Privacy Policy

As a reminder, all the employees of SAS IBF FRANCE are bound by a strict confidentiality clause, and we are very vigilant about computer security.
You will find below the elements of description of our data protection policy, specified in the context of compliance with the European Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data applicable since May 25, 2018 (hereinafter the "RGPD").
The RGPD raises awareness among all stakeholders in the European Union and beyond on a multitude of issues related to the management, use and retention of personal data.
This regulation concerns any organization that processes the data of people in the European Union (EU), regardless of its location, and is a response to the challenges posed by the increased commercialization of personal data.
Therefore, we kindly ask you to update your user password in order to comply with the new legal norms, namely: to integrate at least one capital letter, one number and one special character in a password which must contain at least eight characters.
The present privacy policy defines and informs you of the way SAS IBF FRANCE uses and protects the information that you transmit to us, if any, when you use the software accessible in hosted mode from a URL.

1

Personal data

Through our software (creation of accounts), contact forms, various documents and our exchanges by email, mail or telephone, SAS IBF FRANCE may collect personal data (name, first name, email address, telephone number, address, date of birth and function).
By providing this information, you expressly accept that it will be processed by SAS IBF FRANCE, for the purposes indicated in paragraph 6.
In accordance with the General Data Protection Regulation (GDPR) adopted by the European Parliament on April 14, 2016, and the French Data Protection Act of January 6, 1978 as amended, SAS IBF FRANCE informs you of the following.

2

Subcontracting activities

The company SAS IBF FRANCE calls upon, within the framework of the realization of its service, one or more of the subcontractors whose list is specified hereafter. The subcontractors are required to respect the obligations of the present Policy on behalf of and according to the instructions of the company SAS IBF FRANCE.

3

Security measure

In accordance with Article 32 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), the company SAS IBF FRANCE undertakes to implement the following security measures:
A secure hosting of the developments made by SAS IBF FRANCE
The deactivation by default of the accesses in Client / Server mode
The activation by default of the password management module which imposes a complexity, a minimum length
The traceability by default of all the actions and events carried out on the various developed products
Pseudonymization and encryption of personal data
Backup of databases
A procedure to regularly test, analyze and evaluate the effectiveness of technical and organizational measures to ensure the security of the application
This list can be completed according to the needs and the technical evolutions brought by the Company SAS IBF FRANCE and/or the Customer.

4

Notification of personal data breaches

The company SAS IBF FRANCE assists the Customer to enable him to make a notification of personal data breach to the CNIL and the person concerned.
To do this, in accordance with Article 33 2. of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), the company SAS IBF FRANCE notifies the Customer of any violation of personal data within a maximum period of 72 hours after becoming aware of it.

5

Identity of the data manager

The person in charge of the treatment is the company SAS IBF FRANCE, having its head office at 44 AV BERTHELOT 42152 L'HORME - France, reachable at the mail : ibf.commercial(at)ibf-france.com

6

Purpose of the processing

SAS IBF FRANCE may process your Personal Information:
SAS IBF FRANCE builds its software and services offer in compliance with the RGPD regulations regarding data protection. Your personal information allows us to process your requests, to provide our assistance, training and consulting services and to improve the quality of our services.
It is also used to get to know you better so that we can offer you software, content and services tailored to your needs.
For the purpose of providing you with the information or services you have requested (in particular: the sending of newsletters, commercial offers, or the evaluation of your level of satisfaction via a questionnaire); and/or
For the purpose of collecting information to improve our software and services; and/or
In order to contact you about different events related to SAS IBF FRANCE, including software updates and customer support.
Recipient
Your personal data are only intended for the processing of your requests by SAS IBF FRANCE and are not disclosed to external companies. SAS IBF FRANCE is committed to taking all necessary measures to ensure a sufficient level of security and confidentiality of the data processed.

7

Duration of storage

Your Personal Information is kept by SAS IBF FRANCE only for the time corresponding to the purpose of the collection as indicated in chapter 6.

8

Computer law and liberties

You have the following rights regarding your Personal Information, which you may exercise by writing to us at the postal address mentioned in paragraph 5.
Right of access and communication of data
In accordance with the legislation in force, we guarantee you the following rights:
• You have the right to be informed at any time if we process personal data about you.
• You have the right to access your personal data at any time.
• You have the right to request a copy of your personal data or its transfer to another controller.
However, because of the obligation of security and confidentiality in the treatment of personal data which is incumbent on SAS IBF FRANCE, you are informed that your request will be processed subject to you providing proof of your identity.
To help you in your approach, in particular if you wish to exercise your right of access by means of a written request to the postal address mentioned in paragraph 5, you will find by clicking on the following link a model letter drawn up by the Commission Nationale de l'Informatique et des Libertés (the "CNIL").
https://www.cnil.fr/fr/modele/courrier/exercer-son-droit-dacces

9

Right to rectify and oppose data

You may request the correction or deletion of your personal data and/or object to their collection and/or processing.
We draw your attention to the fact that the collection and processing of certain data is essential to allow access to our services and software. Therefore, the exercise of your right to object may result in the impossibility to benefit from these services. In any case, we will do our best to answer your request as soon as possible.
To help you in your approach, in particular if you wish to exercise your right of rectification by means of a written request to the postal address mentioned in point 5, you will find by clicking on the following link a model letter drawn up by the CNIL.
https://www.cnil.fr/fr/modele/courrier/rectifier-des-donnees-inexactes-obsoletes-ou-perimees
To help you in your approach, in particular if you wish to exercise your right of opposition by means of a written request addressed to the postal address indicated in point 5, you will find by clicking on the following link a model letter prepared by the CNIL.
https://www.cnil.fr/fr/modele/courrier/supprimer-des-informations-vous-concernant-dun-site-internet

10

Time to respond

SAS IBF FRANCE undertakes to reply to your request for access, rectification or opposition or any other additional request for information within a reasonable period of time which shall not exceed 1 month from the receipt of your request.