It is pursuant to Law 78-17 of 6th January 1978, called the ‘Informatique et Libertés’ law (Data Protection and Privacy), and also in accordance with the European Regulation 2016/679 dated 27 April 2016 regarding the protection of individuals with respect to the processing of personal data and the free flow of such data. This is known as the “General Data Protection Regulation” or ‘GDPR‘.
Collecting personal data:
SASU Via-Satis collects certain personal data about its users in connection with their use of the website www.via-satis.solutions.
The data collected includes:
- First Name and Surname.
- Postal address.
- Email address.
- Telephone number.
- Comments.
- Bank details.
- Project information.
- Data that enables us to meet our obligations to combat fraud, money laundering and terrorist financing, as well as to manage your rights in any pre-litigation and litigation matter. In this context, we are required to collect documents proving your identity.
The different ways of collecting data are:
- Via the online forms filled out by users (i.e. the donation, contact, account creation, and comment forms),
- Via user account management.
The data is collected and processed in order to:
- Select projects.
- Keep track of proposed projects.
- Enable donors to make their choice by providing as much information as possible about each proposed project.
- Manage our contractual relationships with users (project owners and donors).
- Manage user accounts.
- Manage the administration of donations.
- Manage the website www.via-satis.solutions
- Manage comments.
- Make decisions to accept or reject a project or donation.
- Enable us to meet our obligations to combat fraud, money laundering and terrorist financing as well as to manage your rights in any pre-litigation and litigation matter.
- Maintain the relationship between SASU Via-Satis and the users of the site www.via-satis.solutions
This personal data is collected in accordance with the regulations in force in the European Union and is pursuant to Law 78-17 of 6th January 1978, called the ‘Informatique et Libertés’ law (Data Protection and Privacy). This is also in accordance with the European Regulation 2016 /679 dated 27 April 2016 relating to the protection of individuals with respect to the processing of personal data and the free movement of such data. This is known as the “General Data Protection Regulation” or “GDPR”.
The collection of personal data is based on the legal bases referred to in Article 6 of the General Data Protection Regulation, namely:
- The data subject has consented to the processing of his/her personal data for one or more specific purposes;
- Processing is necessary for the performance of a contract in which the data subject is one of the parties involved, or In order to implement pre-contractual measures adopted at the data subject’s request;
- Processing is necessary in order to comply with the data controller’s legal obligations.
Mandatory data:
Some data must be collected in order to benefit from the services offered by SASU Via-Satis on its website www.via-satis.solutions. For each form on the website www.via-satis.solutions, the user is informed that it is compulsory to answer all questions.
Failure to answer a compulsory question, will mean the user will not be able to access certain services offered on the website www.via-satis.solutions, such as creating a user account, proposing a project, contributing to the realisation of a project, contacting us via our contact form, and posting a comment.
Recipients or categories of recipients of the personal data collected:
SASU Via-Satis may be required to disclose personal data to its subcontractors, suppliers, employees, as well as to the judicial and administrative authorities.
We may have to share data as follows:
- With our subcontractors (hosting companies, mailing systems, site security system, forms’ administrator, customer service and support tool). Our subcontractors are bound by security and confidentiality requirements, as well as other obligations listed in the ‘GDPR’.
- With the Project leader for the following type of donation:
- Time and skills,
- In kind and material.
- With our online payment service provider (Stripe) to effectively manage project financing, and enable them to meet their own due diligence and obligations in the fight against fraud, money laundering and terrorist financing;
- With public and government bodies, court officers, financial supervisors (auditors, chartered accountants), and organisations responsible for combatting fraud, money laundering and terrorist financing. This is exclusively in order to meet our legal obligations.
Subject to the above, we will never disclose your data to third parties, except with your express permission or in very specific circumstances, including:
- If we are required to by law, in the context of legal proceedings, or a dispute. Also in the case of a request from the public authorities, to disclose your data;
- If we believe that disclosure is necessary or appropriate for reasons of national security, law enforcement or public interest.
Transfers of personal data outside the European Union:
Some of the personal data collected by SASU Via-Satis is transferred outside the European Union to its subcontractors, employees or suppliers.
SASU Via-Satis, ensures that this data is transferred to states where the level of protection of personal data is recognised as adequate by the European Commission. If this is not the case, SASU Via-Satis provides the same level of security in the processing of personal data through the contractual terms its subcontractors, employees and suppliers are made to sign.
The retention period for personal data:
Personal data collected on www.via-satis.solutions is kept for a period of:
For users with a user account, data is kept for:
The length of time your account is open and 5 years after your account is closed.
Project management data :
This is kept for the length of time your account is open and for 5 years after your account is closed.
Data on the collection of donations:
This is kept for the length of time your account is open and for 5 years after your account is closed.
For users who have not created an account on the site, the data is retained for 5 years after your last donation.
Data regarding the management and transfer of donations:
This is kept for the length of time your account is open and for 5 years after your account is closed.
For users who have not created an account on the site, the data is retained for 5 years after your last donation.
Bank details:
These are kept for the length of time your account is open and for 5 years after your account is closed.
For users who have not created an account on the site, the details are retained for 5 years after your last donation.
Remarks:
These are kept for the length of time your account is open and for 3 months following your request to close your account.
Data relating to SASU Via-Satis’ anti-fraud, money laundering and terrorist financing obligations:
This is kept for the length of time your account is open and for 5 years after your account is closed.
The data is also kept for 10 years after the end of the contractual relationship.
Pre-litigation or litigation data :
In the event of pre-litigation, data is deleted as soon as the dispute is settled amicably or as soon as the statute of limitations applies to any legal action.
In the event of litigation, data is deleted when appeals against the ruling of the court are no longer possible.
Data regarding the Exercising of your Rights:
This is kept for 5 years from the date of request to exercise your rights.
Data relating to proof of identity provided by the user in exercising their rights to use the website www.via-satis.solutions:
The data on the proof of identity is kept for a period of 3 years after receipt by the SASU Via-Satis.
At the end of the various periods mentioned above, the data collected will be deleted or rendered anonymous.
The means used to protect personal data :
SASU Via-Satis relies on various technical and organisational measures to ensure the safety of the personal data collected and to avoid any loss or unauthorised processing.
The rights of the users of www.via-satis.solutions regarding their personal data :
Users of www.via-satis.solutions can at any time assert their right to object, question, access, correct and delete their personal data collected on the website www.via-satis.solutions.
The user can send us his/her request, subject to proof of identity, by email to: RGPD@via-satis.solutions or to the following postal address: Via-Satis – 1 rue Arthur Dubois 59750 FEIGNIES – FRANCE.
The user also has the right to lodge a complaint with the National Commission for Information Technology and Freedoms (CNIL), 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07. This is for any claim relating to the way SASU Via-Satis collects and processes its personal data.
The Data Protection Officer (DPO):
For any questions or requests regarding personal data, the user can contact the SASU Via-Satis’ Data Protection Officer by email at: RGPD@via-satis.solutions or by post to the following address: Via-Satis – 1 rue Arthur Dubois 59750 FEIGNIES – FRANCE.