Confidentiality policy

Confidentiality policy

General information

In the following provisions, “personal data” and “processing” are to be understood in the meaning of article 4 of Regulation (EU) 2016/679 of 27 April 2016 (GDPR):

Personal data:

"any information relating to an identified or identifiable natural person (hereinafter called “data subject”); an “identifiable natural person” is deemed to be a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, identification number, location data, online identifier, or a number of particular factors specific to his physical, physiological, genetic, psychological, economic, cultural or social identity"

Processing:

"any operation or set of operations whether or not carried out with the help of automated processes and applied to personal data or sets of personal data, such as the collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.”

Undertaking

Omnibook has to collect and process the User’s personal data, relating to his identity: Civil status, family name, given names, address, telephone number, email addresses, date of birth, for purposes of concluding and performing the Contract.

In this regard, the User acknowledges that the personal data disclosed by him are valid, up to date and adequate.

Omnibook undertakes to comply with Regulation (EU) 2016/679 of 27 April 2016 and Law no. 78-17 of 6 January 1978 as amended.

Compliance with principles:

Omnibook undertakes to comply with the principles relating to personal data processing, as stipulated in article 5.1 of Regulation (EU) 2016/679 of 27 April 2016, namely:

  • processed lawfully, fairly and in a transparent manner in relation to the data subject (lawfulness, fairness and transparency);
  • collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with article 89, paragraph 1, not be considered to be incompatible with the initial purposes (purpose limitation);
  • adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (data minimisation);
  • accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (accuracy);
  • kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, in accordance with article 89, paragraph 1, subject to implementation of the appropriate technical and organisational measures required by the present regulation in order to safeguard the rights and freedoms of the data subject (storage limitation);
  • processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (integrity and confidentiality).

Purpose of data collected

the purposes of the processing for which the personal data are intended and the legal basis for the processing:

Omnibook processes the User’s personal data for purposes of:

  • creating and managing his Omnibook® account
  • providing him with the Omnibook® platform’s services
  • providing him with technical support in the context of the provision of the Omnibook® platform’s services
  • communicating with him in the context of the performance of the Contract.

This personal data processing is based on the following legal bases:

  • the processing is necessary for the performance of a contract to which the data subject is party or in order to take pre-contract steps at the data subject’s request (article 6.1 b) of Regulation (EU) 2016/679 of 27 April 2016)
  • the data subject has consented to the processing of his personal data for one or more specific purposes (article 6.1a) of Regulation (EU) 2016/679 of 27 April 2016)

Data recipients

The data recipients are: the controller and the data processors who intervene in the context of the provision of the Omnibook® platform’s services, namely:

NEXWAY, a simplified joint-stock company registered in the Nanterre Commercial and Companies Register under no. B 440 953 859, which has its registered office at Tour PB5, 1 avenue du Général de Gaulle, 92074 Paris - La Défense, France which intervenes for the sale of Omnibook® products, including the storage of account data of customers who have bought a licence.

MAILCHIMP, an online sales platform belonging to the Rocket Science Group LLC, registered in the state of Georgia in the United States of America, which has its registered office at 675 Ponce de Leon Ave NE, Suite 5000 Atlanta, GA 30308 USA, which intervenes for the storage of personal data, the provision of customer support, the collection of cookies, the collection of personal information via forms, the diffusion of information emails to Omnibook® users and marketing emails to visitors and users who have subscribed to the newsletter.

Transfers of data

The existence of transfers of personal data to a State which is not a member of the EU, the country of transfer, the appropriate guarantees put in place and the means for obtaining a copy of these guarantees: The personal data collected and processed are hosted by Online in France.

The data can be transferred to NEXWAY in France and to Mailchimp (the Rocket Science Group LLC) in the United States.

In terms of appropriate guarantees, Mailchimp has a certification of conformity with the Privacy Shield at the U.S. Department of Commerce. Mention is made of this certification of conformity with the privacy shield in Mailchimp’s confidentiality clauses, section SOCII Compliant PCI DSS Certification here: https://mailchimp.com/about/security/. Furthermore, the privacy shield list is published on the U.S. Department of Commerce’s website, at: https://www.privacyshield.gov/welcome

Data storage period

Personal data will be stored in an active database for the duration of the contractual relationship.

They can also be kept following performance of the Contract, in interim archiving, if Omnibook is legally obliged to do so or if it wishes to put together evidence in the event of litigation within the applicable statute of limitations.

The data thus archived will only be kept for the time necessary for the accomplishment of the objective sought and they will be deleted when the grounds for their archiving no longer exist. For example, data archived for defence in legal proceedings during the limitation period will be deleted once such proceedings are statute-barred.

Cookies

The Omnibook® platform hosting accounts, downloadable Omnibook applications and the Omnibook Web reader for online reading does not use cookies.

The Omnibook site uses cookies for purposes of measuring the site audience and optimising the online sales marketing campaign.

Types of cookies used

This website uses Google Analytics and Google Tag Manager as a tracker; to consult the types of cookies used by this system, click here

This website uses LinkedIn as a tracker; to consult the types of cookies used by this system, click here

This website uses Facebook as a tracker; to consult the types of cookies used by this system, click here

Cookies needed to navigate on the website

These cookies are needed for the operation of the website. They allow the website’s main functionalities to be used. Without these cookies, internet users cannot enjoy the full experience on the website.

Functional cookies

These cookies allow internet users to customise their experience.

Analytical cookies

These cookies provide information about site use and performance and help improvements to be made to the site’s operation by analysing traffic on the information pages, by monitoring opening rates, click rates and bounce rates at the level of the individual.

To view the details of the data collected by the Google Analytics tracker installed on the Omnibook website, click here

Analytical cookies

These social cookies allow users to share pages and content on third-party social networks via social share buttons.

Managing cookies

Visitors have the option of accepting or refusing the site’s cookies or of refusing cookies once and for all by settings on their browser.

If the internet user elects to refuse all cookies, navigation to some of the site’s pages will be reduced.

Depending on the browser used by visitors, this is how to delete cookies:

On Internet Explorer:

  • Click on the Tools button, then on Internet Options.
  • On the General tab, under Browsing History, click on Settings.
  • Click on the Display Files button.
  • Select the cookies you want to refuse and click Delete.

On Firefox:

  • Click on the browser’s Tools icon, and then select the Options menu.
  • In the window which opens, choose "Privacy” and click on “Display Cookies”.
  • Select the cookies you want to refuse and click Delete.

On Safari:

  • Click on the Edit icon, and then select the Preferences menu.
  • Click on Security and then Display Cookies.
  • Select the cookies you want to refuse and click Delete.

On Chrome:

  • Click on the Tools icon, select the Options menu, then click the Advanced Options tab
  • and go to the Confidentiality section.
  • Click on the “Display Cookies” button.
  • Select the cookies you want to refuse and then click Delete.

How long the cookies last

Cookies are placed on the visitor’s device for a maximum of 13 months from the time of the internet user’s consent. Once this period has elapsed, consent will be obtained once again.

Security

Omnibook has taken all necessary precautions to preserve the security of personal data and, in particular, prevent them from being corrupted or damaged, or accessed by unauthorised third parties.

These measures are in particular as follows:

  • Firewall,
  • Established anti-virus and detection of intrusion attempts,
  • Encrypted data transmission using SSL/https/VPN technology,

Moreover, access to processing by the destination Omnibook services requires authentication of people accessing the data, by means of an individual access code and password, which must be sufficiently complex and renewed every three months.

Data transiting on non-secure communication channels are subject to technical measures to make these data incomprehensible to any unauthorised person.

Users’ rights

The user whose personal data are collected is entitled:

  • to ask the controller for access to the personal data, for their rectification or deletion, or for a limitation of the processing relating to the data subject,
  • to oppose the processing,
  • to withdraw his consent to the portability of his data,
  • to define guidance relating to what becomes of his personal data after his death.

He can do this at any time by email to: contact@omnibook.com, by telephone to: 0033 (0)4.50.88.99.11 or by mail to: Omnibook - 13, route de Pringy – 74370 ARGONAY - FRANCE.

The User is also entitled to lodge a complaint to a supervisory authority.

The requirement to provide personal data

Information as to whether the requirement to provide personal data is of a regulatory or contractual nature or if it is a condition of the conclusion of a contract and if the data subject is obliged to provide the personal data, and about any consequences of the non-provision of these data:

  • The requirement to provide personal data is of a contractual nature and is a condition for the conclusion of the Contract.
  • The User is thus obliged to provide personal data, or the Contract cannot be concluded and the User will not obtain the right to access the services of the Omnibook® platform.

The existence of automated decision-making

including profiling and, in such cases, the relevant information concerning the underlying logic, and the importance and expected consequences of this processing for the data subject:

  • No profiling will be carried out and more generally there will be no automated decision-making based on the data collected.
  • Omnibook will take appropriate technical and organisational measures to ensure and to be able to demonstrate that the processing is carried out in accordance with Regulation (EU) 2016/679 of 27 April 2016 and Law no. 78-17 of 6 January 1978, called the “Data protection and civil liberties law" as amended. These measures will be re-examined and updated if necessary.

Information to the user

In accordance with article 13 of Regulation (EU) 2016/679 of 27 April 2016 and article 48 of Law no. 78-17 of 6 January 1978 as amended, PIXEL & CICERO provides the following information to the User: the identity and details of the controller and, if applicable, of the controller’s representative.

The controller is:

Omnibook - SAS Pixel et Cicéro - 13, route de Pringy - 74370 ARGONAY - FRANCE
Tel.: 04.50.88.99.11
Email address: contact@omnibook.com

The controller’s representative is Mr Richard PETIT

if there is one, the details of the data protection officer: Omnibook does not currently have a data protection officer.

Personal data of minors:

A minor who is at least 16 years old can alone consent to the processing of his personal data in order to use the services of the Omnibook® platform.

Where the minor is under 16 years of age but over 13 years old, the consent shall be given jointly by the minor concerned and the legal guardian or guardians of this minor.