E-Voicer

Privacy Policy

Last update: Septembre 29th 2023

Welcome to https://e-voicer.eu (hereinafter the “Platform“). The party responsible for processing your personal data is GLOBSEC (hereinafter referred to as “we” or “us“). Postal address: Vajnorská 100/B, 831 02 BratislavaE-mail address: privacy@globsec.org

In the context of https://e-voicer.eu, you provide us with information by registering, participating in participatory projects and communicating with us. Mandatory fields are indicated as such on the forms. We are committed to ensuring that the collection and processing of your data is carried out in a lawful, fair and transparent manner, in accordance with the European General Data Protection Regulation (“GDPR”) and the French Data Protection Act of 1978 as amended (“LIL”).

This collection of information is limited to what is necessary, in accordance with the principle of data minimization. The definitions provided in Article 4 of the RGPD are applicable herein. In the event of updates, we will not substantially lower the level of confidentiality without prior information of the data subjects. 

We hereby endeavour to answer the following questions in a transparent manner: What categories of personal data do we process? For what purposes? On what legal grounds? What are your rights? How can you exercise them? How long is the data stored? You will also find our commitments in terms of subcontracting, transfers, communication to third parties and in the event of a security breach. 

If you have any queries or complaints, please do not hesitate to contact us. 

Warning. If you decide to publish data relating to your private or sensitive life (political and philosophical opinions, trade union membership, health information, sexual orientation, religious beliefs, etc.) on your own initiative or deduced from your votes, contributions, arguments, comments and positions of any kind whatsoever on the Platform linked to your profile, you must be vigilant as these will be visible. We remind you that the processing of personal data made public by the person concerned is not subject to the prohibition in principle on the processing of sensitive data by law (Art. 8, II, 4° of the 1978 Data Protection Act).

WHAT PERSONAL DATA DO WE COLLECT ON THE PLATFORM? 

Registration data and information required to participate. To register, we ask you to provide a name or pseudonym, an e-mail address, and to create a password. To register, you will also be asked to check that you are not a robot (Captcha technology).

Public profile data. Your name/pseudonym chosen at the time of registration will be visible on the Platform and on your profile presentation page, which you can add to. To edit and personalize your profile, and only if you wish, you can add a profile photo, a biography, your location, your website and links to your social network profiles. 

Contributions. You can participate in the life of the Platform by publishing contributions. These contributions make it possible to know the position of people registered on the Platform. Their content, date and time are made public – unless otherwise stated – and are attached to your profile.

Connection logs. Usage data (IP addresses, connection and usage logs) are automatically collected on the Platform.

Cookies. See our Cookie Policy.

FOR WHAT PURPOSES IS THIS DATA COLLECTED? 

The purpose of the personal data collected is to manage participation and the quantitative and qualitative analysis of contributions within the framework of https://e-voicer.eu.

The registration data entrusted to us enables us to manage your account on the Platform, authentication procedures, forgotten passwords, and also to process any requests you may have.

In particular, your e-mail address must be confirmed in order to complete the registration and will not be made public. If you so wish, we will also send you our newsletter.

The Captcha tool protects the Platform against automated mass registration.

HOW LONG IS YOUR DATA STORED? 

Identifying data is kept for the duration of your registration on the Platform and until you delete your account or the Platform is no longer online. 

We also have obligations to retain connection data in accordance with decree no. 2011-219 of February 25, 2011 on the retention and communication of data identifying any person who has contributed to the creation of content posted online.

Please note that it will no longer be possible to modify your contributions at the end of the participation phase. If you delete your account, your contributions will appear under the pseudonym “user deleted”. At the end of the consultation phases, if the Platform is still online, you can delete your identifying data at any time.

Your email address may be kept for a period of 3 months from the closure of the Platform in order to provide you with information about https://e-voicer.eu An unsubscribe link will be provided in all communications.

After these periods, you are informed that the personal data we collect may be anonymized and kept for statistical purposes. Otherwise, it will be permanently deleted. We may publish, disclose and use aggregated information (information combined in such a way that no individual can be identified or referred to) and non-personal information for the purposes of analyzing participation on the Platform and to support decisions we may make at the end of phases of participation in a given project.

If you wish to keep track of all the information and contributions you have published on the Platform, you can request a downloadable copy of these in tabular form, in the “Data” tab of the settings, by clicking on “Export”.
 

WHAT ARE YOUR RIGHTS? HOW CAN YOU EXERCISE THEM?

The Platform is designed to allow you to manage your personal data directly. 

By default, your public profile is not referenced by search engines. If you wish to change this setting, you can do so from your account settings (checkbox in the “profile” tab of the account settings).

If you do not wish to be identified, we recommend that you participate under a pseudonym, that you do not display your face as a profile photo, that you do not provide links to your personal accounts on social networks, or that you do not provide any element that would allow you to be identified directly or indirectly. Finally, we remind you that your access codes to this platform are personal, unique, confidential, non-transferable and non-transferable. They may not be shared, assigned, resold or retransmitted.

Within the limits of the law, you may access and obtain a copy of the data concerning you, oppose the processing of this data, have it rectified or deleted. An unsubscribe link will be provided in all communications other than those of a purely administrative nature. You also have the right to limit the processing of your data.

Requests to exercise your rights may be sent to the data controller by post (Vajnorská 100/B, 831 02 Bratislava) or by e-mail to privacy@globsec.org.

Our Data Protection Officer can be contacted by post (Vajnorská 100/B, 831 02 Bratislava) or by e-mail at privacy@globsec.org.

If, after contacting us, you feel that your data rights have not been respected, you can lodge a complaint with the CNIL.

See the CNIL website for more information on your rights.

OUR COMMITMENTS REGARDING SUBCONTRACTING, COMMUNICATION AND DATA TRANSFERS

Your personal data is for internal use only. It is strictly confidential and may not be divulged to third parties, except with your express consent or if you have decided to make it public. 

If we disclose your personal data to a third party, regardless of its status, we will first ensure that the third party is bound by the same confidentiality conditions as we are.

We undertake to (i) ensure that any subcontractor, including Cap Collectif powering the Platform presents sufficient and appropriate contractual guarantees to respect your rights, so that the processing meets the requirements of the RGPD and (ii) comply with the provisions of the RGPD applicable to data transfers.

On the basis of our legal obligations, your personal data may be disclosed in application of a law, regulation or by virtue of a decision by a competent regulatory or judicial authority. 

INDICATIONS IN THE EVENT OF A DATA BREACH

We undertake to implement all appropriate technical and organizational measures using physical and logistical security measures to guarantee a level of security appropriate to the risks of accidental, unauthorized or illegal access, disclosure, alteration, loss or destruction of your personal data.

In the event that we become aware of unlawful access to your personal data stored on our servers or those of our service providers, or of unauthorized access resulting in the risks identified above, we undertake to :

  • Notify you of the incident as soon as possible if it is likely to result in a high risk to your rights and freedoms
  • Examine the causes of the incident
  • Take reasonable steps to mitigate any adverse effects and damages that may result from the incident

Under no circumstances may the commitments defined in the above point be assimilated to any recognition of fault or responsibility for the occurrence of the incident in question.