The Company may collect and process some of the User's personal data when the User consults the Website and uses the services offered, particularly the risk analysis service and the establishment of Rescripts with the Partner Lawyer.
The lack of information prevents the proper functioning of the Service offered online by the Company.
The Company is very sensitive to the protection of personal data. All the rules applicable to the protection of personal data, under the GDPR (EU Regulation 2016/679) are set out below:
11.1 - Data controller
The person responsible for processing personal data is Compagnie Française des Rescrits, WOJO, Tour Mattei, 207, rue de Bercy - 75012 PARIS, SAS registered with the RCS of Paris under number 850 570 516, represented by its Chairman, the Sarl CEDR and its representative Mr. Cyril VIGNAU
11.2 - Data protection officer
We have appointed a Data Protection Officer who will ensure that the User's personal data is systematically used in a transparent, accurate and lawful manner.
The User can contact the Data Protection Officer at the following address: Cyril VIGNAU at rgpd@securitax.com or at the Company's headquarters.
11.3 – Nature of processed data
In the context of browsing and using the services, we will process certain User's personal data, which are as follows:
• identification data: last name, first name, email address, telephone number;
• files exchanged with the Partner Lawyer;
• data relating to internet browsing (IP address; cookies, browsing data, audience measurement, etc.);;
• data relating to the means and methods of payment (credit card information)
Some of this information is sometimes communicated directly by you, for example when you provide your name or email address in a form. Other information is collected automatically, without you filling out such forms; this usually involves devices, browsers, or your location.
We may also collect information about you from other sources, such as when we purchase contact details of people who may be interested in our Services.
The choice of providing us with information when you visit our sites or install our applications is yours. However, your refusal to provide us with certain information will prevent you from using certain features of our Services. For example, any refusal on your part to provide us with a mobile phone number would prevent you any connection to our services if your organization requires dual authentication.
Information We Collect From You. You provide us with information about yourself on the following occasions:
• You create or modify your user profile;
• You contact the customer service;
• You enter or modify your billing information.
The information you may provide to us includes, but not limited to, your name, email or mailing address, telephone number, billing information or electronic signature.
You also provide us with information about others by using features of our Services, such as the following:
• You are starting or participating in a DIAGTAX © Diagnosis or a QUIETAX ® Tax Audit;
• You enter information about the subject of a QUIETAX © Tax Audit
• You send us documents via our secure site to establish a Rescript.
• You indicate comments;
• You recommend to acquaintances.
All this information is stored on our dedicated servers located in Europe.
Your first choice regarding this type of information is simply not to provide such information, for example by not creating a profile or leaving a comment in a blog or not performing Diagnosis or Audit. The other choices available to you are set forth in Article 5 of this Privacy Policy.
We collect information automatically. We automatically collect certain information about you or your devices when you use our Services or simply when you visit our sites or applications without identifying yourself. The choices you have regarding the automatic collection of information are set out in Article 5 of this Privacy Policy.
Are automatically collected:
The Device, usage information and transactional data. We collect information about how you use our Services and on computers or other devices, such as mobile phones or tablets that you use to access our Services. These devices include:
• the IP address;
• precise geolocation information which you grant access to our applications (usually from your mobile device);
• unique identifiers and device characteristics,such as operating system and browser type;
• Usage data, such as web log data, landing and exit pages and URLs, platform type, number of clicks, domain names, landing pages, pages and content viewed and the order of these pages, time spent on each page, date and time of use of our Services, frequency of use of our Services, error logs and other similar information ;
• transactional data such as the names and e-mail addresses of the creator of a Diagnosis or Audit, the history of actions carried out by individuals concerning a Diagnosis or Audit (answers to questions, information entered) and information about individuals or their devices such as name, email address, IP address, and authentication methods.
Cookies and similar techniques.We may use cookies, which are text files that contain limited information downloaded to your device ("Cookies") or related techniques, local shared objects to store or collect information. We also permit others to use Cookies in the Services as described below. Cookies can save your preferences, your username, and help customize advertisements. Analytics cookies. We are using Google Analytics and LinkedIn services. These Cookies are used to collect data on site usage and allow us to learn how our Services are being used, for example, the pages viewed, the length of the visit, and the site or web page viewed before visiting the Securitax.com website.
Personalized advertising.Advertisements for other products and services. Third parties whose products or services featured on our Services may store or read Cookies on your workstation or other devices to collect information.They act to (i) tailor and display advertisements based on the information from the previous visits to our Services and other sites; and (ii) communicate the number of advertisements sent and the response elicited by those advertisements; Advertisements for our products and Services. We may also use the services of Google and LinkedIn to send you personalized advertisements about our products and services within and outside our platform. We allow these third parties to use their cookies and have access to them on your workstation or other devices you use to access our Services. We do not have access to these cookies or other related techniques, this Privacy Policy does not govern the use of these cookies and related techniques. The choices you have with regards to Cookies and related techniques are outlined in Article 5 of this Privacy Policy. For additional information on cookies and related techniques, please refer to our Cookie Policy (https://www.securitax.com/company/cookie-policy).
We Collect Information From Other Sources. We may collect information about you from other sources, including:
Sources tierces. Third-party sources. Examples of third-party sources include marketers, partners, researchers, service providers, and other parties who are legally permitted to share your information with us Aggregating information from multiple sources. We may combine the information we receive from other sources with the information we collect from you (or from your device) and use it as described in this Privacy Policy
Information that We Collect and Process on Behalf of Our Clients. When our clients use our Services, we process and retain certain information on their behalf as a subcontractor. For example, when a client (or its Authorized Users) set up a Securitax.com ® Tax Assessment or Audit, we act as a subcontractor to process documents on behalf of the client and accordance with the client's instructions. The client then acts as a data controller and is in charge of most aspects of information processing. If you have any questions or doubts about how information is being process in these cases, including how to exercise your rights as a data subject, we recommend that you contact the client.
11.4 – Purposes and basis of processing
The personal data collected are processed by the Company in particular for the following main purposes:
• to ensure the contact and fluidity of exchanges between the Partner Lawyer and the User when the latter uses the service,
• the processing of this data is necessary for the use of the proposed Service and responds to a legitimate interest,
• allow payment of Securitax.com and Partner LAWYER's invoices thru the User's credit card via the secure link provided for this purpose, Paypal or any other means;
• compilation of statistics relating to the frequency of visits to the Website and to each Partner Lawyer, the Company being likely to use this personal data, subject to the User's consent. (cf. point 11.10 relating to cookies)
• carrying out marketing actions
• The Company may, subject to the User's consent, use his/her personal data in order to send him/her service offers via email, SMS, telephone.
• Depending on the purpose of the processing, it will be based either on compliance with a contractual obligation, or on the consent of the person whose data is processed, or on the legitimate interest.
11.5 – Sensitive data and data linked to criminal convictions and offences
It will is recalled that when the User uses the service with the Partner Lawyer, the transmission of content via this "send a message" Module is done immediately and without the Company exercising any control or validation before the transmittal of the content, in particular, because of the confidentiality requirements imposed by the Lawyer's professional ethics.
Moreover, as stipulated in article 8 of these T & Cs, the User is, in this regard, solely responsible for checking the accuracy and legality of the content he/she sends and undertakes not to distribute via this Module as part of his/her content any information, malicious, denigrating, deliberately misleading, illicit and/or contrary to morality and respect for private life and freedom of worship
• Sensitive data: The User may be led, in the message that he transmits to the Partner Lawyer and that he disseminates through the modules, to mention, on his initiative, sensitive data, namely, as defined by article 9 of the GDPR, “data which reveals the racial or ethnic origin of people, their political opinions, their religious or philosophical convictions, their trade union membership, their health, their sex life or their sexual orientation."
The processing of such data is subject, with exceptions, to the User's consent and insofar as the Company cannot know in advance whether the User will mention any sensitive data, the User must use the private messaging service with the Partner LAWYER, give their consent to the processing of this type of data.
• Data pertaining to criminal convictions and offences
The User is prohibited from mentioning in the message that he transmits to the Partner Lawyer and disseminates through one of the modules mentions relating to criminal convictions and offenses.
The User, in order to use the service with the Partner LAWYER, must certify, by ticking a box provided for this purpose, not to mention any information relating to criminal convictions or offenses in his message.
11.6 - Retention period of personal data
The data is kept for a period not exceeding the period necessary for the purposes for which it was collected.
11.7 - Recipient of the data
• Company personnel authorized to deal with them by virtue of their duties
Access to personal data is strictly limited to the company's employees, who are authorized by virtue of their duties.
• Company's service providers
The Company also discloses some of the data when it uses the services of service providers for the aforementioned purposes, including in particular:
• service providers allowing billing follow-up;
• service providers allowing the payment of the invoices of the Partner LAWYER by the User, via Securitax.com and a secure link provided for this purpose, when the former has subscribed to the billing management service;
• service providers allowing the sending of emails;
These service providers have limited access to personal data in the performance of their tasks on behalf of the Company and have a contractual obligation to protect and use it only for the purposes for which it was disclosed following the provisions of the applicable legislation on the protection of personal data.
• Legal and Administrative Authorities and Company Boards
The Company may be required to disclose the User's personal data to law enforcement agencies (judicial or administrative authorities or local law enforcement) where the Company is authorized to do so for legitimate reasons or in cases where the law requires or authorizes it, in the event of requisition for the purposes of the prevention or detection of offenses or fraud. The recipients of personal data are entirely located within the European Union.
11.8 - Data protection
Throughout the retention period of personal data, we implement all appropriate means to ensure their confidentiality and security, to prevent their damage, deletion, or access by unauthorized third parties. Thus, we encrypt all messages sent by the User to the lawyer(s) to whom he/she writes via the service of the various modules. However, the Company does not control all the risks associated with the operation of the Internet and draws the User's attention to the existence of any risks inherent in its use and operation.
11.9 -Your rights relating to your personal data
• Right of access to all of your data
To find out the data concerning him/her in the Company's possession, the User may ask the Company for a copy of his/her personal data in a commonly used electronic form.
• Right of rectification
The User can ask the Company to rectify or complete their personal data, if they are inaccurate or incomplete.
• Right to Appeal
The User may object to any processing of his/her personal data where such processing is based on our legitimate interest (including profiling).
Where appropriate, the Company will cease to use personal data for this purpose, unless the Company can demonstrate a legitimate and compelling reason for this processing or such processing is necessary for the establishment, exercise, or defense of rights.
Concerning direct marketing solicitations that the User receives from the Company, the User can revoke his/her consent to no longer receive any solicitations.
This option is offered to the User at any time and will be reminded to him/her in the messages he/she receives from the Company.