Data protection charter of users' personal nature
1.definition and nature of personal data
1.1 Information you give us
1.2 Information that we collect automatically when you use the donation platform
2. Purpose of this charter
3. Identity of the data collection and processing manager
4. Collection and processing of personal data
5. Recipients of the data collected and processed
6. Transfer of personal data
7. Duration of conversation of personal data
12. Access to your personal data
13. Portability of your personal data
14. Filing of a complaint before a supervisory authority
15. Communication relating to a personal data breach
17. Entry into force
1 - Definition and nature of personal data
When you use the website accessible at www.unjourdanslavietribeschild.org (as well as access to the platform), which allows us to collect funds online from contributors who use the www.helloasso.com Platform, we may ask you to provide us with personal data concerning you, designating all data that allows an individual to be identified directly or indirectly.
In this context, we collect the following data:
1.1 - Information that you communicate to us
For the proper performance of the services we offer through our site and the www.helloasso.com Platform, and in particular the payment services, we collect the following data:
information allowing your identification when opening your account or making a payment: last name, first name, e-mail address, postal address, nationality, date of birth;
information necessary to verify your identity during payment transactions when the Contributor makes a payment greater than € 2,500: copy of your identity card, proof of address;
payment information: bank card numbers, BIC and IBAN numbers in the event of SEPA direct debit;
any information you choose to communicate to us: and in particular, a profile photograph.
information allowing your identification when opening your account: last name, first name, e-mail address of the person authorized to open the account on the Platform in the name of the Organization, postal address of the registered office of the Organization;
information necessary for the authentication of the Organization when organizing a fundraiser: name, first name, e-mail address, nationality, date of birth of the legal representative of the Organization, as well as a copy of his identity card;
any information you choose to communicate to us
1.2 - Information that we collect automatically when you use our site or the www.helloasso.com Platform
When you use the www.helloasso.com Platform and for the proper performance of the services, we are also likely to collect personal data about you, automatically through the tools and services offered on the Platform.
Whether you are an Organization or a Contributor, we collect the following data:
Geolocation information: when you use certain features of the site and / or the Platform, we may collect information about your location, in particular through your IP address, the GPS of your mobile device. The majority of mobile devices allow you to control and deactivate the geolocation functions from the "settings" menu of your device;
Information on the use of the tools and functionalities of the Platform: we collect information concerning your interactions with the site and the Platform and in particular, the pages or content consulted on the Platform, the links on which you have clicked;
Connection information and relating to the equipment and devices you use to connect to the Platform: we collect device connection data when you access and use the Platform, including if you have not opened an account on our Platform, and in particular, your IP address, the dates and times of connection, data relating to the hardware and computer software used, unique identifiers, crash data, pages viewed or displayed before or after logging in to the Platform;
Information on payment transactions: date and time of payment, payment method used, payment method expiration date, payment amount.
2 - Purpose of this charter
The purpose of this charter is to inform you about the means we implement to collect and process your personal data, with the strictest respect for your rights.
We inform you on this subject that we comply, in the collection and the management of your personal data, with the law n ° 78-17 of January 6, 1978 relating to data processing, files and freedoms, in its current version, as well as the General Data Protection Regulation (hereinafter "GDPR").
3 - Identity of the data collection and processing manager
The person responsible for collecting and processing your personal data is the association un jour dans la vie tribes child registered under number W751257577, whose head office is located at 118/130 Avenue Jean Jaurès 75171 Paris Cedex 19 (referred to herein as "We").
4 - Collection and processing of personal data
Your personal data are collected and processed to meet one or more of the purposes
Manage your access to the site and the Platform and the services accessible on the site and on the Platform and their use, as well as respond to any request concerning your use of the services,
Carry out operations relating to the management and monitoring of our relations with users, Organizations or Contributors, when using our services,
Create a file of registered members, users,
Send newsletters or any informative messages relating to our news and / or any development of our Services. If you do not wish it, we give you the option to express your refusal on this subject when collecting your data;
Send advertisements, and in particular targeted advertisements. If you do not wish it, we give you the option to express your refusal on this subject when collecting your data.
Develop statistics of use and attendance of our services,
Optimize the operation and efficiency of the products and services we offer you,
Manage the management of people's opinions on products, services or content,
Comply with our legal and regulatory obligations, particularly in the fight against bank fraud. As such, we have the particular obligation to verify or authenticate your information collected during payment transactions.
We inform you, when collecting your personal data, whether certain data must be entered or if they are optional. We also tell you what are the possible consequences of a failure to respond.
5 - Recipients of the data collected and processed
The staff of our company, the services in charge of control and our subcontractors will have access to your personal data.
Your personal data is also collected by the platforms through which you use to make your donations. And are used for the same purposes and under the same conditions as those referred to in this Charter. However, he remains solely and solely responsible for complying with his legal and declaratory obligations in the context of the processing of your personal data which he carries out by himself, with his own means and for his sole needs. We are only responsible for our use of your personal data, to the exclusion of all other uses made by collection platforms.
Public bodies may also be recipients of your personal data, exclusively to meet our legal obligations, court officials, ministerial officers and bodies responsible for debt recovery.
6 - Transfer of personal data
Your personal data will not be transferred, rented or exchanged for the benefit of third parties, with the exception of the Organizations that you choose to support financially and to which we communicate the data concerning you, in connection with the execution of the financing operations.
However, you are informed that we reserve the right to communicate your fully anonymized and aggregated data to third parties, that is to say in a form that does not allow you to be identified in any way.
7 - Duration of retention of personal data
Regarding data relating to the management and monitoring of relations with the users of our services:
Your personal data will not be kept beyond the time strictly necessary to manage our relationship with you. However, the data making it possible to establish the proof of a right or a contract, to be kept for the respect of a legal obligation, will be kept for the period provided for by the law in force.
We keep your data for a maximum period of three (3) years from the collection of your data or the last contact from the user or the closure of your account on the site.
In the 3 months preceding the expiry of the retention period for personal data set at 3 years, we may contact you again so that you can inform us of your consent or not on the fact of continuing to receive information about our services.
Regarding data relating to bank cards:
Financial transactions relating to the payment of financing operations and fees via the Platforms are entrusted to a payment service provider who ensures their smooth running and security.
For the purposes of the services, this payment service provider may be required to receive your personal data relating to your bank details and in particular your bank card, IBAN or RIB numbers, which it collects and stores. in our name and on our behalf.
We do not have access to this data.
To enable you to regularly carry out financing operations for an Organization or to pay the related costs on the Platform, your data relating to your bank cards are kept for the time of your registration on the Platform and at the very least until when you complete your last transaction.
By having checked the box expressly provided for this purpose on the Platform, you give us your express consent for this storage.
The data relating to the visual cryptogram or CVV2, written on your bank card, are not stored.
If you refuse that your personal data relating to your bank card numbers be kept under the conditions specified above, we will not keep this data beyond the time necessary to allow the transaction to be carried out.
In any case, the data relating to these may be kept, for the purpose of proof in the event of a possible dispute of the transaction, in intermediate archives, for the period provided for by article L 133-24 of the Code. monetary and financial, in this case thirteen (13) months following the debit date. This period may be extended to fifteen (15) months in order to take into account the possibility of using deferred debit payment cards.
Regarding the management of opposition lists to receive from prospecting:
The information allowing your right to object to be taken into account is kept for a minimum of three (3) years from the exercise of the right to object.
Regarding audience measurement statistics:
The information stored in the users' terminal or any other element used to identify users and allowing their traceability or attendance will not be kept beyond thirteen (13) months.
Regarding the archiving of data relating to banking transactions:
At the end of the retention period of your data as specified above, we inform you that we archive your data for a period of two (2) years to meet our legal obligations, in particular in terms of the fight against bank fraud and money laundering.
8 - Security
We inform you to take all useful precautions, organizational and technical measures appropriate to preserve the security, integrity and confidentiality of your personal data and in particular, to prevent them from being distorted, damaged or that unauthorized third parties have access to them. .
9 - Accommodation
We inform you that your data is kept and stored, for the duration of its conservation on the servers of the company WIX, located in Israel.
10 - Cookies
Cookies are text files, often encrypted, stored in your browser. They are created when a user's browser loads a given website: the site sends information to the browser, which then creates a text file. Each time the user returns to the same site, the browser retrieves this file and sends it to the website's server.
We can distinguish three types of cookies, which do not have the same purposes: technical cookies, social network cookies and advertising cookies:
Technical cookies are used throughout your browsing, in order to facilitate it and to perform certain functions. A technical cookie can, for example, be used to memorize the responses entered in a form or even the user's preferences with regard to the language or presentation of a website, when such options are available.
Social media cookies can be set by social platforms to allow website designers to share their site content on such platforms. These cookies can in particular be used by social platforms to track the navigation of Internet users on the website concerned, whether or not they use these cookies.
Advertising cookies can be created not only by the website the user is browsing, but also by other websites displaying advertisements, advertisements, widgets or other elements on the displayed page. These cookies can in particular be used to carry out targeted advertising, that is to say advertising determined according to the user's navigation.
We use technical cookies. These are stored in your browser for a period of thirteen (13) months.
We use social media cookies. These cookies are only deposited if you give your consent. You can find out about their nature, accept them or refuse them.
We also invite you to consult the privacy protection policies of the social platforms at the origin of these cookies, to learn about the purposes of use of the navigation information that they can collect thanks to these cookies and the terms and conditions. to exercise your rights with these platforms.
We also use advertising cookies. These cookies are only deposited if you give your consent. You have the option of deactivating these cookies in the settings of your web browser.
We use Google Analytics, which is a statistical audience analysis tool that generates cookies to measure the number of visits to the site, the number of page views and visitor activity. Your IP address is also collected to determine the city from which you are connecting. The retention period of this cookie is mentioned in article 7 (v) of this charter.
We remind you for all useful purposes that you can oppose the deposit of technical cookies and cookies generated by Google Analytics, by configuring your browser. Such a refusal could however prevent the proper functioning of the Platform.
11 - Consent
When you choose to communicate your personal data for the purposes of performing the services we offer through our site, you expressly give your consent for the collection and processing of these in accordance with what is stated to this charter and to the legislation in force.
12 - Access to your personal data
In accordance with the law n ° 78-17 of January 6, 1978 relating to data processing, files and freedoms, as well as RGPD, you have the right to access your data (article 15 of the RGPD) to obtain it. communication and, where applicable, obtain, rectification or erasure (Articles 16 and 17 of the GDPR), through online access to your file. You can also contact:
email address: firstname.lastname@example.org
postal address: 118/130 Avenue Jean Jaurès 75171 Paris Cedex 19
It is recalled that any person can, for legitimate reasons, request the limitation of the processing of data concerning him (article 18 of the GDPR) or oppose said processing (articles 21 and 22 of the GDPR).
We will inform you that in the event of rectification or erasure of your personal data, as well as limitation of processing, carried out following a request from you, we will notify said modifications to the persons to whom we have communicated your data, unless '' such communication proves impossible (article 19 of the GDPR).
13 - Portability of your personal data
You have a right to the portability of personal data that you have provided to us, understood as the data that you have actively and consciously declared in the context of access and use of the services, as well as data generated by your activity in the context of the use of the services (article 20 of the GDPR). We remind you that this right does not apply to data collected and processed on a legal basis other than consent or the execution of the contract binding us.
This right can be exercised free of charge, at any time, and in particular when closing your account on the site, in order to retrieve and store your personal data.
In this context, we will send you your personal data, by any means deemed useful, in a standard open format commonly used and machine-readable, in accordance with the state of the art.
14 - Filing of a complaint before a supervisory authority
You are also informed that you have the right to lodge a complaint with a competent supervisory authority (the Commission Nationale Informatique et Libertés for France), in the Member State in which your usual residence is located, your location of work or the place where the violation of your rights would have been committed, if you consider that the processing of your personal data covered by this Charter constitutes a violation of the applicable texts.
This recourse may be exercised without prejudice to any other recourse before an administrative or judicial jurisdiction. Indeed, you also have a right to an effective administrative or judicial remedy if you consider that the processing of your personal data covered by this Charter constitutes a violation of the applicable texts.
15 - Communication relating to a personal data breach
If we notice a security breach in the processing of your data that could lead to a high risk for your rights and freedoms, we will inform you as soon as possible (article 34 of the GDPR). We will then detail the nature of the violation encountered and the measures put in place to put an end to it.
16 - Amendments
We reserve the right, at our sole discretion, to modify this charter at any time, in whole or in part. These modifications will come into force as from the publication of the new charter. Your use of the site following the entry into force of these modifications will constitute recognition and acceptance of the new charter. Otherwise and if this new charter does not suit you, you will no longer have to access the Platform.
17 - Coming into Force
This charter entered into force on September 14, 2020.