Privacy Policy

ARTICLE 1: PREFACE

The purpose of this privacy policy is to inform users of this website of the following:

• How their personal data is collected. Personal data refers to any information which could be used to identify a user. This includes, but is not limited to: first and last name, age, postal address, email address, location, IP address.
• Their rights as concerns said personal data.
• The person responsible for processing personal data that is collected and processed.
• The recipients of said personal data.
• This website's policy as concerns cookies.

This policy is in addition to this website’s legal notices and General Terms of Use, which are available to users at the following address: https://www.code40.com /legal

ARTICLE 2: PRINCIPLES RELATING TO THE COLLECTION AND PROCESSING OF PERSONAL DATA

In accordance with Article 5 of European Regulation 2016/679, personal data shall be:

• Handled in a lawful, fair and transparent manner with regard to the person concerned.
• Collected for purposes which are specific (see Article 3.1.), explicit and legitimate, and may not be subsequently processed in a manner incompatible with said purposes.
• Appropriate, relevant and limited to what is necessary with regard to the purposes for which they are processed.
• Accurate, and, if necessary, updated. All reasonable measures must be taken to ensure that personal data that is inaccurate, with regard to the purposes for which they are processed, are deleted or corrected without delay.
• Stored in a form which permits the identification of the concerned persons for a period of time which shall not exceed that which is necessary for the purposes for which said data is processed.
• Processed in such a manner, using appropriate technical and organizational measures, to ensure the data collected is appropriately safeguarded, including protections against any unauthorized or illicit processing, theft, destruction or accidental damage.

Processing is only lawful if at least one of the following conditions is fulfilled:

• The concerned person has consented to the processing of their personal data for one or several specific purposes.
• Processing is necessary for the execution of a contract to which the concerned person is a party, or for the execution of pre-contractual measures taken at the request of said concerned person.
• Processing is necessary to comply with a legal obligation to which the data controller is subject.
• Processing is necessary to safeguard the vital interests of the concerned person or another natural person.
• Processing is necessary for the execution of a task carried out in the public interest or which arises from the exercise of a public authority with which the data controller is invested.
• Processing is necessary for the purposes of legitimate interests pursued by the data controller or by a third party, unless the interests or basic freedoms and rights of the concerned person, which require protection of personal data, prevail, in particular when the concerned person is a child.

ARTICLE 3: PERSONAL DATA COLLECTED AND PROCESSED IN THE COURSE OF USER NAVIGATION OF THE WEBSITE

Article 3.1: Data collected

The personal data collected in the course of our business activities are the following: Name, Email, Telephone

The collection and processing of this data is for the following purposes: contract management, prospect management, newsletter subscriptions.

Article 3.2: Method for collection of data

No data is collected as you navigate our website.

Your personal data is only collected when you contact us using the contact form, including the following: Name, Email, Telephone.

This data is retained by the data controller, with reasonable measures taken to ensure their safety and security, for a period of one year.

We may retain certain personal data for a longer period than the aforementioned in order to comply with legal and regulatory requirements.

Article 3.3: Data hosting

The website code40.com is hosted by CODE40 SAS, 27 rue de Boulainvilliers, 75016 Paris.

ARTICLE 4: DATA CONTROLLER AND DATA PROTECTION OFFICER

Article 4.1: Data controller

Personal data is collected directly by CODE40 SAS. The data controller can be contacted directly using the contact form found on the CODE40 website.

Article 4.2: Data protection officer

The company’s data protection officer is Denis Vaillant, CEO of CODE40. If, after having contacted us, you believe that your data protection rights are not respected, you may submit your claim to the CNIL (French National Commission on Informatics and Liberty).

ARTICLE 5: USER RIGHTS CONCERNING DATA COLLECTION AND PROCESSING

Any user whose personal data is processed may exercise the following rights, pursuant to European Regulation 2016/679 and the Data Protection Act (Law 78-17 of 6 January 1978):

• Right of access, rectification and deletion of their data (as set forth in Articles 15, 16 and 17 of the GDPR, respectively);
• Right to data portability (Article 20 of the GDPR);
• Right to the limitation of data (Article 18 of the GDPR) and to the opposition to the processing of data (Article 21 of the GDPR);
• Right to not be the subject of a decision that is based solely on an automated process;
• Right to determine the fate of their data after death;
• Right to refer the matter to the competent supervisory authority (Article 77 of the GDPR).

To exercise your rights, please contact us at CODE40, 27 rue de Boulainvilliers, 75016 Paris. In order for the data controller to process your request, you may be required to provide certain information, such as your name and email address. Please visit cnil.fr for more information about your rights.

ARTICLE 6: MODIFICATIONS TO THIS PRIVACY POLICY

The publisher of the CODE40 website reserves the right to modify this Privacy Policy at any time in order to ensure compliance with legal requirements in force. Any such changes shall have no effect on purchases made previously through the website, which remain subject to the Privacy Policy in effect at the time of purchase and accepted by the user when confirming their purchase. Users are encouraged to refer to this Privacy Policy each time they use our services, without the need for a formal reminder to do so. This policy was published on 01/06/2024.