Try the demo
Try the demo

Privacy Policy

Privacy and Personal Data Protection Policy

Preamble

Edissyum Consulting is committed to ensuring that the processing of personal data carried out on edissyum.com complies with the General Data Protection Regulation (GDPR) and the French Data Protection Act (Loi Informatique et Libertés). This data protection policy applies to data processing carried out via the website www.edissyum.com. It informs you about the purpose(s) of the processing, the legal basis for the processing, the recipients of the data and its retention period, the security measures (general description), the possible existence of data transfers outside the European Union or automated decision-making, the use and management of cookies, your data protection rights and how to exercise them.

Definitions

The Publisher : The individual or legal entity that publishes the online public communication services.
The Site : L’ensemble des sites, pages Internet et services en ligne proposés par l’Éditeur.
The User : The person using the Site and its services.

Who is responsible for the data processing carried out by this website?

The data controller for the website edissyum.com is Edissyum Consulting. For more information, please see the legal notice.

Does this site collect personal data?

According to Article 4.1 of the GDPR, personal data is any information that allows you to be identified either directly or indirectly. The data collected is adequate, relevant, necessary, and limited to the strict minimum.

This site collects personal data through its various forms :

  • Contact form
  • Application form
  • Newsletter subscription form
  • Become a partner form

This includes identification data (surname, first name), contact information (email address), and sometimes professional data (company). Mandatory fields are indicated by an asterisk (*), signifying the required nature of the information. These mandatory fields are essential to fulfill the purpose of the processing.

Requests to exercise one or more rights also require the collection of identification data (surname, first name, identity documents) and contact information (email address or postal address).

Browsing our website involves the use of cookies. You can find all the information related to the processing of your personal data via cookies in our cookie policy.

The personal data collected by this website is freely provided to Edissyum Consulting by the individuals concerned, who consent to the processing and acknowledge the information notice displayed below the various forms.

What are the purposes of data collection?

The processing of personal data collected through the various contact forms on this website serves the following purposes:

The processing of personal data collected through the contact form serves the following purposes :

  • Reply to your message and your questions

The processing of personal data collected through the “become a partner” form pursues the following purposes:

  • Answering your questions and offering you customized partnership solutions

The processing of personal data collected through the application form pursues the following purposes:

  • Review your application
  • We might suggest meeting you

The processing of personal data collected through the newsletter subscription form serves the following purposes:

  • We will regularly send you news about the company and the digitization sector.
  • We offer GDPR compliance solutions

The processing of personal data collected via the email address dpo@edissyum.com pursues the following purposes :

  • To receive and process your requests relating to your rights under the GDPR and the French Data Protection Act.

What is the legal basis for the data processing carried out by this site?

The processing of your personal data by Edissyum consulting is based on :

  • Either on your consent for all cases where you yourself provide your personal data. Your consent can of course be withdrawn at any time.
  • Either on compliance with a legal obligation, particularly regarding the exercise of your rights under the GDPR and the French Data Protection Act.
  • Either on its legitimate interest in protecting its documents and information.

Who are the recipients of the data processed by this site?

Your personal data is primarily intended for Edissyum Consulting, the website publisher and data controller. It is processed by staff in the various departments involved in handling your requests, such as the sales department. It is processed solely for the purposes stated above. It is never shared with third parties for commercial purposes.

Is personal data transferred outside the European Union?

The personal data collected by this website is not transferred to entities located outside the European Union. In the event of a contractual transfer of personal data, Edissyum Consulting ensures that the recipients are based in the European Union. Edissyum Consulting also verifies the GDPR compliance of all data recipients.

How is the personal data processed by this site secured?

Edissyum Consulting is committed to protecting the personal data processed on this website, in accordance with best practices. The following are the main security measures implemented to protect your personal data:

  • All pages of the Edissyum consulting website are under the https protocol.
  • The erasure of Personal Data is carried out at the request of the person concerned or at the expiry of the legal retention period;
  • An internal password management policy has been implemented in accordance with the guidelines of the National Cybersecurity Agency of France (ANSSI);
  • A separation of data from different clients is implemented directly within the sales management tool;
  • Physical access to the premises of the company Edissyum consulting has been controlled and the implementation of a 3 “I” rule (anti-Intrusion, anti-Fire, anti-Flood) as well as the installation of an NF A2P certified alarm gives them optimal protection;
  • The data is stored on a 100% French data server that meets the highest technical security standards. Server redundancy is implemented (multiple clusters).

How long is the personal data processed by this site kept for?

The personal data collected is stored in a computerized business management file by Edissyum Consulting and is kept for 3 years from your last contact or for the entire duration of the business relationship. Supporting documents collected in connection with the exercise of your rights are kept for the time required to process your request (a maximum of 1 month, in accordance with CNIL regulations).

Does this site use cookies?

When you visit this website, cookies are placed on your computer, tablet, or smartphone. Edissyum Consulting may, in particular through the use of cookies, make the content or information on its website more relevant and adapt it to your personal needs. Under no circumstances can Edissyum Consulting identify a user through a cookie. In practice, we use cookies to track anonymized audience measurements. The cookies used by Edissyum Consulting on this website are therefore functional, technical, and audience measurement cookies.

You can accept or refuse cookies via the cookie information banner or manage your cookie settings using the “Cookie Settings” banner at the bottom of the page. For more information about cookies, please see our cookie policy and visit the CNIL website.

What are the rights of individuals whose data is processed by this website?

You can visit our website without disclosing your identity or providing any personal information. However, you can request that we contact you using a specific form. We collect the personal data you provide through the contact form, as well as in the emails you send us.

In accordance with the General Data Protection Regulation (GDPR) which came into force on May 25, 2018, and by Law No. 2018-493 of June 20, 2018 relating to the protection of personal data, known as LIL3, and Order No. 2018-1125 of December 12, 2018 issued pursuant to Article 32 of Law No. 2018-493 of June 20, 2018 relating to the protection of personal data and amending Law No. 78-17 of January 6, 1978 relating to information technology, data files and civil liberties, you have the following rights:

  • access to your personal data and information concerning them;
  • rectification, deletion and portability of your personal data;
  • of limiting and objecting to the processing of your personal data;
  • withdrawing your consent.

You also have (where applicable) the right to make general or specific instructions regarding the retention, erasure and communication of your personal data after your death or right to be forgotten.

How can I exercise my rights under the GDPR and the French Data Protection Act?

Your requests can be formulated in different ways:

  • By email by writing to dpo@edissyum.com
  • In person by presenting yourself at the Edissyum consulting reception (postal address at the bottom of the page);
  • By mail, writing to Edissyum consulting
  • Through an agent who will use one of the above channels to make the request.

Please submit each request using one of the methods above, attaching a copy of your identification and specifying your location.

For a request for access rights :

Please specify in your request which data or processing operations it concerns.

Your data will be sent to you electronically or by registered mail with return receipt requested.

Edissyum Consulting may charge a reasonable fee based on administrative costs for any additional copies requested (Article 15.3 of the GDPR).

In the case of manifestly unfounded or excessive requests, Edissyum Consulting may charge a reasonable fee that takes into account the administrative costs incurred in providing the information or refuse to comply with such requests (Article 12.5 of the GDPR).

To request a right of rectification :

If you believe that information concerning you is incorrect and should be rectified, please specify the inaccurate or incomplete data concerning you, and provide all information enabling it to be corrected or completed (Article 15 of the GDPR).

To request the right to erasure :

Please specify precisely which personal data you wish to have erased and the reasons for your request (Article 17 of the GDPR).

Please note: this right is not absolute. Edissyum Consulting may be required to retain information about you, particularly for managing the business relationship (invoice processing, dispute resolution) and for documenting and providing evidence related to the exercise of your rights.

For a request to limit processing :

Please specify precisely which of your personal data you wish to have processed restricted, and the reasons for your request.

Please note: this right is not absolute; Edissyum Consulting may decide to continue processing your data (Article 18.3 of the GDPR). If implemented, the restriction may result in the suspension of services provided by Edissyum Consulting (access to work and deliverables, receipt of information, etc.). These consequences will be described in the letter acknowledging receipt of your request to restrict processing.

To request a right of objection :

Please specify precisely which processing of your personal data you wish to object to, and the reasons for your request.

Note: This right is not absolute. Please specify precisely which processing you object to regarding the management of your personal data, and the reasons for your request (Article 21 of the GDPR).

To request the right to data portability :

Each user may request data portability at any time to retrieve the personal data that Edissyum Consulting has collected about them for processing based on consent and on a contractual basis.

If you wish the data to be transmitted to another data controller in a standard format, please specify this and provide the contact details of that other data controller.

How to contact the DPO ?

You can contact the DPO of Edissyum consulting:

 

  • par mail à l’adresse suivante : dpo@edissyum.com
  • by mail, by sending your letter to the address mentioned at the bottom of the page