Accueil Privacy policy

Personal Data Protection Policy

Introduction

This privacy policy aims to inform you clearly, transparently and in compliance with applicable regulations about how the company publishing the site guichet-societes.com processes your personal data.

As a company established in England, QODERZ LTD, registered with Companies House under number 15725172 and having its registered office at 7 Bell Yard, London, WC2A 2JR, United Kingdom, acts as data controller within the meaning of the General Data Protection Regulation (GDPR – EU Regulation 2016/679), the UK GDPR as incorporated into British law following the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019, as well as the Data Protection Act 2018 applicable in the United Kingdom.

By using the site guichet-societes.com, you accept the terms of this policy.

Data collected

In the course of using the site, Guichet Sociétés may collect certain personal data about you. This data may include your surname, first name, professional email address, position, as well as information relating to your company such as its company name and identification number. When you browse the site, technical data is also collected, such as your IP address, the type of browser you use, your operating system, the duration and characteristics of your connections, the pages viewed and the cookies deposited. In addition, Guichet Sociétés keeps data related to your history of use of its services, your subscriptions, your preferences, as well as your interactions with the support team.

This data is collected directly from you, either when you browse the site, or when you create an account, subscribe, use a service or contact our customer support.

Processing purposes

The data you provide to us is used exclusively for specific, explicit and legitimate purposes. It enables us to manage the contractual relationship, including the creation of your account, the management of your orders, your subscriptions, payment processing, and access to services. It is also used to ensure communication with you in the context of technical notifications or exchanges with support.

In parallel, this data is used to improve the functioning of our services, to carry out internal statistical analyses, to guarantee the security of our infrastructure, to prevent fraud, and to meet our legal, accounting and tax obligations. If you have consented, it may also be used to send you commercial communications and information about our offers.

Legal basis

All processing carried out is based on legal grounds strictly compliant with the GDPR. When necessary for the performance of a contract, they are based on Article 6.1.b of the GDPR. When they respond to legal obligations imposed by regulations, they fall under Article 6.1.c. If the processing aims to respond to a legitimate interest of Guichet Sociétés, particularly in terms of security, service improvement or fraud prevention, it is justified by Article 6.1.f. Finally, when your consent is required, particularly for the deposit of cookies or the sending of commercial emails, it is collected beforehand in accordance with Article 6.1.a.

Retention period

Guichet Sociétés retains your personal data for a period that does not exceed that strictly necessary for the achievement of the purposes for which they were collected. Data related to your account and subscriptions is kept for the duration of the contractual relationship, plus a period of five (5) years for evidentiary and legal compliance purposes. Billing data is archived for ten (10) years in accordance with tax rules. Data processed for commercial prospecting purposes is kept for a maximum period of three (3) years from the last contact from you. After these periods, the data is either deleted or irreversibly anonymized.

Recipients and international transfers

The personal data you entrust to us is only accessible to duly authorized employees of Guichet Sociétés, within the framework of their respective missions. It may be transmitted to certain technical service providers acting as subcontractors (hosting, maintenance, payment services, customer relationship management, email sending), who act on the instructions of Guichet Sociétés and are contractually bound to guarantee the security and confidentiality of your data. Some of these service providers may be located outside the European Economic Area. In this case, Guichet Sociétés ensures that transfers are governed by appropriate safeguards, including standard contractual clauses adopted by the European Commission, or relies on an adequacy decision.

Guichet Sociétés does not under any circumstances sell your personal data, and does not transfer it to any unauthorized third party.

Your rights

In accordance with the GDPR, you have rights that you can exercise at any time, namely: the right to access your personal data, the right to request their rectification or erasure, the right to limit or object to their processing under the conditions provided by law, as well as the right to data portability that you have provided to us in a structured format. You also have the possibility to formulate directives relating to the fate of your data after your death.

To exercise your rights, simply send a written request to the following address: support@guichet-societes.com. Identity verification may be requested to ensure the security of your data. We undertake to respond to you within one month, in accordance with regulations.

Consent to the use of cookies

For the proper functioning of our website, we use cookies. In order to obtain your valid consent for the use and storage of cookies in the browser you use to access our website and to properly document this, we use a consent management platform: CookieFirst. This technology is provided by Digital Data Solutions BV, Plantage Middenlaan 42a, 1018 DH, Amsterdam, Netherlands. Website: https://cookiefirst.com referred to as CookieFirst.

When you access our website, a connection is established with the CookieFirst server to give us the opportunity to obtain valid consent from you for the use of certain cookies. CookieFirst then stores a cookie in your browser so that it can only activate the cookies to which you have consented and properly document this. The processed data is stored until the expiration of the predefined storage period or until you request the deletion of the data. Certain mandatory legal retention periods may apply notwithstanding the foregoing.

CookieFirst is used to obtain the legally required consent for the use of cookies. The legal basis for this is Article 6, paragraph 1, point c), of the General Data Protection Regulation (GDPR).

Data processing agreement

We have concluded a data processing agreement with CookieFirst. This is a contract required by data protection law, which guarantees that the data of visitors to our website is only processed in accordance with our instructions and in compliance with the GDPR.

Server log files

Our website and CookieFirst automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data is collected:

  • Your consent status or withdrawal of consent
  • Your anonymous IP address
  • Information about your browser
  • Information about your device
  • The date and time of your visit to our website
  • The URL of the web page where you saved or updated your consent preferences
  • The approximate location of the user who saved their consent preferences
  • A universal unique identifier (UUID) of the website visitor who clicked on the cookie banner

Data security

Guichet Sociétés implements all appropriate technical and organizational measures to ensure a level of security appropriate to the risks. This includes data encryption, server security, access authentication, logging of critical activities, as well as raising awareness among our staff about data confidentiality. Hosting is provided by Amazon Web Services (AWS), which guarantees a high level of compliance with European security standards.

Complaint and supervisory authority

If you believe that your rights have not been respected or that your data has been subject to non-compliant processing, you can file a complaint with the competent supervisory authority. In the United Kingdom, this is the Information Commissioner's Office (ICO), whose website is accessible at: https://ico.org.uk. If you reside in France, you can also contact the Commission nationale de l'informatique et des libertés (CNIL) via https://www.cnil.fr.