GDPR

Protection of personal data

Collection of personal data

The personal data collected on this site are as follows:
- Account opening
When creating the account of the user with the provider, his name, first name, email address, phone.
- Login and profile
During the connection of the user, are collected, in particular, its connection data, usage.
- Payment
As part of the payment of the products and services offered, the service provider requests information relating to the bank account or the credit card of the user.
- Communication
When the site is used to communicate with the provider's staff, the user's communication data may be recorded in the conversation.

Use of personal data

Personal data collected from users is intended to provide the services of the Platform improve them and maintain a secure environment. Specifically, the uses are as follows:
– access and use of the Platform by the user;
– operation management and optimization of the Platform;
– organization of the conditions of use of the Payment Services;
– verification, identification and authentication of the data transmitted by the user;
– implementation of a user assistance;
– prevention and detection of fraud, malware and security incident management;
– management of any disputes with users;
– sending commercial information.

Sharing personal data with a third party

Personal data may be shared with third-party companies in the following cases:
– when the user uses the payment services, for the implementation of these services, the service provider is in contact with third-party banking and financial companies with which it has contracted;
– when the user authorizes the website of a third party to access his data;
– when the provider uses the services of other providers to provide user support, advertising and payment services. These service providers have limited access to the user's data, in connection with the performance of these services, and have a contractual obligation to use them in accordance with the provisions of the applicable regulations regarding the protection of personal data staff;
– if required by law, the service provider may transmit data to respond to claims against him and comply with administrative and judicial procedures;
– if the service provider is involved in a merger, acquisition, asset transfer or insolvency proceeding, it may be required to assign or share all or part of its assets, including personal data. In this case, users would be informed before the personal data are transferred to a third party.

Security and confidentiality

The service provider implements organizational, technical, software and physical security measures for the protection of personal data against unauthorized alteration, destruction and access. However, it should be noted that the Internet is not a completely secure environment and the provider cannot guarantee the security of the transmission or storage of information on the internet.

Implementation of user rights

In application of the regulations applicable to personal data, users have the following rights:
– they can request the deletion of their account;
– they can exercise their right of access, to know the personal data concerning them;
– if the personal data held by the provider are inaccurate, they may request the updating of the information;
– users may request the deletion of their personal data, in accordance with applicable data protection laws;
– they can exercise their right to portability on personal data provided by the person and processed on the basis of his consent or performance of a contract.

The implementation of these rights can be carried out by writing to the following email address (rgpd64 @ solidpepper.com), or by mail to the following address (SOLIDPEPPER, Alliance Residence, 3 rue du Pont de l'Aveugle 64600 Anglet).

Prior to the implementation of these rights, the service provider may request proof of the user's identity in order to verify its accuracy.

Data retention period

Your personal data is only kept for the period necessary to satisfy the different purposes defined above, except in cases where the law allows or requires them to be kept longer. Below you will find details of the most frequent storage times at SOLIDPEPPER:

- Throughout the duration of the contract and for 3 years after the end of the business relationship for the personal data collected. (CNIL)
- 5 years for contracts and commercial correspondence. (Art L110-4 of the code of consumption)
- 10 years for supporting documents (invoices ...). (Art L123-22 of the Consumer Code)
- If you are a prospect without a contractual and / or commercial established relationship, during 3 years from their collection or last request (CNIL).
- As part of an application for a position, your data may be retained for a period of two years after receipt of your application.
- Finally, the connection information collected for the purposes of monitoring the visit route, monitoring of connection data (frequencies, dates), audience measurements, and behavior analysis will be kept 3 years after any inactivity of the user. (CNIL)

Cookies

Our cookie policy
This policy on the use of cookies is intended to be transparent and clear about how we use your information. Our policy states how and when we use cookies on our website. . The user has the option to disable cookies from his browser settings. If you refuse to save cookies to your hard drive, some browsing features may be corrupted. Thus, SOLIDPEPPER declines any responsibility concerning the degraded functioning of our Internet site in the event of refusal on your part of the insertion of the cookies necessary to an appropriate navigation. What is a cookie?
A cookie is a small text file placed on your hard drive by a web page server. Cookies contain information that can then be read by the web server of the domain that issued the cookie. All the cookies we use are used everywhere on the site. We collect your information with Google Analytics and Zoho via forms.

ORIGIN NAME GOAL EXPIRYN
Google-Analytics
_ga This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in every page request of a site and used to calculate visitor, session and campaign data for site analysis reports. By default, it is set to expire after 2 years, although this is customizable by website owners. The main purpose of this cookie is the performance. 2 Years
_gat This cookie is used to limit the rate of requests, thus limiting the collection of data on sites with high traffic. The main purpose of this cookie is the performance. 10 minutes
_gid This cookie records a unique identifier used to generate statistical data on how the visitor uses the site. The main purpose of this cookie is the performance. 24 hours
Microsoft ASP,NET_SessionId This cookie stores a unique identifier for your session End of session
Zoho
8fa6dbc102 This cookie is used to identify the users connected to the site End of session
JSESSIONID This cookie is used to maintain an anonymous user session by the server. End of session
LS_CSRF_TOKEN This cookie is used to identify trusted web traffic. End of session
solidpepper-_zldp These cookies are used for the features of the site's live chat. 2 Years
solidpepper-_zldt These cookies are used for the features of the site's live chat. 24 hours
solidpepper-nextrecon These cookies are used for the features of the site's live chat. 24 hours
jQuery CookieBar Plugin cb-enabled Show accept cookie bar. 1 year


Information collected with Google Analytics:
We use your information to better define our marketing strategy, but this is not systematic or mandatory. Indeed, you can visit our website without active cookies.

Information collected with Zoho:
We may use this information to contact you if our solution interests you, but this information is not essential and you can totally visit the entire site without responding to any form.

Cookies issued on our Site by third parties:
The issuance and use of Cookies by third parties is subject to the privacy policies of these third parties.

Evolution of this clause

The service provider reserves the right to make any changes to this clause relating to the protection of personal data at any time. If a modification is made to this clause of protection of personal data, the provider undertakes to publish the new version on its website. The service provider will also inform users of the change. If the user does not agree with the terms of the redrafting of the personal data protection clause, he has the option to delete his account.