Privacy Policy
The company TRUSTII (hereinafter “the Data Controller”) wishes by this Charter to inform the users of its website (hereinafter “the Users”) of the processing of personal data collected via the trustii.io website ( hereinafter “the Site”).
​
1. Which actors?
The processing of Users' personal data is carried out under the responsibility of the following data controller:
The TRUSTII Company
12 rue Eugénie Eboue in ASNIERES-SUR-SEINE (92600),
represented by its President, Mr. Brahim BAKHIS.
​
2. What personal data? At what moment ?
The Data Controller processes the following data:
-
Identification data of the User (such as name, first name, electronic and telephone contact details of the User or their representatives or employees);
-
Personal characteristics (such as profession or academic establishment in which the User studies or works);
-
User connection data (such as IP address, connection city).
This data is collected when the User:
-
accesses the Data Controller’s Site;
-
fills out the contact form on the Site;
-
subscribes to the Data Controller’s newsletter;
-
comments or likes content on the Site;
-
communicates with the Data Controller regarding the services provided by the Data Controller;
-
shares content from the Site on its social networks.
The mandatory or optional nature of the data to be provided is indicated to the User during collection by an asterisk (*).
The requirement to provide mandatory data is of a regulatory or contractual nature or it conditions access to certain services on the Site.
Access to the Data Controller’s services cannot be granted unless this information is provided.
By voluntarily providing optional data, the User expressly accepts that they will be processed under the conditions and for all the purposes below.
​
When the User provides personal data relating to third parties, he guarantees having received the necessary authorizations and consents from the people concerned by this data.
3. Cookies and social networks
3.1. Cookies
Operational navigation on the Site requires the use of cookies, which are mini “tracker” software installed on the User’s terminal, and which give the Data Controller access to standard connection information. Cookies have multiple uses: they can be used to memorize your customer ID on a merchant site, the current contents of your shopping cart, an ID allowing your browsing to be traced for statistical or advertising purposes, etc.
The Data Controller uses the following cookies:
​
XSRF-TOKEN:
Purpose: Used for security reasons
Duration: Session
Type of cookie: Essential
HS:
Purpose: Used for security reasons
Duration: Session
Type of cookie: Essential
bSession:
Purpose: Used to measure system effectiveness
Duration: 30 minutes
Type of cookie: Essential
SSR-caching:
Purpose: Used to indicate the system from which the site was rendered
Duration: 1 minute
Type of cookie: Essential
svSession:
Purpose: Used in connection with user login
Duration: 2 years
Type of cookie: Essential
​
consent-policy:
Purpose: Used for cookie banner settings
Duration: 12 months
Type of cookie: Essential
smSession:
Purpose: Used to identify members connected to the site
Duration: Session
Type of cookie: Essential
​
The Data Controller recommends that the User accept said cookies in order to facilitate the navigation process on the Site. The User is, however, free to choose in his browser settings whether he wishes to accept cookies or not.
If the User wishes to refuse these cookies, the Data Controller invites them to configure the cookies on a case-by-case basis or refuse them entirely. The User can also systematically refuse them by configuring their internet browser. The Data Controller reminds the User that if they refuse certain cookies, they will not be able to benefit from part of the Site's services.
The personal data collected (cookie identifier) are kept by the Data Controller for a period of 13 months. They are not transferred to third parties or used for purposes other than those described herein.
​
3.2. Social networks
The Data Controller is present on various social networks, in particular LinkedIn. As such, the Data Controller may process the data s public profiles of social network users who share, subscribe, follow or contact the Data Controller on these platforms.
The Data Controller cannot be responsible for the User's public data, accessible on these networks and platforms. The User is therefore advised to read the privacy policies applicable on each of these platforms in order to configure their privacy settings.
Furthermore, it is possible for the User to interact by clicking on buttons representing third-party sites and applications, and in particular to share certain content of the Site on social networks using “Share” buttons present on the Site.
The User acknowledges that this action has the effect of transferring information to the third party sites concerned, and that he is responsible for his contractual relations with the latter (profile, confidentiality settings). The Data Controller cannot be responsible for the User's public data, accessible on these networks and platforms. The User is therefore advised to read the privacy policies applicable on each of these platforms in order to configure their privacy settings.
4. For what reasons ?
The purpose of processing the User's personal data by the Data Controller is:
-
The response to requests and requests for information from the User on the services offered by the Data Controller;
-
Sending newsletters by electronic communication to Users;
-
Carrying out audience measurements, in particular the number of pages viewed, the number of visits to the Site, the activity of users of the Site and their frequency of return;
-
The publication of interactive content on the Site;
-
The provision by third parties of technical, logistical or other functions on behalf of the Data Controller;
-
Management of requests for rights of access, rectification and opposition;
-
Debt recovery and exercise of any legal rights by the Data Controller.
If the User's personal data were to be processed for different purposes, the Data Controller undertakes to inform them and, where required by law, to obtain their prior consent.
5. On what grounds?
The personal data of Users are processed by the Data Controller in accordance with the regulations in force, and in particular under the following conditions:
-
when the User has expressed free, specific, informed and unequivocal consent regarding the processing of their data (e.g. subscription to the newsletter, use of cookies, etc.);
-
when this is necessary to comply with the legal or regulatory obligations of the Data Controller as imposed by the legislator (e.g.: combating fraud, etc.);
-
when the legitimate interests of the Data Controller justify it (e.g. security measures, operation of the Site, etc.);
-
when this is necessary for the exercise or defense of a legal right of the Data Controller (e.g. debt recovery, civil or criminal liability action, etc.).
6. Personal data and profiling?
The Data Controller does not carry out any profiling activities using the data processed herein.
7. Who are the recipients of the User’s personal data?
The Data Controller communicates the data collected to the technical service providers responsible for the maintenance and hosting of its IT system and the Site as well as to the service providers responsible for the marketing department, the sales department, the legal department, the litigation department, the accounting department and those responsible for handling the relationship with the User, only for the purposes previously mentioned and to the extent necessary to carry out the tasks assigned to them.
These recipients may be required to contact the User directly using the contact details they have provided.
The Data Controller requires these recipients to use the User's personal data only to manage the services for which they are responsible and in accordance with the laws and regulations applicable to the protection of personal data.
Where applicable, the User's personal data may be communicated to third parties authorized by law (in particular in the context of an express and reasoned request from the judicial authorities).
Likewise, if the Data Controller is involved in a merger, acquisition, transfer of assets or receivership procedure, it may be required to transfer or share all or part of its assets, including personal data of the User. In this case, he will be informed before any transfer of his personal data to a third party.
8. How are the User's personal data stored and are they transferred outside the European Union?
The User's personal data is stored within the European Union in the databases of the Data Controller or those of its service providers.
9. What protection for the User’s personal data?
The Data Controller implements organizational, technical, software and physical measures in terms of digital security to protect the User's personal data against alteration, destruction and unauthorized access. However, it should be noted that the internet is not a completely secure environment and that the Data Controller cannot guarantee the security of the transmission or storage of User data on the internet.
10. How long are the User's personal data kept?
The data is kept in accordance with the law for a period justified by the purpose of the processing and, in any case, for the legal retention periods.
11. What are the User’s rights?
In accordance with the provisions of Regulation No. 2016/679 of April 27, 2016 and Law No. 78-17 of January 6, 1978 as amended, the Data Controller clearly and fully informs the User of the rights available to him. In the event of additional questions from the User, the dedicated service of the Data Controller remains available to guide the User and provide them with all useful information in order to maintain their rights.
The User has:
​
-
data is processed or not as well as the communication of a copy of their data and information relating to the characteristics of the processing carried out by the Data Controller on this data;
-
a right to rectification of inaccurate information and incomplete data;
-
a right to erasure of data which is no longer necessary for processing, a right to withdraw consent to processing, a right to object to the processing of one's data when there are no grounds legitimate and compelling reasons justifying the processing, a right to object to commercial prospecting;
-
a right to limitation of processing in the event of inaccuracy of the data during their verification, or when they are no longer necessary than for the exercise of a legal right;​
-
a right to the portability of their data, in order to request the transmission to another person responsible for the data provided with their consent or upon the conclusion of the contract;
-
a right not to be the subject of a decision based exclusively on automated processing producing significant legal effects concerning him;
-
a right to define directives relating to the fate of their data after their death.
The User can exercise his rights at any time with the Data Controller:
-
By post to the following address:
-
TRUSTII
-
Mr. Brahim BAKHIS
-
12 rue Eugénie Eboue
-
92600 ASNIERES-SUR-SEINE;
-
-
By email to the following address: legal@trustii.io;
The User must specify in their request their first and last names, e-mail address or postal address to which they wish the Response from the Data Controller to reach them.
For security reasons and to avoid any fraudulent request, this request must be accompanied by proof of identity. After processing the request, this supporting document will be destroyed.
In accordance with the law, this request will receive a response within one month of receipt.
Finally, the User has the right to lodge a complaint with the CNIL or any other competent supervisory authority in their State of residence.
The User can make this complaint to the French CNIL:
By post to the following address:
3 Place de Fontenoy
TSA 80715
75334 PARIS CEDEX 07
By telephone on 01 53 73 22 22 (Monday to Thursday from 9 a.m. to 6:30 p.m. / Friday from 9 a.m. to 6 p.m.);
By fax to 01 53 73 22 00;
Via the CNIL website at the following address: https://www.cnil.fr/fr/plaintes.