Request a demo
Thank you for your interest in a demonstration of our Risk Mapping and Action Plans solution.
Thank you for completing the form and we will contact you.
Thank you for your interest in a demonstration of our Risk Mapping and Action Plans solution.
Thank you for completing the form and we will contact you.
?ETHIMAP - Privacy policy
The purpose of this policy (hereinafter the "Policy") is to inform Clients and Users of the website www.ethimap.com of the means implemented to collect personal data, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of personal data, and Law No. 78-17 of 6 January 1978 on information technology, files and freedoms, known as the "Data Protection Act", as amended by Law No. 2018-493 of 20 June 2018 on the protection of personal data (hereinafter referred to as the "Regulation").
All
capitalized terms, if not defined in this Privacy Policy, shall have the
meaning given to them in the Platform Terms of Use (TOU).
When ETHICORP
collects personal data from Clients or Users of its Platform, in the context of
a subscription taken out by the Client, it implements processing of such
personal data for which it is qualified as a "data controller",
within the meaning of the aforementioned texts.
In the
context of the GCU, article 2.1, it is specified that ETHICORP opens the
profiles and accesses the administrators of the Customer's entity(ies), and that
these administrators can, in turn, authorise other Users to access their space
on the Platform and configure their profile and access rights, without ETHICORP
being informed or having to intervene.
The
collaborative nature of the platform means that Administrators and subsequent
Users can themselves open successive User accesses.
ETHICORP
does not have access to the data entered by the User on the Platform, which is
protected by encryption measures, unless the User or the Customer grants
ETHICORP access to such data on a one-time basis for the purpose of supporting
the User and maintaining the Platform. In such a case, ETHICORP may have to
access the personal data of individuals provided by the User in the context of
his use of the Platform and to process such personal data for the purposes
mentioned above. In this respect, ETHICORP acts as a "subcontractor" of
the Customer (through the User), ETHICORP being the person responsible for the
processing of the personal data of the individuals entered by the User on the
Platform.
ETHICORP
undertakes to comply at all times with the requirements of the Regulations
applicable to the protection of personal data and to process Users' Personal
Data only in accordance with the conditions set out below.
By using the
ETHIMAP Platform, the Client or the User may be led to transmit, directly or
indirectly, to ETHICORP Personal Data.
ETHICORP
collects the following personal data through the website www.ethimap.com integrating the ETHIMAP Platform:
–
Identification
data such as the surname, first name, e-mail or postal address, telephone
number of the person concerned, in the context of the creation of a Customer or
User Account;
–
Transaction
data such as subscription amount and credit card number.
–
Technical
data such as IP address, browser type and version, operating system used.
–
Platform
subscription data such as username and password.
–
Data
relating to messages and telephone calls in the context of ETHIMAP Assistance requests.
–
Data
related to professional life such as company name, professional e-mail and
profession or function in the company;
–
Connection
data such as functions used, pages visited, configurations selected, time
stamps of visits and search terms.
When
collecting Personal Data, the User may be informed that some of them must be
filled in to achieve the expected result, in particular by the presence of an
asterisk next to the data to be filled in. Failure to provide this mandatory
information may make it impossible to execute the request. The mandatory
communication of certain personal data is necessary for ETHICORP to implement
the above-mentioned purposes.
ETHICORP
processes and collects Users' Personal Data in compliance with the Regulations
and only within the framework of the following legal bases:
–
Where
necessary for the performance of a contract with the Customer ;
–
Where
necessary for ETHICORP to comply with its legal obligations;
–
When
the User has expressly consented to the processing of his/her Personal Data ;
–
When
necessary to ensure its legitimate interests, for example to detect,
investigate and prevent technical, fraud and security problems, to protect its rights,
property or the safety of its Users and employees, or for its own commercial
prospecting for professionals.
ETHICORP
processes Users' personal data for the following purposes:
–
Management of the Platform :
o
Managing
access to and use of the ETHIMAP Platform;
o
Processing
requests for subscription to the Platform ;
o
Technical
assistance and maintenance for the proper functioning and security of the Platform;
o
Transmission
of ETHICORP's modifications or updates to the Platform;
o
Response
to information requests or messages from Users.
–
Improvement of services :
o
Improving
the functionality and quality of the User's navigation on the Platform by
carrying out tests, research, analyses, studies and surveys;
o
Promotion of the Platform ;
o
Proposal
of relevant, adapted and personalised content;
o
Improving customer relations ;
o
Evaluation
of the quality of the service.
–
Commercial prospecting ;
–
Employee training :
o
Evaluation of employees ;
o
Training of employees.
–
Management
of applications for recruitment purposes via the contact e-mail address.
The User's Personal
Data are strictly confidential and intended exclusively for ETHICORP.
Unless
required to do so by law, accounting or judicial order, ETHICORP will never
disclose, transfer, rent or transmit the Personal Data of the Users to third
parties other than the host of the Platform for the purpose of performing
technical services of hosting and management of the databases, or the competent
authorities in the context of the search for perpetrators of crime.
The
Platform is hosted in France on servers made available to ETHICORP. The host acts
as a subcontractor of ETHICORP within the meaning of the Regulations applicable
to the protection of personal data, on the instructions of ETHICORP and under
the contractual conditions signed with ETHICORP, which cannot derogate from the
present article and which are in conformity with the Regulations.
For
information on the host of the Platform, please refer to the ETHIMAP Legal Notice.
The User's Personal
Data are only kept for the time strictly necessary to achieve the purposes
pursued as set out in this Policy, and in accordance with the Regulations and
applicable laws. This data is therefore kept for the duration of the
subscription to the ETHIMAP Platform.
Beyond this
retention period, the Personal Data are archived by ETHICORP, in a secure
environment, for the legal period of prescription for the purpose of proof for
the establishment, exercise or defence of a legal right.
After this
period, the Personal Data will be deleted.
In
accordance with the Regulation, ETHICORP guarantees to the User the effective
exercise of all his rights on his Personal Data in accordance with the
Regulation:
–
Right
of access to Personal Data ;
–
Right
to rectify Personal Data;
–
Right
to erasure of Personal Data;
–
Right
to limit the processing of Personal Data ;
–
Right
to withdraw consent to the processing of Personal Data;
–
Right
to object to the processing of Personal Data ;
–
Right
to the portability of Personal Data.
To exercise
these rights, ETHICORP can be contacted at contact@ethicorp.com.
ETHICORP
undertakes to ensure the security and integrity of the Personal Data of Clients
and Users. In this respect, ETHICORP implements and maintains technical and
organizational security measures for the Platform and, more generally, for its
information system adapted to the nature of the personal data processed and the
risks presented by their processing.
These
measures aim to protect personal data against destruction, loss, alteration,
disclosure to unauthorised third parties, and to ensure the restoration of
availability and access to personal data in the event of a physical or
technical incident.
In order to
ensure the support of the User and the maintenance of the Platform, the User
may be required to authorize ETHICORP to access, in a punctual, time-limited
and secure manner, the data that he/she integrates on the Platform. In this
context, ETHICORP may have to access the Personal Data that the User has entered
in the context of its use of the Platform (hereinafter the "Customer
Data") and to process these Personal Data for the above-mentioned
purposes.
As such,
ETHICORP is the subcontractor of the personal information collected on the www.ethimap.com website through the Risk Mapping
Platform on behalf of the Client or the User as an intermediary authorised by
the Client who is the data controller of the Client Data.
As the
controller, the User (or through him the Customer), undertakes to comply
strictly with the regulations when processing customer data and guarantees
ETHICORP against any recourse from third parties for the protection of their
Personal Data. As a subcontractor, ETHICORP undertakes to respect its
obligations, in accordance with the Regulations and the General Terms of Use.
The
subcontracted data are reserved for the exclusive use of ETHICORP and shall not
be transferred, rented or exchanged for the benefit of a third party. The
processing of personal data is necessary for the execution of the services
requested.
A
"cookie" is a small data file sent to the User's browser by a web
server and stored on the User's computer hard drive. It does not damage
the computer in any way.
ETHICORP,
publisher of the ETHIMAP website (hereafter the "Publisher"), uses :
–
Browser cookies:
o
For
the proper functioning of the www.ethimap.com website and the integrated Platform;
o
To
improve the quality of navigation on the Platform ;
o
To
provide the User with access to his or her account using his or her login
details;
o
To
enable and facilitate communications between ETHICORP and the User; and
–
Personalisation cookies to store information about the user and re-use it during future visits
(display preferences, site connection information, etc.).
The
information collected through Cookies is solely and strictly intended for
ETHICORP, in compliance with the applicable regulations on the protection of
personal data. Cookies from third party publishers allow these publishers to
access the information collected through their Cookies, as specified in the
table below.
ETHICORP
uses a cookie manager on which the User can view all the cookies used by
ETHICORP and freely consent or refuse, at any time, all or part of the cookies used.
To do so, the User is invited to consult the Cookie Preference Centre.
The User can
also set his browser to accept or deactivate Cookies. At any time, the User can
choose to express and modify his/her wishes with regard to Cookies.
The User is
presumed to have given his consent:
–
By
clicking on the "I accept" icon on the information banner visible
when first connecting to the website;
–
By
continuing to browse, i.e. when the User has clicked on an element of the Site
(image, link, button, etc.);
–
By
clicking on "Save and Exit" after having checked the Cookies options
that he/she wishes to activate in any dialog box that may be proposed on the
Site.
If the User
accepts the recording of Cookies in his terminal via his navigation software,
the Cookies integrated in the pages and contents that he has consulted may be
stored temporarily in a dedicated space in his terminal. They will only be
readable by the sender. The agreement given by the User is only valid for a
period of thirteen (13) months from the first deposit in the User's terminal
equipment, following the expression of the User's consent.
If the User
refuses the storage of Cookies in his/her terminal or browser, or if he/she
deletes those stored there, the User is informed that his/her navigation and
experience on the Site may be limited.
This may
also be the case when the Publisher is unable to recognise, for technical
compatibility purposes, the type of browser used by the terminal, the language
and display settings or the country from which the terminal appears to be
connected to the Internet. In this case, the Publisher is not liable for the
consequences of the impaired functioning of the Services resulting from the
User's refusal to accept Cookies and/or the Publisher's inability to save or
consult the Cookies necessary for their functioning due to the User's choice.