What personal data does Taftie process and for what purposes?
Taftie does not collect personal data other than those that Visitors voluntarily provide on the Website (i.e. name, first name, contact details including the email address, function and organisation, texts) (the Personal Data), either when they sign in as a representative of their organisation or send a contact request.
Personal Data collected on the Website will be processed by Taftie for the following purposes:
- Promotion of Taftie activities (forthcoming or past events, brochures, sending of invitations to events, etc.). If Visitors do not wish to receive emails, they may follow the “unsubscribe” instructions included within each email communication ;
- Communication with the Visitors and providing them with the information requested ;
- Processing of access, rectification and opposition requests, and other rights with respect to Personal Data;
- Claims and litigation management.
The processing of the Visitors’ Personal Data is necessary for Taftie to provide the services that are requested, as well as to enable Taftie to fulfil its missions. These purposes constitute the legal basis for the data processing carried out by Taftie.
Who are the data recipients?
Visitors’ Personal Data will be processed internally by duly authorised persons, within the limits of their respective attributions.
They may also be communicated to Taftie data processors (including IT service providers) and external services providers such as web designers, marketing solutions providers, communication agencies, to the strictest extent necessary and subject to the existence of contractual guarantees to ensure the security and confidentiality of the data.
How does Taftie ensure the security of Personal Data?
Visitors’ Personal Data will be processed by Taftie as a data controller, in compliance with the applicable data protection legislation. For the time being this is the Law of 2 August 2002 on the protection of individuals with regard to the processing of personal data, as amended, and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, – the GDPR -, which entered into force on 25 May 2018, as well as any other subsequent regulation.
Taftie undertakes to implement technical and organisational security measures to ensure the protection of Visitors’ Personal Data against the risks associated with the use of information systems.
Taftie follows generally accepted security standards to help protect Visitors’ Personal Data. However, no method of transmission over the Internet, or of electronic storage, is 100% secure. Therefore, Taftie cannot guarantee the absolute security of the Personal Data.
Personal Data is kept for a period of three years from their collection by Taftie or the last contact from the Visitor.
What are the Visitors’ rights?
In accordance with the current data protection legislation, the Visitor or, as the case may be, their beneficiaries who can prove they have a legitimate interest are entitled to obtain, free of charge:
- Access to the personal data concerning the Visitor,
- Confirmation that the Visitor Personal Data is or is not being processed,
- Information concerning at least the purposes of the processing, the categories of data to which the processing relates and the recipients or categories of recipients to whom the data are communicated,
- Communication, in an intelligible form, of the data being processed, as well as any available information on the origin of the data.
The Visitor (or, as the case may be, their beneficiaries) also has a right to rectify his/her personal data and a right to object to the collect and processing of such data, on the basis of compelling legitimate grounds.
These rights may be exercised by an email addressed to the following address: firstname.lastname@example.org. As of 25 May 2018, the Visitor is also entitled to request the erasure of all or part of the data or a restriction of the processing, object to the processing or make use of its right to data portability, within the limits provided by the applicable rules. In the event of a breach of the data protection rules, the Visitor may also lodge a complaint before a supervisory authority.