PRIVACY INFORMATION NOTICE ACCORDING TO ART. 13 (EU) REGULATION 2016/679
In compliance with art. 13 of Regulation (EU) 2016/679 (hereinafter “Regulation” or “GDPR”) and Section 89 (3) of Act No. 127/2005 Coll., on electronic communications, this information notice describes the means and purposes of processing of personal data of users who navigate in this website (hereinafter “Website”).
The information here provided do not concern other websites, pages or online services which could be accessed through links on this website.
The Controller of personal data is Women Management SARL, with its registered offices located in 3, Rue Meyerbeer – 75009 Paris (hereinafter referred to as the “Company” o “Data Controller”).
TYPOLOGY OF DATA PROCESSED AND PURPOSES OF PROCESSING
IT systems and the software installed for the functioning of this Website collect, in the course of their normal use, some personal data which transmission is implicit in the usage of internet communication protocols.
In this category of data are comprised the IP addresses, domain name system, Uniform Resource Identifier/Locator of the requested resources, the hour of the request, the method used to submit the request to the server, the size of file obtained as reply, the numbering code which indicates the status of the reply given by the server (success, error, ect.) and other information relating to the operating system and the IT environment of the user.
Such data are processed to ensure the navigation on the Website and the usage of services possibly provided through the Website.
The same data is processed also in view to obtaining statistical information regarding the usage of the services (most visited pages, number of visitors for time slot or day slot, geographical area of the request ect.) and enhance the use of the services.
Data provided by the user
The optional and voluntary sending of messages to the contact addresses of the Company and the filling of forms and their subsequent submission entail the processing of contact data of the sender and all data contained in the message, which are essential in order for the Controller to reply.
Cookies and other tracking systems
LEGAL BASIS OF THE PROCESSING
Navigation data collected through the Website is processed by the Controller according to art. 6 paragraph 1 letter b) of the Regulation EU 2016/679, to enable the navigation on the Website and according to art. 6 paragraph 6, letter f) on the basis of the legitimate interest of the Controller to obtain statistical information regarding the use of the Website (most visited pages, number of visitors for time slot or day slot, geographical area of the request ect.) and enhance user experience. Data provided on a voluntary basis by sending messages to the contact addresses of the company will be processed by the Company according to art. 6 paragraph 1, letter b) of the Regulation UE 2016/679 to reply to the request of the user.
RECIPIENTS OR CATEGORIES OF RECIPIENTS OF PERSONAL DATA
Personal Data will be processed by the individuals expressly authorized by the Controller, who pertain to the business units such as IT, Marketing and any other company unit which acts on the basis of the Controller’s instructions regarding purposes and means of processing.
Finally, if necessary for the mentioned purposes, personal data could be communicated to and/or shared with third parties such as providers of goods and services, including ICT services, hosting providers, IT companies and commercial partners (on the legal basis of our legitimate interest in carrying out our business activities), as well as public authorities (being the compliance with the law the legal basis for this communication).
TRANSFER OF PERSONAL DATA TOWARDS THIRD COUNTRIES OR INTERNATIONAL ORGANISATIONS
The Controller does not intend to transfer personal data towards international organizations and/or countries not members of the European Union where an adequate level of protection is not ensured, according to the European laws; if a transfer is made, it shall be made for the implementation of pre-contractual measures taken at your request, or as long as the transfer is necessary to ascertain, exercise or defend a right before judiciary authorities or if you have explicitly provided your consent to the transfer.
In case of possible further transfers of your personal data, the Controller will carry out such transfers only:
towards Third Countries, one or more specific sectors within a Third Country (as in the case of the EU-US Privacy Shield) or international organizations for which the European Commission deems that an adequate level of protection of Personal Data is in place; or
if the recipient of the data obtained an appropriate certification or adhered to a specific code of conduct ensuring that the processing of Personal Data is carried out with safeguards which are appropriate and equal to those provided under EU law; or
if the Company implemented appropriate safeguards to protect your Personal Data, by concluding contracts including the so-called Model Clauses, as prepared by the European Commission or prepared by the national Data Protection Authority and approved by the European Commission.
Further information about the safeguards adopted by the Company for such transfers, and a copy of such safeguards are available at email@example.com.
DATA RETENTION PERIOD
The Controller will process personal data collected to allow navigation on the website until the end of the connection session, and for the time necessary to comply with the legal obligation and/or to defend or exercise a right in court. Personal data provided on a voluntary basis by the user through sending messages to the contract addresses of the company shall be retained by the Controller for the time strictly necessary to reply to such messages and for the additional time to comply with legal obligations and/or to defend a right in court.
NATURE OF THE COMMUNICATION OF PERSONAL DATA AND CONSEQUENCES OF THE FAILURE TO COMMUNICATE DATA
RIGHTS OF THE USERS
The Controller makes sure that the user can exercise at any time his rights provided by the Regulation (UE) 2016/679 by writing to the address firstname.lastname@example.org.
More in detail, the user has the right, at any time, to:
Know if the Controller stores/processes personal data relating to him, and if so have access to them and obtain a copy of such data (right of access, article 15 of GDPR);
Obtain the rectification of data, if they are incorrect, or supplement them (right of rectification, article 16 of GDPR);
Obtain the erasure of such data under the conditions set forth by the GDPR (right of erasure, article 17 of the GDPR);
Request to the Controller to restrict the processing only to certain categories of personal data, if any of the conditions set forth by the GDPR is met (right of restriction of the processing, article 18 of the GDPR);
Request and receive personal data concerning him in a structured format, or to have such data transmitted to another controller (right to data portability, article 20 of the GDPR);
Object at any time to the processing of personal data (right to object, article 21 of the GDPR).
Notwithstanding any other administrative and judicial right of action, after having contacted the Controller, the user has the right to lodge a complaint to the competent administrative authority if (s)he considers that the processing of personal data regarding him/her is in contrast with the provisions of the Regulation (UE) 2016/679 as provided by art. 16 letter f. The French Data Protection Authority is CNIL (Commission Nationale de l’Informatique et des Libertés), which can be contacted at 3 Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07 - or through the website www.cnil.fr.
Last revised: May 25, 2018