request of the legally competent authorities, upon judicial requisition, or in the context of legal litigation.

DATA RETENTION DURATION

To meet legal obligations or in order to have the necessary elements to assert our rights, we may archive the data under the conditions provided for by the regulations.

Thus, the personal data collected by Synneo relating to the identity and contact details of its Users are archived for a maximum period of 3 (three) years after the termination of contractual relations for the Client Users, or from their collection by the data controller or of the last contact from the Prospective User for data relating to the latter.

The termination of contractual relations is understood as the express termination of the contract by the User.

USER RIGHTS

In accordance with the regulations, the User benefits from the rights of access and rectification of personal data concerning him, which allow him to rectify, complete, update or delete data which is inaccurate, incomplete , equivocal, out of date or whose collection, use, communication or conservation is prohibited.

The User also benefits from the rights to request limitation of processing, and to object on grounds legitimate to the processing of his personal data. The User may also communicate instructions on the fate of their personal data in the event of death.

When applicable, the User may request portability of their data, or, when the processing has consent as its legal basis, withdraw their consent at any time.

The User can exercise their rights by sending an email to dpo@synneo.fr or by mail to :

Synneo – Privacy policy

40 Impasse Madeleine Brès

77127 Lieusaint

The User can unsubscribe from the Synneo newsletter or marketing emails by following the unsubscribe links appearing in each of these emails.

The User can, in the event of dispute, file a complaint with the CNIL whose contact details appear at the internet address http://www.cnil.fr

The User will be able to access detailed information on the use of their personal data, in particular concerning the purposes of the processing, the legal bases allowing us to process the data, their retention periods, their recipients and, where applicable, transfers thereof to a non-member country of the European Union as well as the guarantees implemented. To do this, the User can send their request by email to dpo@synneo.fr

COOKIES

Synneo sites use cookies whose purpose is to facilitate navigation on the sites, to carry out the service provided by Synneo, to measure the site's audience or to allow the sharing of pages of the site.

TYPES OF COOKIES USED

Cookies necessary for navigation on the site

These cookies are necessary for the functioning of Synneo sites. They allow the use of the main functionalities of the site.

Without these cookies, Users cannot use the site normally.

The functional cookies

These cookies allow the User experience to be personalized.

Analytical cookies

These cookies allow us to know the use and performance of the site and to improve its operation by carrying out analyzes of frequentation of information pages, by monitoring opening rates, click-through rates and bounce rates at the individual level.

Cookies share buttons

These social cookies allow users to share pages and content on third-party social networks via social share buttons.

The following statistical cookies, not subject to the collection of user consent because they comply with the guidelines and recommendations of the CNIL of September 17, 2020, are used in particular:

< td>Anonymously consolidate all pages viewed during a visit< /tr>< /tr>

Service	Cookie	Purpose	Duration of conservation	Privacy policy
Plezi	VISIT	30min	https://www.plezi.co/fr/mentions-legales/#cookietext
Plezi	VISITOR	Identify the user's browser	13 months	https://www.plezi.co/fr/mentions-legales/#cookietext

The following advertising and operational cookies, subject to the user's prior consent, may be used:

Service	Purpose	Service Policy confidentiality
Google advertising	Allows Synneo ads to be displayed on third-party sites consulted by visitors following a visit to the site synneo.fr	https://www.google.com/intl/en/policies/privacy/
LinkedIn Insight Tag	Allows personalization of editorial content on LinkedIn based on pages viewed on the site	https://www.linkedin.com/psettings/guest-controls
Plezi	Allows you to automate marketing actions, manage the publication of content and publish forms: you are asked for consent to submit forms for the collection of your personal information.	https://www.plezi.co/fr/mentions-legales/#cookietext

Cookie management

Users have the option to accept or refuse cookies on the site or to refuse them once and for all by configuring their browser.

If the User chooses to refuse all cookies, navigation accessing certain pages of the site will be reduced.

Depending on the browser used by Users, the methods for deleting cookies are as follows. following:

On the Internet Explore

Click the Tools button, then Internet Options.
Under the General tab, under Browsing History , click on Settings.
Click on the Show files button.
Select the cookies to refuse and click on delete.

On Firefox

Click on the Tools icon of the browser, select the Options menu
In the window that appears, choose “Privacy” and click on “Show cookies”
Select the cookies to refuse and click delete.

On Safari

Click on the Edit icon, select the Preferences menu.
Click on Security then on Show cookies.
Select the cookies to refuse and click on delete.

On Google Chrome

Click on the Tools icon, select the Options menu then click the Advanced options tab and access the “Confidentiality” section.< /li>
Click on the “Show cookies” button.
Select the cookies to refuse then click on delete.

Lifespan of cookies

Cookies are placed on the User's terminal to a maximum duration of 13 months from the manifestation of the User's consent.

After this period, consent will be collected again.

Security

We have taken all necessary precautions to preserve the security of personal data and, in particular, to prevent it from being distorted or damaged or from unauthorized third parties having access to it.

These measures include the following:

Multi-level firewalls,
Anti-virus of proven reputation and detection of intrusion attempts,
Encrypted data transmission using of SSL/https/VPN technology,

Moreover, access to processing by our recipient services requires authentication of people accessing the data, by means of an individual access code and password, sufficiently robust and regularly renewed.

Data passing through unsecured communication channels are subject to technical measures aimed at making this data incomprehensible to any person not authorized.

Any questions about the security of Synneo websites can be addressed to dpo@synneo.fr

CHANGES TO THE PRIVACY POLICY

We reserve the right to modify this Privacy Policy in order to comply with changes to laws and regulations in force.

Changes made will be notified via our website or by email, as far as possible, at least thirty days before their entry into force.

Contact

Any questions regarding our Privacy Policy can be sent by email to dpo@synneo.fr or by post to:

Synneo – Privacy Policy