Designed to make every company Customer obsessed
Last updated: 10 June 2021
Critizr is aware of the importance of ensuring the confidentiality of personal data and thus Critizr is committed, within the framework of its activities and in accordance with the legislation in force in France and in Europe (Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016), to ensure the protection, confidentiality and security of personal data, as well as respect for privacy.
It also describes the legal basis on which we process personal data, with whom we share it and how it is stored.
1. How is your personal data collected?
Your data is collected when you contact us or download content via forms or by subscribing to newsletters. Technical information (e.g., IP address, browser information, etc.) is also transmitted to Critizr by your terminal when you use the Website.
2. Type of personal data, purposes and legal basis
By personal data, we mean any information about a person from which that person can be identified. This does not include data for which the identity has been deleted (anonymous data).
Critizr also processes your data to meet its legal or regulatory obligations.
To this end, the purposes pursued by Critizr are the following:
2.1 Type of people involved:
VISITEURS DU SITE (sans compte utilisateur)
Site visitors (without a user account)
Types of personal data
Purposes & Legal basis for processing
3. If you fail to provide personal data
If you choose not to provide the personal data we request, we may not be able to provide you with the products and/or services you have requested or fulfil the purposes for which we have requested the personal data.
4. What are the flows of personal data
4.1 How do we share your data?
Access to your personal data is strictly limited to:
Authorised Critizr employees by virtue of their position and bound by a duty of confidentiality;
Critizr’s subcontractors, who are contractually responsible for performing the tasks necessary for the proper functioning of the Website and its services, namely the cloud storage of the Website and your personal data.
In performing their services, Critizr’s subcontractors comply with the provisions of the GDPR.
Critizr may share your personal data with judicial authorities, independent administrative authorities or any other organisation if required by law.
Except as expressly stated above, we will never share, sell or rent your personal information to a third party without notifying you and/or obtaining your consent. If you have given us your consent to use your information in a particular way, but later change your mind, you should contact us and we will stop doing so.
5. Data processing outside the European Union
Where the processing of your data involves a transfer outside the European Union, such transfers are made in return for appropriate safeguards, and in full compliance with applicable regulations. When the sharing of such information involves a transfer to the United States, such transfer is made on the basis of Privacy Shield certification.
Transfers outside the European Union are based on standard contractual clauses, in compliance with the standard clauses validated by the European Commission.
6. What are cookies used for and why are they collected?
Cookies are text files containing small amounts of information that are downloaded to your device when you visit a web page or use an application. Cookies are then sent back to the original web page or application on each subsequent visit, or to another web page or application that recognizes that cookie.
Measure the performance and audience of the Website, including analysis of the types of Internet browsers (e.g. Firefox, Chrome or Internet Explorer) and operating systems (e.g. Windows or Mac OS) used.
Most browsers allow you to change your cookie settings. These settings can be found in the “options” or “preferences” menu of your browser. To better understand these settings, the following links may be helpful, otherwise please use the “Help” option of your browser for more details:
Enable and facilitate communication by electronic means on the Website.
You can find more information about cookies and how to administer them at http://www.allaboutcookies.org/.
7. How long do we keep your personal data
We will only retain your personal data for as long as is necessary to fulfil the purposes for which it was collected, including to meet any legal or accounting requirements.
In determining the appropriate retention period for personal data, we take into account the amount, nature and sensitivity of the personal data, the potential risk of harm resulting from the unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and the possibility of achieving those purposes by other means, as well as applicable legal requirements.
Processing and Retention Period
Data relating to visitors to the Platform:
After the set deadlines, the data are either deleted or kept after being anonymized, in particular for statistical purposes. They may be kept in case of pre-litigation and litigation. It is reminded that the deletion or the anonymisation are irreversible operations and that Critizr is not, thereafter, able to restore them.
8. Rights of the data subjects
As a data subject, you have various rights. These rights are not absolute and each of these rights is subject to certain conditions in accordance with the GDPR and applicable national laws.
9. Exercise of rights
If you are not satisfied with our response to your complaint or if you believe that the processing of your personal data does not comply with applicable data protection laws, you may file a complaint with the relevant data protection supervisory authority. The Commission Informatique et Libertés (CNIL) is the data protection authority in France and the lead authority for Critizr.
Any request will be considered within the time limits set by applicable law. Please note, however, that certain personal data may be exempt from such requests in certain circumstances, including if Critizr needs to continue processing your personal data for its legitimate interests or to comply with a legal obligation.
There will be no charge for exercising your right of access (or any other right). In some cases, we may not be able to comply with your request if it is manifestly unfounded or excessive.
We may need to ask you for specific information to help us confirm your identity and ensure your right to access that information (or exercise your other rights). This is an appropriate security measure to ensure that personal data is not disclosed to anyone who does not have a right to receive it.
10. How is the data secured?
Critizr ensures that data is processed with complete security and confidentiality, including when certain operations are performed by subcontractors. To this end, appropriate technical and organisational measures are put in place to prevent the loss, misuse, alteration and deletion of your personal data. These measures are adapted according to the level of sensitivity of the data processed and according to the level of risk that the processing or its implementation presents. We have set procedures to deal with any suspected data breach and will notify you and any relevant supervisory authority of a suspected breach where we are legally required to do so.
Unfortunately, the security of data transmissions over the Internet or data storage systems cannot be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you believe that the security of an account you have with us has been compromised), please notify us immediately by contacting us using the contact information above.
11. Third party sites
Moreover, Critizr is not responsible for hypertext links that third party websites could integrate even if Critizr would have authorised the publisher of the said third party website to place such a link.