Data-privacy policy
Management of personal data
The Customer is informed of the regulations concerning marketing communication, the law of 21 June 2014 for confidence in the digital economy, the Data Protection Act of 6 August 2004 as well as the General Regulations on Data Protection (RGPD: n° 2016-679).
1.1 Persons responsible for the collection of personal data
For Personal Data collected in the context of the creation of the User’s personal account, the person responsible for processing Personal Data is: L’ASSOCIATION MIJE whose registered office is located at 13, boulevard Beaumarchais, 75004 Paris L’ASSOCIATION MIJE is represented by Mr. Rémy VERNAY, its legal representative.
As the person responsible for processing the data he collects, the MIJE ASSOCIATION undertakes to respect the legal provisions in force. In particular, it is its responsibility to establish the purposes of its data processing, to provide its prospects and clients, on the basis of the collection of their consents, with full information on the processing of their personal data and to maintain a register of processing that complies with reality. Whenever the MIJE ASSOCIATION processes Personal Data, the MIJE ASSOCIATION takes all reasonable steps to ensure the accuracy and relevance of the Personal Data to the purposes for which the MIJE ASSOCIATION processes them.
1.2 Purpose of the data collected
The MIJE ASSOCIATION may process all or part of the data:
for the management and traceability of the services ordered by the user:
- invoicing, order history, delivery follow-up, payment follow-up, etc.
- to conduct optional satisfaction surveys on www.L’association MIJE.fr : email address
- to carry out communication campaigns (sms, email): telephone number, email address
The MIJE ASSOCIATION does not market your personal data, which is therefore only used out of necessity or for statistical and analytical purposes.
1.3 Right of access, rectification and opposition
In accordance with the European regulations in force, the Users of the MIJE ASSOCIATION have the following rights:
- right of access (article 15 RGPD) and rectification (article 16 RGPD), updating, completion of Users’ data right to block or erase Users’ personal data (article 17 RGPD), when they are inaccurate, incomplete, ambiguous, out of date, or whose collection, use, communication or storage is prohibited.
- right to withdraw consent at any time (article 13-2c RGPD)
- right to limit the processing of Users’ data (Article 18 RGPD)
- right to object to the processing of Users’ data (Article 21 RGPD)
- the right to the portability of the data provided by the Users, when these data are subject to automated processing based on their consent or on a contract (article 20 RGPD)
- the right to determine the fate of the Users’ data after their death and to choose to whom the MIJE ASSOCIATION shall communicate (or not) its data to a third party that it shall have previously appointed
As soon as the MIJE ASSOCIATION becomes aware of the death of a User and in the absence of instructions from him, the MIJE ASSOCIATION undertakes to destroy his data, unless it is necessary to retain them for evidentiary purposes or to meet a legal obligation.
If the User wishes to know how the MIJE ASSOCIATION uses his or her Personal Data, requests a correction or objects to the processing of his or her Personal Data, the User may contact the MIJE ASSOCIATION in writing at the following address L’ASSOCIATION MIJE – DPO, 13, boulevard Beaumarchais, 75004 Paris.
In this case, the User must indicate the Personal Data that he/she would like the MIJE ASSOCIATION to correct, update or delete, identifying him/herself precisely with a copy of an identity document (identity card or passport).
Requests for the deletion of Personal Data will be subject to the obligations imposed on THE MIJE ASSOCIATION by law, in particular with regard to the conservation or archiving of documents. Finally, Users of the MIJE ASSOCIATION may file a complaint with the supervisory authorities, in particular the CNIL (https://www.cnil.fr/fr/plaintes).
1.4 Non-disclosure of personal data
MIJE ASSOCIATION shall not process, host or transfer the Information collected on its Clients and Prospects to a country outside the European Union or recognised as “unsuitable” by the European Commission without prior notice to the client. However, MIJE ASSOCIATION remains free to choose its technical and commercial subcontractors provided that they present sufficient guarantees with regard to the requirements of the General Regulation on Data Protection (RGPD: n° 2016-679).
MIJE ASSOCIATION undertakes to take all necessary precautions to preserve the security of the Information and in particular that it is not communicated to unauthorised persons. However, if an incident affecting the integrity or confidentiality of the Client’s Information is brought to the attention of MIJE ASSOCIATION, MIJE ASSOCIATION shall inform the Client as soon as possible and inform the Client of the corrective measures taken. MIJE ASSOCIATION does not collect “sensitive data” about its clients and prospects.
The User’s Personal Data may be processed by subsidiaries and subcontractors (service providers) of the MIJE ASSOCIATION exclusively for the purposes of this policy.
Within the limits of their respective responsibilities and for the purposes mentioned above, the main persons who may have access to the data of MIJE ASSOCIATION Users are mainly our customer service agents.
1.5 Types of data collected
With regard to the Client and Prospect users of the MIJE ASSOCIATION, we collect the following data which are essential for the operation of the service, and which will be kept for a maximum period of 60 months after the end of the contractual relationship: CIVILITY, SURNAME, FIRST NAME, FUNCTION/STATUS, BUSINESS, ORGANISATION, POSTAL ADDRESS, TELEPHONE, MAIL ADDRESS.
2. Incident notification
No matter how hard you try, no method of transmission over the Internet and no method of electronic storage is completely secure. Therefore, we cannot guarantee absolute security. If we become aware of a security breach, we will notify the users concerned so that they can take appropriate action. Our incident notification procedures take into account our legal obligations, whether at national or European level. We are committed to keeping our customers fully informed of all matters relating to the security of their accounts and to providing them with all the information necessary to help them meet their own regulatory reporting obligations.
No personal information of the user of L’ASSOCIATION MIJE is published without the user’s knowledge, exchanged, transferred, assigned or sold in any medium whatsoever to third parties. Only in the event of the purchase of L’ASSOCIATION MIJE and its rights would it be possible to pass on the said information to the eventual purchaser who would in turn be under the same obligation to keep and modify the data towards the user of L’ASSOCIATION MIJE.
Security
To ensure the security and confidentiality of Personal Data, MIJE ASSOCIATION uses networks protected by standard devices such as firewalls, encryption and passwords.
When processing Personal Data, MIJE ASSOCIATION takes all reasonable steps to protect it from loss, misuse, unauthorised access, disclosure, alteration or destruction.