Privacy Policy

Last update : 03/03/2021

This privacy policy (hereinafter referred to as the “Privacy Policy“) defines the legal framework for the collection, use and processing by JEUDIMERCI (hereinafter referred to as the “Company“), a simplified joint stock company with a capital of 20.750 euros, whose registered office is located at 8 Rue Marguerite Gonnet, 38000 Grenoble, France, registered in the Grenoble Trade and Companies Register under number 879 226 009, of the personal data of users (hereinafter referred to as the “Users“) browsing and/or using the services offered via the website https://jeudimerci.fr/ (hereinafter referred to as the “Site” and/or the “Platform“) and via the application available at https://app.jeudimerci.fr/ (hereinafter referred to as the “Application“), published by the Company. 

The personal data collected in the context of this Privacy Policy is mandatory. This information is necessary for the processing and provision of the services offered by the Company via the Site and the Application (hereinafter referred to as the “Services“). Failure to provide this information will prevent the proper functioning of the Services offered online.

The Company undertakes to comply with the applicable regulations on the protection of personal data (hereinafter referred to as the “Personal Data“), and in particular the obligations arising from the European Regulation No. 2016/679 on the protection of personal data (GDPR).

The Company collects Personal Data only in accordance with the terms of this Privacy Policy and any reasonable and legal instructions given by the User at any time.

Where the Company becomes aware of a breach of rights in relation to the processing of personal data, such breach shall be notified to the CNIL within a period of not more than seventy-two (72) hours of becoming aware of it. 

Any violation relating to the processing of the User’s personal data will be notified to the User concerned by e-mail, within one (1) month. 

 

ARTICLE 1: INFORMATION COLLECTED

1.1 Throughout the use of the Platform and the Services by the User, the Company may collect any information, directly or indirectly identifying the User, necessary for the proper functioning of the Platform (hereinafter referred to as the “Personal Data“).

At the time of his/her first connection, the User expressly consents to the processing of his/her Personal Data within the limits of a processing strictly necessary for the proper functioning of the Platform. 

 

This includes in particular :

  • Personal Data relating to the identity of the User and in particular his surname, first name, e-mail address, telephone number; 
  • Personal Data relating to browsing, collected automatically by the Company and in particular the anonymized IP address, the browser used, the browsing time, the operating system used, the language and the pages viewed;
  • Data relating to the statistics of visits to the Platform by Users and in particular traffic data and other data or communication resources used by the User; 

1.2 Personal Data may be collected directly when the User communicates them to the Company by means of the contact forms, the newsletter registration form available on the Platform and the form for reporting illicit content. 

 

ARTICLE 2: USE OF PERSONAL DATA COLLECTED

The Company uses, stores and processes Personal Data in order to supply, understand, improve and develop the Platform, to create and maintain an environment of trust with the Users and to comply with its legal obligations and in particular in order to

2.1 Development of the Platform

  • Allow Users to access/use the Platform; 
  • Allow Users to communicate with the Company’s staff;
  • Manage, protect, improve and optimize the Platform through statistics, analysis and studies;
  • To provide customer service tailored to the needs of Users;
  • To send Users support messages or messages related to the Services, updates, security alerts and notifications;
  •  In the course of fraud detection and prevention activities.

2.2 Creating and Maintaining an Environment of User Trust

  • Detect and prevent fraud, abuse, security incidents and other harmful activities;
  • Conduct security investigations and risk assessments;
  • Verify or authenticate information or credentials submitted by Users;
  • Comply with the Company’s legal obligations;
  • Resolve any disputes with Users.

2.3 To provide, customize, evaluate and improve our advertising and marketing of the Services

  • Send promotional messages, commercial and advertising information;
  • To customize, evaluate and improve the advertising of the Services. 

 

ARTICLE 3: SHARING AND DISCLOSURE OF PERSONAL DATA

3.1 The Company may disclose Users’ Personal Data to courts, governmental or law enforcement authorities, or authorized third parties, if required or permitted by law, or if such disclosure is reasonably deemed necessary: (i) to comply with the Company’s legal obligations, (ii) to comply with legal process and to pursue claims against the Company, (iii) to respond to verified requests in connection with a legal investigation or alleged or suspected illegal activity or any other activity that may expose the Company, User to legal liability.

3.2 Personal Data may be transmitted to technical service providers, for the sole purpose of the proper execution of the Services, or to its various suppliers such as payment solution providers. 

 

ARTICLE 4: PROTECTION OF PERSONAL DATA – USERS’ RIGHTS

4.1 The Personal Data communicated by the User will be destroyed at the latest six (6) months after the end of the use of the Services by the User. The Company reserves the right to keep certain data in order to justify, if necessary, the perfect execution of its contractual or legal obligations. The data thus kept will be limited to what is strictly necessary.

4.2 In all cases, Users have the right to access, rectify, modify, oppose, portability and delete their Personal Data by writing to the following address: support@jeudimerci.fr indicating their name, surname and/or company name, address of residence or registered office and e-mail.

In accordance with the regulations in force, all requests must be signed and accompanied by a photocopy of an identity document bearing the User’s signature.

In accordance with Article 48 of the European Data Protection Regulation 2016/679, the Company has not appointed a Personal Data Protection Officer (DPO).

The User will be able to retrieve his/her Personal Data in an open and readable format. The right to portability is limited to the data provided by the User concerned. It applies on the basis of the User’s prior consent. The Company undertakes to transfer, upon request, within one (1) month, any document collecting Personal Data to the User in order to implement the right to portability. The costs related to the recovery of the data are at the expense of the User making the request. 

 

ARTICLE 5: SUBCONTRACTING OF PERSONAL DATA

The Company has the right to subcontract all or part of the execution of the services in compliance with the legal provisions in force. 

The Company may also subcontract the hosting services of Personal Data on the condition that the Personal Data are processed by a hosting platform located in the European Union, which the User acknowledges and expressly accepts. 

The subcontractor will be authorized to process on behalf of the Company the Personal Data necessary to provide the services. The purposes of processing, the Personal Data processed, the categories of persons concerned are similar to those of the Company. 

The Company declares: 

  • To have delivered in writing any instructions regarding the processing of Personal Data by the subcontractor;
  • Ensure, in advance and throughout the processing, that the subcontractor complies with the obligations set forth in the European
  • Regulation on the protection of Personal Data;
  • Supervise the processing, including conducting audits and inspections of the sub-processor; 

The Company undertakes that the sub-processor will: 

  • Processes Personal Data only for the sole purpose(s) for which it is subcontracted;
  • Process the Personal Data in accordance with the Company’s instructions;
  • Guarantees the confidentiality of the Personal Data processed;
  • Has undergone the necessary training in the protection of Personal Data at the Company’s premises.
  • Guarantees the confidentiality of the Personal Data processed;
  • Has undergone the necessary training on the protection of Personal Data;
  • Take into account, with respect to its tools, products, applications or services, the principles of protection of Personal Data by design and protection of Personal Data by default;
  • Inform the Company immediately if it considers that an instruction constitutes a breach of the EU Data Protection Regulation or any other provision of EU or Member State law relating to the protection of Personal Data. 

The processor will assist the Company in fulfilling its obligation to comply with requests to exercise the rights of data subjects: right of access, rectification, erasure and objection, right to limitation of processing, right to portabilitý of Personal Data, right not to be subject to an automated individual decision.

The Company undertakes that the processor will implement:

  • Measures for pseudonymization and encryption of Personal Data;
  • Means to guarantee the confidentiality, integrity, availability and constant resilience of the processing systems and services;
  • Means to restore the availability of and access to Personal Data in a timely manner in the event of a physical or technical incident;
  • A procedure to regularly test, analyze and evaluate the effectiveness of technical and organizational measures to ensure the securitý of the processing. 

The Company declares that it receives from the processor all the documentation necessary to demonstrate compliance with the obligations and to enable and contribute to audits, including inspections, by the Company or another auditor it has commissioned. 

The Company remains solely responsible to the Users for the performance of services entrusted to a subcontractor.

 

ARTICLE 6: USE OF COOKIES

In accordance with the deliberations of the CNIL No. 2020-091 and No. 2020-092 of September 17, 2020, the Company informs, moreover, that cookies record certain information that is stored in the memory of the User’s hard drive. This information is used to generate audience statistics.

A warning message, in the form of a banner, asks the User, beforehand, if he wishes to accept cookies. 

Users who visit the home page or another page of the Platform directly from a search engine will be informed of :

  • The precise purposes of the cookies used;
  • Of the possibility to oppose these cookies and to change the parameters by clicking on a link present in the banner;
    and of the fact that the continuation of its navigation is worth agreement to the deposit of cookies on its terminal.
  • To ensure the free, informed and unequivocal consent of Users on the Platform, the banner will not disappear until they continue browsing.

Unless prior consent is given, cookies will not be deposited or read. 

 

ARTICLE 7. NEWSLETTER

Depending on the choices made by the User, he may receive the newsletter.

By checking the box provided for this purpose or by expressly agreeing to this, the User accepts that the Company may send them a newsletter that may contain information about new activities offered by the Company’s partners. 

Users will be able to unsubscribe from the newsletter by clicking on the link provided for this purpose, present in each newsletter.