Data Protection Disclaimer
Last updated: November 2022
The Committee Linking Agriculture-Entrepreneurship-Development (COLEAD) attaches great importance to responsible and transparent management of personal data and is committed to protecting personal data and ensuring that organisational and technical security measures are in place.
General Privacy Policy
This General Privacy Policy is a corporate guideline for the data protection standards applicable within COLEAD and is designed to satisfy legal data protection requirements (GDPR). All personnel within COLEAD are bound by these regulations with reference to the use of personal data belonging to members, partner-beneficiaries, and suppliers/service providers.
By using the COLEAD websites/digital platforms or accessing services, you consent to the collection and processing of your personal data by COLEAD, as outlined in this privacy policy and the Legal Notice pertaining to use of the COLEAD website.
The following parts of this disclaimer are intended to give you an overview of what happens to your personal information when you visit our website. This Privacy Policy is applicable to visitors of the website as well as the subscribers to the newsletter mailing list.
This Privacy Policy describes how we process personal data concerning the visitors of the website.
This Privacy Policy may be updated if required in order to reflect the changes in data processing practices or otherwise.
Personal Data and Purposes of Data Processing
General
COLEAD processes personal data in accordance with the EU General Data Protection Regulation (GDPR) and the France Data Protection Act. Below we provide users with information as to :
§ Who they can contact at COLEAD on the subject of data protection
§ What data is processed when they visit the website
§ What data is processed when users contact us, subscribe to newsletters, or use other COLEAD online services
§ How they can opt out of the storage of data
§ What rights they have with respect to us
Personal Data
Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.
Personal data that has been de-identified, encrypted or pseudonymised but can be used to re-identify a person remains personal data and falls within the scope of the GDPR.
Personal data that has been rendered anonymous in such a way that the individual is not or no longer identifiable is no longer considered personal data. For data to be truly anonymised, the anonymisation must be irreversible.
The GDPR protects personal data regardless of the technology used for processing that data – it’s technology neutral and applies to both automated and manual processing, provided the data is organised in accordance with pre-defined criteria (for example alphabetical order). It also doesn’t matter how the data is stored – in an IT system, through video surveillance, or on paper; in all cases, personal data is subject to the protection requirements set out in the GDPR.
COLEAD does not require personal data to obtain access to any part of the website that is open to the public.
Regardless of your purpose, we recommend that you do not disclose sensitive personal data (such as, for instance, ethnic origin, religion, trade union membership, sexual orientation, health, genetic or biometric data, etc.) to us.
COLEAD may receive personal data about you from other data controllers for the purpose of providing or assisting with services or requests to or from you as the end beneficiary of a particular service.
Upon your request, COLEAD can at all times provide you with the identity of these parties.
Data collection and processing on the website
Data collection
Some data are collected when you provide it to us (for instance, for the registration to the newsletter mailing list). Other data are collected automatically by our IT systems when you visit the website. This data is primarily technical data such as the browser and operating system you are using or when you accessed the page.
These data is collected automatically as soon as you use our website. COLEAD itself processes only the data that is technically required in order to display the website correctly and to ensure its stability and security. Each time the website is accessed, the data stored includes, but is not limited to, the page that is viewed, the IP address of the accessing device, the page from which the user was redirected, as well as the date and time of access. The temporary data in the log file is deleted after seven days.
Each time the website is accessed, the data stored includes, but is not limited to, the page that is viewed, the IP address of the accessing device, the page from which the user was redirected, as well as the date and time of access. A detailed list of the data stored is shown here.
We process your personal data to send you public newsletters from the association and to engage into bilateral exchanges on areas of interest for you. When visiting our website, statistical analyses may be made of your surfing behavior. This happens primarily using analytics. The analysis of your surfing behavior is anonymous.
Data processing
COLEAD only processes personal data to the extent that is necessary to fulfil a precise purpose related to our tasks as an organisation. Which data is required and processed for which purpose and on what basis is largely determined by the type of service you use or the purpose for which the data is required.
The processing of personal data carried out with these features are described in the relevant entries of the COLEAD’s data protection records and central register. We do not keep your personal information for longer than necessary for the purposes for which we collected it. However, we may keep your information for a longer period for historical, statistical, or scientific purposes with the appropriate safeguards in place.
When you visit the COLEAD website, small text files known as cookies are stored on your computer. They are used to make the online presence more user-friendly and effective overall. Cookies cannot run programs or infect your computer with viruses. The COLEAD website uses cookies that are automatically deleted as soon as the browser on which the page is displayed is closed (referred to as temporary cookies or session cookies). This type of cookie makes it possible to assign various requests from a browser to a session and to recognise the browser when the website is visited again (session ID).
The IT services of DigitalOcean data centre, where the COLEAD’s website and other digital platforms are hosted, may process website - connection data for information security purposes, including the IP address of the web client and the requested web resource.
The security of our website and of the data collected is protected by adequate technical and organisational measures. We protect data in transit between your device and our website by using the SSL secure protocol, which ensures the confidentiality and integrity of your personal data.
To analyse usage data collected on its training platform, COLEAD uses Moodle Learning Analytics service operated by Moodle.
Data collection and processing on the social media
On its website, COLEAD invites users to visit its company presence on social networking sites and platforms including, but not limited to Twitter, LinkedIn, YouTube, and Facebook.
These online presences are operated in order to interact with the users that are active on these sites and platforms and to inform them about projects/programmes and activities. By clicking on a social network’s logo, the user is redirected to the COLEAD presence on the respective network.
When users visit the platforms, personal data is collected, used, and stored by the operators of the respective social network, but not by COLEAD. This is also the case even if the users themselves do not have an account with the respective social network.
The individual data processing operations and their scope differ depending on the operator of the respective social network. COLEAD has no influence on the collection of data or its further use by the social network operators. We are not fully aware of the extent to which, where and for how long the data is stored; to what extent the networks comply with existing obligations regarding erasure; what analyses are conducted and links established with the data; and to whom the data is disclosed.
Access to COLEAD social media sites is subject to the terms of use and privacy policies of the respective operators. For more information:
§ The privacy policy for the social network LinkedIn, operated by LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA, can be found here.
§ The privacy policy for the social network Twitter, operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, can be found here.
§ The privacy policy for the social network YouTube, operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, can be found here.
§ The privacy policy for the social network Facebook, operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, can be found here.
Data collection and processing while contacting us
The website includes multiple digital contact forms (e.g., subscription to the newsletter, application for support to our different programmes, joining the association as a member, job opening application form, other contact forms, etc.). When users contact us, the data provided is processed depending on the way in which information is provided and always with the intent to be able to respond to the underlying type of inquiry. In addition to the multiple digital contact forms, the following contact options are available: (i) e-mail, (ii) phone and (iii) letter. Please refer to the section “Contact us” in our website for further information.
Duration and record keeping
User data will not be kept any longer than is necessary for the purpose for which it is processed or as required by law.
Data controller and data protection officer
DigitalOcean is the controller of the data processing described in this privacy policy.
Amsterdam, Netherlands
contact@datacenterlocations.com
Data processing is the responsibility of COLEAD.
3, Avenue du Viaduc
Bât B3A - CP 90761
94550 Chevilly Larue - France
Please contact COLEAD’s data protection officer if you have questions specifically about how your data are protected: dpo@colead.link
To enable the processing of your personal data, we allow our employees, associates and agents access to said personal data. We guarantee a similar level of protection by imposing contractual obligations upon these employees, associates and agents that resemble those described in the data protection notice.
Disclosure of Data to Third Parties
In general, COLEAD does not share information with any third parties except for contracted service providers and advisors. In some circumstances it may, however, be necessary for COLEAD to transfer or share data with particular third parties.
Such circumstances may include transfers necessary for COLEAD under the terms of an injunction or in order to fulfil a specific legal obligation, a partial or comprehensive reorganization of our organisation, to protect the rights, property, and safety of COLEAD or others, if it is necessary and proportionate for lawful and specific purposes.
In such an event, we shall do all we can to provide you with advance notice of this transfer to third parties. You will however recognize and understand that in certain circumstances, this is not technically and commercially feasible, and that legal restrictions may also apply.
In addition, transfer or share data with other third parties is always possible with the prior consent from the underlying individuals.
We shall not under any circumstances sell your personal data and nor shall we make them available to direct marketing companies or to the providers of similar services.
Your Rights as an Individual
In compliance with, and according to, the conditions laid down by French legislation on data protection and the provisions of the general data protection regulations, we hereby inform you that you have the following rights:
§ Right to access: you have the right to examine, free of charge, the data that we hold regarding yourself and to verify the purposes for which they are being used.
§ Right to rectify: you have the right to obtain rectification (correction) of inaccurate personal data concerning you, as well as the right to add to incomplete personal data.
§ Right to be forgotten or to limitation of data: you have the right to ask us to delete the personal data concerning you and to restrict the processing of these data under the circumstances and conditions stipulated in the general data protection regulations. We may refuse to delete or restrict data that we require for the processing of salaries, the fulfilment of a legal obligation, the execution of an employment contract, or the furthering of our legitimate interests, provided these data are required in order to achieve the objectives for which they were collected.
§ Right to data portability: you have the right to obtain the personal data concerning you and provided by you, in a format that is structured, widely used and machine-readable. You have the right to transfer these data to another process controller.
§ Right to object: you have the right to object on serious and legitimate grounds to the processing of your personal data. You cannot however object to the processing of data that we require for the fulfilment of a legal obligation, the execution of an employment contract, or the furthering of our legitimate interests, provided these data are required in order to achieve the objectives for which they were collected.
§ Right to withdraw consent : while the processing of personal data is based upon prior consent, you have the right to withdraw this consent. In such an event, these personal data will only be processed if we have another legal basis for this.
§ Automated decisions and profiling: we confirm that the processing of personal data does not include profiling, and that you will not be subject to fully automated decisions.
Users also have the right in accordance with Article 77 GDPR to lodge a complaint with the competent data protection supervisory authority.
The data protection competent authority is the
Commission Nationale de l'Informatique et des Libertés
3 Place de Fontenoy – TSA 80715
75334 Paris Cedex
France
Phone: +33 (0)1 53 73 22 22
Website: https://www.cnil.fr
Any consent that you may have provided during the process may be withdrawn at any time: simply contact us using the contact details provided below.
Technical and organisational measures
We implement various technical and organisational measures in order to process the data with an adequate level of security and to protect the personal data against destruction, loss, falsification, unauthorised access and inadvertent notifications to third parties, and against any unauthorized processing. These measures are updated accordingly based on technical developments and adapted continuously in line with the risks. Under no circumstances may COLEAD be held liable for any direct or indirect loss caused by inadvertent or illicit use of the personal data by a third party.