It looks like you're in France. Would you like to update your location?

Select your position

By selecting a region you will also change the language of the website

Popular Searches

    Privacy Policy

    Introduction

    Respect for private life is one of the essential values of WhenToCop?. WhenToCop? complies with strong commitments to protect user data from its software solutions in accordance with the French and European regulations (RGPD 2016, LIL 2004 and CNIL 1978). These data are confidential and may only be accessed by authorized persons.

    This Privacy Policy is intended to provide WhenToCop? with respect to the protection of personal data? is committed to respecting the quality of the processor and/or subcontractor.

    I - Responsibility for data processing

    As part of the software solutions licensed by WhenToCop?, (hereinafter referred to as "Services" or "Solutions"), WhenToCop? as processing manager, is likely to collect and process personal data about any User.

    This policy is intended to inform any User of the solutions developed by WhenToCop? regarding the collection, use and sharing of information that each User of the software solutions is responsible for communicating to WhenToCop?.

    All this information collected:

    • will be obtained and processed loyally and lawfully
    • will be registered for the finalities hereafter and
    • access to WhenToCop? platforms and packages?
    • linking users of WhenToCop? platforms and packages?
    • received information emails from WhenToCop?
    • will not be further processed in a manner incompatible with these finals
    • will be supported, relevant and not excessive compared to these finalizations, that is, limited to what is necessary for the finalities for which they are processed
    • will be necessary held
    • will be subject to security and confidentiality safeguards to ensure that data can be damaged, modified, destroyed or communicated to unauthorized third parties
    • will be processed in a manner appropriate to a security guarantee, including protection against unauthorized or unlawful treatment and accidental loss, destruction or loss, using appropriate technical or organizational measures that are appropriate for risk
    • will be retained for a duration not exceeding that required for the purposes for which they are treated

    II- Responsibility as a subcontractor

    When WhenToCop? acts as a subcontractor, it warrants that:

    • the final processing results are written in the signed contract between WhenToCop? and his customer
    • the processing of personal data made available by his customer is done only for the purposes determined and on his instructions under the conditions limited by the contract linking WhenToCop? and its customer
    • the deletion of personal data is undertaken at the end of the contract and only under the terms of the contract, subject to regulatory application requirements requiring

    III - Data collected

    The data collected in this way will be processed on a computer basis at the implementation of the service on the platforms, WhenToCop applications and software solutions? as well as personalization of communication by electronic letters/letters of information as well as customization of the platform and software solutions according to the user's preferences.

    WhenToCop? collecting and processing personal information about the customer, the User as well as the third-party contacts provided by the Customer or the User necessary to use the platforms and software by the Customer and its Users dedicated.

    3.1. Les informations reçus de la part des clients et/ou utilisateurs eux-mêmes

    When creating a personal space and/or when connecting to the platforms, applications and software edited by WhenToCop? Any User is required to communicate certain personal information, necessary for the use of the Services; such as:

    • Un prénom
    • Un nom
    • Une adresse mail

    In the absence of any communication of these data, it acknowledges that it will not be able to use the Services.

    The Customer and/or the User is responsible for the confidentiality of his password and any other means of accessing his account to access the Services provided by WhenToCop?. They are committed to keeping their password secret and do not share it with anyone.

    When the Customer and/or User contacts customer service, WhenToCop? collects the information provided in connection with this exchange.

    3.2. Les autres informations

    Data from use of the service: all data related to the whole activity on the Solutions. This includes, all actions performed via platforms and software, connections, login hours and all interactions with other users.

    Client and/or User Peripherals Data: models and version of the operating system for improvements in Solutions.

    IV - Finalized processing of personal data

    WhenToCop? collects, processes and uses the Customer and/or User Personal Data for the purpose of:

    • allow them to use the Services they have subscribed to and receive
    • Services by email, SMS, Postal mail
    • to improve Services (data analysis, search and development, Detection of fraudulent behavior)
    • to promote services developed by WhenToCop? or by its business partners (advertised – affiliations)

    This processing of Personal Data is necessary for the execution of a contract to which the Customer is a party.

    4.1 When WhenToCop? acts as a processing manager:

    For its internal needs, WhenToCop? collection of personal data for purposes including:

    • manage customer and lead contacts (sending marketing information, product information, training or current company information, meet customer or prospective needs…)
    • management of commercial contracts (quote management, billing,…collection )
    • staff management at WhenToCop? recruitment and careers (review and contact…candidates)
    • realisation and management of services subscribed by its customers (possibility of recording calls made to…support)

    According to these different finalities, WhenToCop? ensures that any of the following conditions are met:

    • the consent of the natural person has been collected for one or more specific purposes
    • the processing is necessary in the execution of a contract to which a natural person is party or in the execution of pre-contractual measures taken at the request of the natural person
    • the processing is necessary in order to comply with a legal obligation on which WhenToCop? is submitted
    • the processing is necessary in order to save the vital integers of a natural person
    • the processing is necessary for the purposes of the legal integers pursued by WhenToCop? unless inheritances or freedoms and fundamental rights of the natural person constitute

    4.2 When WhenToCop? acts as a subcontractor:

    WhenToCop? may be amended to access and process the personal data entrusted by its customers in the context of the realization of the offers and services subscribed. This access and processing are framed by a contract containing specific data protection clauses signed between WhenToCop? and its customer. WhenToCop? thus processes personal data only on behalf of the customer and on the documented instructions of the customer in accordance with the provisions of the said contract, in particular with regard to management modalities, hard data conservation, procedures for the implementation of purge and data destruction sites.

    V - Access to collected information - Transmission of data

    The data collected will be used by WhenToCop? in compliance with the strict application of this policy. Access to the personal data collected is strictly limited to persons in charge of the processing of the information. WhenToCop subcontractors and service providers? are subject to a confidentiality obligation and may only use the data in accordance with the contractual provisions and applicable regulations.

    The Users' Personal Data may therefore be transmitted to the following third parties:

    Users:Other Users of WhenToCop Platforms and Packages? may have access to the Personal Data published by the User and/or the Customer when the User has expressed his/her wish.

    Service Providers: WhenToCop? Can the Customer/User Personal Data be forwarded to third parties who provide certain services on behalf of WhenToCop? such as external providers, including hosting and data maintenance, analyses, customer support, payment processing and security adjustments. All WhenToCop service providers and partners must comply with strict confidentiality requirements. WhenToCop? ensures compliance with these requirements, including through contracts, to ensure that the Personal Data is not processed for purposes other than those exposed to the presentation, including for advertising purposes.

    Activity Transfer: Customer / User Personal Data can also be transmitted to third parties as part of a transfer of WhenToCop activities? to a third party company (merger, transfer, dissolution, etc. . In such a hypothetic, the customer will be predominantly informed in writing of such transmission of his/her Personal Data and will be able to object to such transmission.

    When required by the regulation:WhenToCop? may be required to disclose Customer and/or User data if reasonably necessary: (i) to comply with an equal process, such as an order from the court, a subpoena or search warrant, a government or judicial queen or other legal requirement; (ii) to provide assistance in the prevention or detection of an illegitimate activity (submitted, in each case, to the current regulation); or (iii) to protect the security of any person.

    VI - Cross-border personal data transfers

    WhenToCop? does not transfer data outside the EU. But in the case of transmission of Personal Data referred to in Chapter IV above, this could sometimes involve cross-border data transfers, for example to the United States of America and other countries. The Customer is informed and agrees that, in this case, in accordance with the data protection legislation, WhenToCop? is prohibited from transmitting Personal Data, without putting in place the tools for framing these transfers under section 46 of the GDPR, out:

    • of the European Union
    • of the European Economic Area
    • of the countries recognized as having a level of security

    The Customer is also informed and agrees that, in this case, WhenToCop? shall use standard contractual clauses approved by the European Commission or other appropriate safeguard clauses to frame such transfers and protect the confidentiality and security of the data of the Customer and the Users concerned.

    VII – Security and notification of data breaches

    WhenToCop? implements appropriate technical and organizational measures to ensure a level of security adapted to the risks.

    WhenToCop employees are subject to a computer charter annexed to the integrated system to ensure a suitable level of security.

    Pursuant to sections 33 and 34 of the GDPR, any data violations will be notified:

    • when WhenToCop? acts as a processing manager, with the French control authority (CNIL) and, if necessary, to natural persons impacted by said violation
    • when WhenToCop? acts as a subcontractor, to its customers impacted by such breach under the terms of the contract between WhenToCop? and its customers

    VIII – Personal data hard

    Personal Data is kept for a hard time that does not exceed the hardness necessary for the finalities for which it is collected and processed.

    Personal data will be retained throughout the duration of the subscription to the Services from the creation of the personal space. Login data will be kept on the same hard basis from the connection on WhenToCop's platforms and software.

    Regarding customer data and/or . or users relating to contracts, mandates, protocols, conventions or any other document constituting or associated with them (annexes, Letters of intent, quote, precontractual exchanges …) or customer lead data, WhenToCop? undertakes to process and retain them for the limited period(s) agreed upon contractually with each of its clients.

    Deleting these personal data will be performed through the implementation of mass purge or purge sites on demand from WhenToCop initiative? or of the customer himself according to the methods and planning agreed upon by mutual agreement, at the end of this period unless so:

    • l’Utilisateur exerce préalablement son droit de suppression de ses données, dans les conditions décrites ci-après
    • l’Utilisateur souhaite prolonger la période de conservation
    • une durée de conservation plus longue est autorisée ou imposée en vertu d’une disposition légale ou réglementaire

    IX – Rights of Individuals Relating to Personal Data

    Under the terms of Articles 15 and 22 of the GDPR, any User may exercise the rights listed herein upon written request, impediment accompanied by a proof of identity being validated with the signature of the holder, sent by postal mail to WhenToCop? 26 Exelmans courses, 78150 Le Chesnay-Rocquencourt, France or freely by accessing your account on WhenToCop? or by e-mail at hello@whentocop. r. Any request must be clear, precise and justified. In any case, WhenToCop? recommends to come closer to the CNIL to learn more about the relative protection of personal data, the rights of natural persons and the possibility to introduce a complaint to this authority: https://www. nil.en/

    8.1. Access right

    Any User may request a copy of his/her personal data (“right of access”). It may also request a copy of these data in a file that was sent to another person in charge of processing ("portability right"). Any User can download a backup file directly from their online account in the heading for this purpose even if your account is suspended.

    8.2. rights to erase and correct

    Any User may also request the deletion of his/her personal data ("right of deletion") as well as the correction of erroneous or obsolete personal data ("right of rectification").

    and the correction of incorrect or obsolete personal data ("right of rectification"). Any User can delete, modify and update most of his/her information directly via the WhenToCopy Services interface. Some information is essential for accessing and using WhenToCop’s Services. The User can delete it by deleting their account.

    8.3. Unsubscribe right

    Sub-Reserve of what is provided for in section 21 of the GDPR, Any User may also object to the processing of his/her Personal Data for direct marketing purposes. In this case, WhenToCop? may have registered at any time with WhenToCop? commercial prospecting lists.

    8.4. Right of objection and limitation

    Any User may withdraw his consent to the processing of his personal data at any time. Some consents may be withdrawn directly from the WhenToCopy Solutions user account.

    Any User may also request the limitation of the processing performed on his/her personal data ("right to the limit"). This right applies only if the User contests the accuracy of his personal data; or in the event of illegal processing; or if WhenToCop? no longer needs its personal data for processing purposes, but these are still necessary for finding, the exercise or defence of rights in court; or in the event of exercising his right of objection during the hard verification of whether the legal grounds pursued by WhenToCop are known? prevails over those of the User.

    8.5. Right of complaint

    Any User has the right to submit a complaint to the competent control authority such as the CNIL or to obtain redress from the competent courts if they achieve that WhenToCop? did not respect his rights.

    8.6. Right to portability

    Any User also has the right to the portability of his/her data, which is to say the right to receive the data as WhenToCop? has a structured format, commonly used and legible and the right to transmit these data to another processor.

    8.7. Right to forget

    Any User, a natural person, is also entitled to determine guidelines for the fate of his or her personal data after his or her death.

    8.8 Rights exercise when WhenToCop? acts as subcontractor

    In the case of WhenToCop? Receive a request from an individual concerned by the processing of his or her personal data in connection with the realization of the contract between WhenToCop? and its client, WhenToCop? will communicate this request as soon as possible to its customer and taking into account the nature of the treatment and in the conditions established in the contract, will assist its customer, through appropriate technical and organizational measures, to the fullest extent possible to fulfill its obligation to respond to these requests. The customer remains less responsible for the response to the concerned natural person.

    X – Security

    9.1 Security measures

    WhenToCop is doing its best in keeping with the art to secure the service of the Internet and mobile networks. Personal data are processed in a way that guarantees maximum security. For this purpose, WhenToCop? implements organizational measures to prevent internal leakage or data theft, appropriate technical measures and software updates and IT infrastructure to protect data against computer attacks and viruses, WhenToCop? also undertakes to implement the following security measures:

    • La pseudonymisation et le chiffrement des données à caractère personnel et sensibles
    • Les moyens permettant de garantir la confidentialité, l’intégrité, la disponibilité et la résilience constantes des systèmes et des services de traitement
    • Les moyens permettant de rétablir la disponibilité des données à caractère personnel et l’accès à celles-ci dans des délais appropriés en cas d’incident physique ou technique
    • Une procédure visant à tester, à analyser et à évaluer régulièrement l’efficacité des mesures techniques et organisationnelles pour assurer la sécurité du traitement

    WhenToCop? when acting as responsible for processing, assumes full responsibility for capturing sensitive data through the software and solutions they publish.

    WhenToCop also ensures that its subcontractors and service providers implement all security measures appropriate to the personal data they are processing. WhenToCop? is committed to analyzing and evaluating the effectiveness of these measurements.

    9.2 WhenToCop Cooperage with its customers and control authority

    Conform to section 28 of the GDPR and in compliance with its contractual commitments, WhenToCop? reasonably cooperates with clients to help them meet their obligations under sections 32 to 36 of the GDPR.

    In a general way, WhenToCop? undertakes to cook with the French control authority (CNIL) when necessary and reasonably to take into account its recommendations.

    XI - Cookie Management

    WhenToCop? uses cookies to improve user experience, customize content and analyze traffic. These cookies may include functional, audience and advertising cookies. Upon your first visit to our site, you will be asked to give your consent for optional cookies.

    Pour plus d’informations sur les types de cookies utilisés, leur finalité et la manière de gérer vos préférences, veuillez consulter notre Politique de Gestion des Cookies.

    XII - Actions implemented as part of GDPR compliance

    11.1 Privacy by design in

    When WhenToCop? plans to develop a new service or offer, WhenToCop? as a publisher, will introduce the privacy by design principles from the beginning of this project. that is, taking into account the design data and by default, in particular by forecasting a GDPR impact assessment upstream and by validating GDPR compliance of the developed elements; validation which WhenToCop DPO? is closely associated; and thus help WhenToCop clients? to comply with the requirements of the applicable regeneration by specific functionalities and means.

    11.2 Awareness and training of WhenToCop?

    WhenToCop was the company of all its collaborators? must undergo awareness and/or training in the field of data protection and monitoring of internal and external data protection processes .

    More generally, WhenToCop? strives to offer all its employees a regular awareness of the issues of personal data protection.

    More specific education or training can be carried out to employees who are involved in manipulating personal data in a way that is regulated.

    11.3 Exit data after services provided by WhenToCop?

    At the end of the services provided by WhenToCop, relating to the processing of user and/or client data, WhenToCop? as well as its possible subcontractors, are committed, in accordance with their agreements and to the choice of the Customer and WhenToCop? at:

    • destroy all personal data
    • to return all personal data to the Customer A processing manager
    • to return the personal data to the subcontractor was eventually designated by the Processing Manager

    The return must be accompanied by the destruction of all existing copies in the WhenToCop information systems and/or its subcontractors. Once destroyed, WhenToCop? and/or its subcontractors will have to justify in writing the destruction. In the case of databases or data cannot be destroyed, a specific registry will be used to allow the deletion of these data if a backup has to be restored. This register will contain the identifier and type of each data to be destroyed.

    11.4 Processing registers

    Pursuant to section 30 of the GDPR, WhenToCop? maintains several personal data processing logs:

    • a register describing the flows of traffic and data processing performed as processing manager
    • a register describing the processing performed on behalf and on the instructions of its customers responsible for processing
    • a register listing the subcontractors and describing the processing performed by them as well as the storage locations of data
    • a record of the incidents and/or leaks and/or violations of data

    These registers are made available to the CNIL on request.

    11.5 Personal Data Protection Governance

    In order to control the protection of personal data, WhenToCop has established a dedicated governance. A Data Protection Officer (DPO) was designated on 11/11/2020 and was declared at the CNIL. The DPO is responsible for carrying out a protective mission, with the objective of ensuring strict compliance with the GDPR, in accordance with the provisions of Articles 38 and 39 of the said revision. He has an equal obligation to provide advice and information to WhenToCop company? and its customers regarding the protection of personal data. Its presence will be systemic to carry out audits at the client’s request in order to be in constant conformity with the current regulation. It will be responsible for analysing the real or eventual risks and for proposing solutions in the event of failures in the European market. It is recalled that the DPO performs its functions independently in order not to be concerned by any conflict of integers. The main functions of WhenToCop's DPO? will not therefore fall within the framework of the definition of the objectives and procedures for the processing of personal data.

    WhenToCop's DPO is Key-Legrand and can be reached at any time at hello@whentocop.fr

    XIII - Data Protection Policy Change

    This document is likely to evolve, particularly when necessary to meet the requirements of the Personal Data Protection Regulation.

    Last updated on May 11, 2021