ITESOFT, a limited company with a capital of 368,029.68 euros, registered with the Nîmes Trade and Companies Register under number B 330 265 323, whose registered office is Parc d’Andron, le Séquoia – 30470 Aimargues – France, attaches great importance to the privacy of the Users of its Products. 

All capitalised terms are defined in section “1.  Definitions”.

The purpose of the Personal Data Protection Policy is to define the rules applicable to the collection and Processing of the Personal Data of Users of the Products as subscribed to by the Customers. 

It details the Personal Data that Itesoft collects and processes, the reasons for the processing and how they are used.

Itesoft may change the terms of this Personal Data Protection Policy. You are welcome to consult this page regularly and will be informed of significant modifications either by a special mention on our Product, or by email notification.

 

1. DEFINITIONS

1.1 DEFINITIONS RELATING TO THE PROTECTION OF PERSONAL DATA


Personal Data: any information relating to an identified or identifiable natural person, directly or indirectly.

Purpose: main objective of the use of Personal Data.

Data subject: the natural person concerned by the Processing of Personal Data.

Personal Data Regulations: current regulations applicable to the processing of Personal Data, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 of April 2016 applicable from 25 May 2018 (hereinafter the “GDPR”) and Law No. 78-17 of 6 January 1978 relating to information technology, files and individual liberties.

Data Controller: entity that determines the Purposes and means of Processing, i.e., the objective and the way to achieve it

Data Processor: entity that processes Personal Data on behalf of and under the authority of a Data Controller 

Processing: operation, or set of operations, carried out on Personal Data

 

1.2 DEFINITIONS RELATING TO SERVICES

Customer: entity that has placed an order for the use of the Product provided by Itesoft.

Contract: the Contract and its Annexes, as well as any quotation signed between the Customer and Itesoft.

Services: all services provided by Itesoft through the use of its Product.

Product: software applications made available to the Customer by Itesoft as part of the provision of the Services.

Users: employees, subcontractors, consultants and representatives of the Customer, authorized by the latter to use the Product under its sole responsibility.


2. PURPOSES OF THE COLLECTION AND PROCESSING OF YOUR PERSONAL DATA

ITESOFT collects and processes the Personal Data of Users, acting as Processor for the following Purposes:

Provision of Services: 
- Creation and management of the User accounts
- User training
- Processing of inquiries and support requests
Legal basis: Contractual performance  

Technical Management of Products: 
- General administration of the Product in order to ensure its proper functioning and security; 
- Resolution of any disputes or anomalies in the use of the Services, and in particular the fight against online fraud    
Legal basis: Contractual performance

ITESOFT collects and processes the Personal Data of Users, acting as Controller for the following Purposes:

Accounting and commercial management of Customers:
- Payment for Services and monitoring of invoicing
- Management of unpaid payments and disputes
- Keeping of accounting records and legal justifications
- Management of commercial follow-up
Legal basis : Contractual performance

Commercial prospection: 
- Improvement of the Product and proposal of a performing content for the Users; 
- Communications and sharing of all evolutions and news on the Product
Legal basis : Legitimate interest


3. CATEGORIES OF PERSONAL DATA COLLECTED AND PROCESSED 


For these purposes, we collect from the Customer the following Personal Data:

Data relating to the identification of Users:
Surname, first name
Data relating to the professional contact details of Users:
Phone number, email address, postal address
Data relating to the professional life of Users:
Company, Sector of activity, Location, Title, Function, Login, Professional Identification No, Manager, Authorizations, rights, assignments, validation threshold

We also collect directly from Users, when accessing our Products, the following Personal Data:
Additional identification Data
Password, Profile picture (X),
Connection and browsing data
Indicators and statistics, Monitoring of Logs and connection, Start/end date of absences and delegation

Only the Personal Data marked with a cross (X) are optional.

4. RETENTION PERIOD OF YOUR PERSONAL DATA

User Data is kept for the entire duration of the Contract between ITESOFT and the Customer. 

Data related to commercial prospection will be kept for 5 years after the end of this contractual relationship.

Data relating to invoicing and accounting management will be kept for 10 years after the end of this contractual relationship to comply with accounting and tax obligations.

5. RECIPIENTS OF YOUR PERSONAL DATA

Your Personal Data may be communicated to our subsequent Processors, including our technical service providers, hosts, security incident or fraudulent activity management providers, etc.

For legal reasons, your Personal Data may be disclosed to competent authorities if ITESOFT is required by law, regulatory provision, or judicial decision, or if such disclosure is necessary for the purposes of investigation, injunction or judicial procedure, within the national territory.

Personal Data is stored on servers located within the European Union.

When ITESOFT uses providers located outside the EU, guarantees for the protection and security of transfers are taken. 
 

6. SECURITY OF YOUR PERSONAL DATA

We implement organisational and technical measures to protect the security of your Personal Data against all unauthorised access and disclosure, modification, damaging or destruction.

ITESOFT and its technical and hosting service providers have implemented appropriate measures to ensure the integrity, confidentiality and security of your Personal Data.


7. RESPECT FOR YOUR RIGHTS

You have the right to access your Personal Data, to request its correction, portability, to define guidelines on the fate of your Data after your death, as well as, under certain conditions, to request its erasure or restriction of its processing. These rights can only be exercised with the Customer. 

You may also object at any time to the processing for commercial prospection purposes carried out by ITESOFT by sending an email to itesoft@itesoft.com.

If you believe that your rights are not being respected, you also have the right to lodge a complaint with a supervisory authority. The French supervisory authority is the National Commission for Information Technology and Civil Liberties (CNIL), located at 3 Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07.

About cookies and other trackers

What is a "cookie" or a tracker? 
A cookie, or more generally a tracker (hereinafter "Cookie(s)"), is a file or an identifier likely to be stored on your terminal (computer, tablet, or smartphone) and/or when consulting a service with an internet browser.  

Who uses cookies? 
The Cookies filed when using of our Product are filed by us. Only we are able to read them, responsible for their use, and for the data collected through them.  

What are cookies used for? 
The Cookies filed by our Product are strictly necessary cookies for the service. 

Therefore, they do not require your consent. These are Cookies used for the proper navigation and functioning of the site:
•    maintaining your session from visit to visit;
•    implementing security measures.

Cookies “strictly necessary for the service” or “exempt from consent” are filed at your first connection.