Updated: 05/07/2021
Access :
On this page you can find out about all the processing activities relating to your personal data. When, where, how and why we process your data as well as your rights.
Who is the data controller?
The data that you entrust to us is processed by:
IDILINK, a public limited company with €40,000 capital, registered on the Lille Métropole Trade and Companies Register under number 509 633 715 whose head office is located at Rue Sadi Carnot in Ronchin (59790)
This is what we refer to as the data controller.
Why do we collect your data?
Your personal data will be collected for different purposes depending on the case. These are referred to as processing purposes.
These different purposes may be pursued if they have a valid legal basis. This is what we refer to as the legal basis. The basis for processing your data may relate to:
a legal obligation: we must comply with our legal and regulatory obligations
a contract: To perform a contract signed with you or to provide pre-contractual information at your request
our specific needs: this is what we refer to as our legitimate interests
your choice: when we have requested your consent for a specific processing activity
The table below shows each purpose in detail.
When do we use your personal data on the kazaplan solution?
1/ We need to collect personal data to create your user account. This account will be used to access all our services defined in our general terms and conditions of use.
The processing activity is justified by the general terms and conditions of use to provide the service to you. This is what we refer to as the legal basis.
What are the personal data categories concerned for this purpose? Identification data, postal address and contact information.
Which people are authorised to receive the personal data saved due to their role?
They are what we refer to as the data recipients. The IDILINK internal departments in charge of the Kazaplan solution.
According to the partnership performed with the host site of the Kazaplan solution, the data collected in the Kazaplan solution is processed either exclusively by IDLINK or by IDILINK and the Kazaplan host site.
In the second case, the data saved when the user account is created are sent by IDILINK to the kazaplan host site.
We also use subcontractors for technical purposes such as hosting or for communication purposes. Their access is strictly supervised by IDILINK. They do not have the possibility to use your data for other purposes than performing their service.
For how long is this data stored? After 3 years without any activity on your part or 30 days after the termination of your user account.
You can enter additional data surrounding your project. This data is collected and stored by IDILINK to provide you with the KAZAPLAN solution services.
The processing activity is justified by the general terms and conditions of use. This is what we refer to as the legal basis.
What are the personal data categories concerned for this purpose?
Postal address relating to the project.
Which people are authorised to receive the personal data saved due to their role?
They are what we refer to as the data recipients. The IDILINK internal departments in charge of the Kazaplan solution.
We also use subcontractors for technical purposes such as hosting or for communication purposes. Their access is strictly supervised by IDILINK. They do not have the possibility to use your data for other purposes than performing their service.
For how long is this data stored?
After 3 years without any activity on your part or upon termination of your user account.
2/ We need to collect personal data to constantly improve our products and services, in particular by using technologies for the advanced analysis of your data
The processing activity is justified by our legitimate interest to keep you informed of changes to our service. This is what we refer to as the legal basis.
What are the personal data categories concerned for this purpose? Your journey on our solution, in particular the use of your plan’s geolocation.
Which people are authorised to receive the personal data saved due to their role?
They are what we refer to as the data recipients. The IDILINK internal departments in charge of the platform.
We also use subcontractors for technical purposes such as hosting or for communication purposes. Their access is strictly supervised by IDILINK. They do not have the possibility to use your data for other purposes than performing their service.
For how long is this data stored? After 3 years without any activity on your part or 30 days after the termination of your user account.
3/ We need to certain personal data to inform you that the KAZAPLAN has been saved and updated, or of new partners that use the KAZAPLAN tool.
The processing activity is justified by our legitimate interest to keep you informed of changes to our service. This is what we refer to as the legal basis.
What are the personal data categories concerned for this purpose? Email address, identification data
Which people are authorised to receive the personal data saved due to their role?
They are what we refer to as the data recipients. The IDILINK internal departments in charge of communication.
We also use subcontractors for technical purposes such as hosting or for communication purposes. Their access is strictly supervised by IDILINK. They do not have the possibility to use your data for other purposes than performing their service.
For how long is this data stored? After 3 years without any activity on your part or upon termination of your user account.
Detail of processing activities to manage the exercising of your rights over your personal data
The processing activity is justified by...
This is what we refer to as the legal basis. A legal obligation.
What are the personal data categories concerned for this purpose? Identification data, your request
Which people are authorised to receive the personal data saved due to their role? The internal department in charge of requests
The Compliance department
Certain regulated professions such as lawyers or auditors.
Is there profiling or an automated decision about this personal data? No
Is your data transferred outside the European Economic Area? No
For how long is this data stored? 2 years after receipt, beyond which it is deleted
How is my data protected?
Idilink takes all the usual precautions to maintain the security of Personal Data against any loss or unauthorised access to, modification, intrusion, alteration, disclosure or destruction of the Personal Data it holds.
Access to the Personal Data is strictly supervised and reserved for employees who need to access it to process it.
Your rights
Entrusting us with your data does not mean that you lose control of it, quite the contrary! A little explanation...
You have several rights. Some are applicable to all the data processing activities that concern you, others depend on the type of processing implemented and, more specifically, its legal basis (contract, legal obligation, consent, legitimate interest, etc.).
Below you will find a brief description of these rights as well as the terms of their implementation.
Right to access: This right enables us to ask questions about the nature of processing activities that concern you (type of data, origin of the collection, etc.). It also enables you to request a copy of all the information concerning you. This right applies irrespective of the legal basis of the processing activity concerning you.
Right to rectify: If you have made an input error or want to add data: many situations may lead you to update your data. This right applies irrespective of the legal basis of the processing activity concerning you.
Right to withdraw your consent: if you have given your consent for personal data processing, you have the right to withdraw your consent at any time
Right to limit processing: you can request that the processing of your personal data be limited.
Right to portability: This right allows you to ask to obtain data concerning you, if it is subject to a processing activity based on your consent or a contractual relationship. How is this different to the right to access? We are obliged to send you the data in a format that you are technically able to use.
Right to object: This is the right to say ‘no’, the right not to be part of a data processing activity or no longer be part of it. This right applies when the processing activity is based on the data controller’s ‘legitimate interest’, provided that this interest is not ‘compelling’.
Right to erase: When your data is subject to a processing activity based on your consent or the data controller’s (non-compelling) legitimate interest, you can request that your data be deleted early. How? You just need to express your desire to withdraw your consent or to exercise your right to object to processing.
End-of-life right: You have the right to define directives relating to the storage, erasure or disclosure of your personal data, which are applicable after your death.
You can exercise the rights listed above with the contact form available here.
In accordance with the applicable regulations, your are entitled to lodge a complaint with the relevant supervisory authority such as the CNIL (Commission Nationale de l’Informatique et de Libertés), the data protection authority in France.
How to find out about changes made to this information document
Please read the latest version of this document on this page and we will inform you of any substantial change through our websites or our usual communications methods.
How to contact us
If you have questions about the use of your personal data referred to in this document, you can send a request via our contact form on Kazaplan.com at the address contact@kazaplan.com or write to our Data Protection Officer at:
DPO ADEO Services
Service Risks Compliance Assurances
Idilink
135 rue Sadi Carnot,
59790, Ronchin
Comments
0 comments
Article is closed for comments.