ARTICLE 1 - PREAMBLE
We care about the privacy of users of our Services and are committed to protecting the information users share with us when using our Services, and we are fully committed to protecting and using your information in accordance with applicable law.
The way in which their personal data is collected and processed. Must be considered as personal data all data likely to identify a user, in particular the first name, surname, age, postal address, email address, location and IP address of the user;
What are the rights of users regarding this data; Who is responsible for the processing of personal data collected and processed; To whom this data is transmitted;
The policy of the French Lab site in terms of cookies.
ARTICLE 2 - GENERAL PRINCIPLES REGARDING DATA COLLECTION AND PROCESSING
In accordance with the provisions of Article 5 of European Regulation 2016/679, the collection and processing of data from users of the Services respects the following principles:
Lawfulness, loyalty and transparency: data can only be collected and processed with the consent of the user who owns the data. Each time personal data is collected, the user will be informed that his data is collected, and for what reasons his data is collected;
Limited purposes: the collection and processing of data is carried out to meet one or more objectives determined in the General Conditions of Use;
Minimization of the collection and processing of data: only the data necessary for the proper execution of the objectives pursued by the Services are collected;
Retention of reduced data over time: the data is kept for a limited period, of which the user is informed. When this information cannot be communicated, the user is informed of the criteria used to determine the retention period;
Integrity and confidentiality of data collected and processed: the data controller undertakes to guarantee the integrity and confidentiality of the data collected.
In order to be lawful, and in accordance with the requirements of Article 6 of European Regulation 2016/679, the collection and processing of personal data can only take place if they comply with at least one of the conditions below. after listed:
The user has expressly consented to the processing;
The processing is necessary for the proper performance of a contract;
The processing meets a legal obligation;
The processing is explained by a necessity linked to the safeguarding of the vital interests of the person concerned or of another natural person;
The processing and collection of personal data is necessary for the purposes of the legitimate and private interests pursued by the controller or by a third party.
ARTICLE 3 - PERSONAL DATA, COLLECTED AND PROCESSED IN THE FRAMEWORK OF BROWSING ON THE SERVICES
3.1 Data collected and processed and mode of collection
The various French Lab Services comply with specific rules in terms of the collection of personal data:
During the use of the chatbot, the only personal data to which French Lab has access are those voluntarily given by the user: name, place of residence, age, centers of interest, email address, contact information. This data is collected only to allow the proper functioning of the Service and to offer a learning path that is as personalized as possible.
3.2 FrenchLab.io website
We do not collect any personal data when you only wish to consult our website, except for the data that your browser sends to us, for example:
Pages and files consulted;
Date and time of consultation;
Volume of data transmitted;
Information about your device (e.g. browser version, app version, operating system, language settings, device identifiers);
Previously visited pages (if you access our website via a link);
Online identifiers (e.g., IP address, session IDs, cookies, device IDs);
Geographical data (e.g. city, postal code) (transmitted via IP address).
In order to protect your privacy, we delete or anonymize the IP address in accordance with determined deadlines. Therefore, all other data that may be attached to it cannot be traced back to you. The information we keep is in anonymous form and is only used for statistical purposes to optimize our website. The temporary storage of this data is intended to establish a necessary connection between your device and our server as well as to ensure the effective loading of the content of our website. This data is therefore necessary to display the content of our website on your screen, to avoid display problems and other technical error messages. The legal basis is our legitimate interest, as stated in Art. 6, para. 1, letter f of the GDPR.
3.3 Your FrenchLab account
To be able to access our lessons, as well as the various payment and learning features, the user must register on our platform integrated into the FrenchLab chatbot.
When you register on our platform, we collect and store your basic data such as your (user) name and email address. Additionally, when you sign up for our Services or place an order with us, we collect payment data and record your agreement to our Terms and Conditions.
As a protective measure, the data you enter is transmitted via an encrypted connection - such as when you visit our website. After successful confirmation, your data will be retained until you decide to delete your information or your entire user account. However, deleting your information will also result in losing access to your subscription. The purpose of processing the requested data is to create a user account for the use of extended functions on the FrenchLab platform and chatbot. Registration is voluntary and can be revoked and/or user data deleted at any time. The legal basis is your consent as set out in Art. 6 para. 1, letter a of the GDPR.
3.4 Contact Form and Newsletter
You can contact us on our website or subscribe to our newsletter. You can contact us about general inquiries by writing to our customer service at email@example.com. In this context, we process the data exclusively for the purpose of communicating with you. The legal basis for data processing is the performance of the contract in accordance with Article 6 para. 1, letter b GDPR.
3.5. Duration of storage and deletion of data
We keep your information only as long as necessary to fulfill our contractual or legal obligations or any other authorized purpose for which we collected it, in particular to detect and prevent fraud or security incidents. When the applicable retention period has expired, we take steps to permanently delete the information, aggregate it, or anonymize it.
Anonymization of statistical data
In order to analyze the behavior of users, their satisfaction and thus improve the knowledge base of the FrenchLab.io website, the FrenchLab.io ChatBot and the application.frenchlab.io platform, we have a statistical module. This module allows you to analyze each conversation in detail or by period. For the sake of confidentiality, all this information that can be consulted is anonymized beforehand.
Disclosure of your information
We may share your information with our service providers, in order to operate our Services (for example, by storing information on third-party hosting services, providing our technical support, etc.)
We may also disclose your information in the following circumstances: (i) to investigate, detect, prevent, or take action regarding illegal activity or other wrongdoing, suspected fraud, or security matters; (ii) to establish or exercise our rights of defense against legal claims; (iii) to protect our rights, property or personal safety and that of our users or the general public; (iv) if we undergo a change of control, including through a merger, acquisition or purchase of all or substantially all of our assets; (v) to collect, hold and/or manage your information through our authorized third-party service providers (e.g., online service companies), as is reasonable for business purposes; or (vi) to cooperate with third parties for the purpose of improving your experience. To avoid possible confusion, we may transfer and disclose to third parties or otherwise use Non-Personal Information in our sole discretion.
However, we will never sell personal data to third parties, except where we are required to do so by law. Unfortunately, the transmission of information via the Internet can never be completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of any data you transmit to the Services: any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorized access.
Messages sent to the FrenchLab chatbot
Every message sent is considered scannable.
The main purpose is the analysis of educational progress and in no case the analysis of behavior and the categorization of users.
The secondary purposes are the constitution of data for the improvement of the French Lab chatbot.
Retention period: 6 months after receipt of the message.
ARTICLE 4 - RESPONSIBLE FOR DATA PROCESSING
A. The data controller
Our Data Protection Officer or another competent data protection contact can be reached at the following email address: firstname.lastname@example.org.
The data controller is responsible for determining the purposes and means used for the processing of personal data.
B. Obligations of the data controller
The data controller undertakes to protect the personal data collected, not to transmit them to third parties without the user having been informed and to respect the purposes for which these data were collected.
In addition, the data controller undertakes to notify the user in the event of rectification or deletion of data, unless this entails disproportionate formalities, costs and procedures for him.
In the event that the integrity, confidentiality or security of the user's personal data is compromised, the controller undertakes to inform the user by any means.
ARTICLE 5 - RIGHTS OF THE USER
In accordance with the regulations concerning the processing of personal data, the user has the rights listed below.
In order for the data controller to comply with his request, the user is required to communicate to him: his first and last name as well as his e-mail address to which his user account is attached.
The data controller is required to respond to the user within a maximum of 30 days.
If you reside in the European Union, in accordance with European Regulation 2016/679 (“GDPR”), you are granted the following rights:
Right to withdraw your consent pursuant to Art. 7 para. 3 GDPR;
Right of access to your data pursuant to art. 15 GDPR;
Right to rectification of your data pursuant to art. 16 GDPR;
Right to have your data erased in accordance with Art. 17 GDPR;
Right to limit the collection of data in accordance with Article 18 of the GDPR;
Right to data portability pursuant to Art. 20 GDPR;
Right to object to the way your data is processed in accordance with Art. 21 GDPR;
Right to lodge complaints with the supervisory authority in accordance with Article 77 para. 1 letter f GDPR.
If you wish to lodge a complaint with a national supervisory authority concerning the processing of your personal data, you can do so by contacting the data protection authority of your place of residence, place of work or of where an alleged data breach occurred.
The competent authority in France is the National Commission for Computing and Liberties or CNIL, 3 Places de Fontenoy, 75007 Paris.
The user is also reminded that he can organize what should become of his data collected and processed if he dies, in accordance with French law n ° 2016-1321 of October 7, 2016.
However, please note that these rights are not absolute and may be subject to our own legitimate interests or regulatory requirements. If you have general questions about the Personal Information we collect and how we use it, please contact us as set out below.
In connection with providing the Services to our users, we may transfer information to affiliated entities or other third parties beyond the borders of your country or jurisdiction, to other countries or jurisdictions around the world.
By using the Services, you consent to the transfer of your information outside of the EEA. If you are located in the EEA, your Personal Information may only be transferred to locations outside the EEA if we are satisfied that an adequate or comparable level of protection is in place to protect the Information. personal. We will take reasonable steps to ensure that we have appropriate contractual arrangements with our third parties to ensure that adequate safeguards are in place so that the risks of unlawful use, alteration, deletion, loss or theft of your Personal Information is minimized, and that such third parties act at all times in compliance with applicable laws.
If you are a California resident using the Services, the California Consumer Privacy Act (“CCPA”) may give you the right to request access to and deletion of your information.
To exercise your right to access and delete your information, please contact us as set out below.
Users of the Services who are California residents and under the age of 18 may request and obtain removal of any content they have posted by emailing us at the address listed below. Any such request should include the words “California Removal Request” in your email. Any request must provide a description of the content you wish to remove and information reasonably sufficient to permit us to locate that content. We reject all California Removal Requests that are not marked or submitted correctly, and we may not be able to respond if you do not provide adequate information. Please note that your request does not guarantee a complete or complete removal of the affected content. For example, materials you have posted may be republished by another user or third party.
ARTICLE 6 - USE OF “COOKIES” FILES
A "cookie" is a small file (less than 4kB), stored by the site on the user's hard drive, containing information relating to the user's browsing habits.
When you visit or access our Services, we allow certain third parties to use web beacons, cookies, pixel tags, scripts, tags, and other analytics technologies and services (“Tracking Technologies”). These Tracking Technologies may allow third parties to automatically collect information about you in order to improve how you navigate our Services, improve the performance of our Services, and personalize your experience on our Services, as well as to security and fraud prevention purposes.
ARTICLE 7 - DATA PROTECTION DURING A PAYMENT ACTION
All direct payment gateways offered by our platform host and used by us follow the standards set by PCI-DSS, as managed by the PCI Security Standards Council, which is a joint effort of companies like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers, including physical, electronic, and procedural measures.
Regardless of the efforts made and measures taken by us and our hosting provider, we cannot and do not guarantee the absolute protection and security of any information that you upload, post or otherwise share with us or anyone else. Another.
We encourage you to set strong passwords and to avoid providing us or anyone else with sensitive information the disclosure of which you believe could cause you substantial or irreparable harm. Additionally, since email and instant messaging are not recognized as secure forms of communication, we ask and encourage you not to share sensitive information through these methods.
By email: email@example.com
By post: French Lab - 122 rue Amelot, 75011 Paris