For the purpose of the terms « personal data », « data subject », « controller » and « processing » shall have the meaning given to them in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter « GDPR »), and « Data Protection Laws » means the current transpositions of Directive 95/46/EC into the domestic law of the EEA Member States, as amended, replaced or superseded at any time, including, without limitation, by the GDPR and the Data Protection Laws amending, replacing or substantially superseding the GDPR.
1 - Legal basis, controller and purpose of processing
In connection with your activity, the information collected is recorded in a computerized file by WWW.SEMECLOUD.COM as a Data Controller, which will process the data of the user of the site (hereinafter the « Data Subjects ») in accordance with the applicable legal and regulatory provisions.
The processing of certain personal data is strictly necessary for the performance of services. The purpose of treatment are, in particular, compliance with WWW.SEMECLOUD.COM of its legal and regulatory obligations, the provision of proof of transactions, the management of customer relations, orders, payments and deliveries, the achievements of customer marketing operations that have not opposed or have accepted it, the transmission of data from the persons concerned who have accepted it to certain customers or partner of WWW.SEMECLOUD.COM and the defense of rights.
If these data are not communicated, WWW.SEMECLOUD.COM will not be able to conclude the sales contract or provide the requested service.
A technology watch on new vulnerabilities is ensured by the security manager and his teams. They are identified via:
Public information sites;
Alerts of manufacturers and publishers of deployed solutions;
Incidents and observations raised by our operating teams, third parties or customers;
Internal and external vulnerability scans carried out regularly;
Technical audits, as well as code and configuration reviews.
2 - Access
The client is responsible for the management and safety of its authentication means.
To better protect access to his account, he could:
• Enable two-factor authentication (2Factors) in the SemeCloud customer area;
• Restrict connections to a list of IP addresses declared upstream.
• Using a mobile application via a single-use password system (OTP)
• The customer is solely responsible for encrypting the content to be communicated through SemeCloud
3 - Storage period
A backup policy is implemented on the servers and equipment used by WWW.SEMECLOUD.COM.
The customer is solely responsible for the registration policy for his own systems and applications.
Nevertheless, WWW.SEMECLOUD.COM carries out a backup and centralized preservation of newspapers. It is the responsibility of the client subscribed to the supply of backup of the data according to the conditions described in the general conditions of sale.
The personal data collected will only be retained for the period necessary to achieve the purposes previously described, within the legal deadlines and, sometimes, for a reasonable additional period to allow WWW.SEMECLOUD.COM to assert its rights.
4 - Recipients
The processed personal data is intended for WWW.SEMECLOUD.COM and its service providers and subcontractors.
If the customer gives his consent previously, his personal data, may also be transmitted to Participants of WWW.SEMECLOUD.COM who can send promotional messages.
5 - Contact
At any time, the persons concerned have the right to receive their data in electronic form and to request WWW.SEMECLOUD.COM to transmit them to a third party where technically possible and to withdraw their consent to the processing of their personal data.
The customer must ensure the accuracy of his contact information, so that WWW.SEMECLOUD.COM can notify it in the event of a vulnerability detected on its information system.
The legal persons concerned have the right to access their personal data and what they are rectified or deleted, and are entitled to limit the processing of their personal data and to oppose them under certain conditions provided for by the law. WWW.SEMECLOUD.COM offer this possibility by his Cookies Policy.
The legal persons concerned wishing to assert their rights (access, rectification, deletion, opposition, deletion) may send their request by postal mail at the below address, indicating all the information allowing their identifications in our databases.
The legal persons concerned, who after contacting WWW.SEMECLOUD.COM believe that their rights "Informatiques et Libertés" are not respected may apply to the CNIL the French Data Protection Authority.
SemeCloud 11 Rue Delcassé 75008 Paris.