Policy of personal data protection

• Being transparent about the information collected: at the moment when your personal data is collected, information on the identity and contact details of the controller along with the purpose of processing your information accompanied by whether the data controller intends to transfer your personal data to a third party organization will be provided.
• Gathering your consent on the processing of your data: your consent will be traceable, specifying when and under what condition your consent was given. You will also have the option of withdrawing your consent.
• Guaranteeing the existence of a right to the portability of your data and your right for data retrieval: we offer a system that allows you to retrieve your personal information in a readable, structured and usable format.

We place great value on honesty and clarity with our customers in order to build strong and lasting relationships based on trust and mutual interest. In accordance with this philosophy, the protection of your personal data is important to us and we wish to inform you via the Privacy Policy how we collect and process your data.

We collect your name, mailing address, email address, connection data, and website navigation.
The mandatory or optional data is reported to you during collection.
Some data is collected automatically as a result of your actions on the site.

We collect information that you provide in particular when:

• you create an account;

• you pay by credit card on our site: the data relating to the means of payment such as the credit card number, the expiry date of the credit card, the visual cryptogram (the latter must not be kept, in accordance with Article 5);

• you place an order on our site: product purchased, service or subscription subscribed to, quantity, amount, periodicity, delivery address, history of purchases and services, return of products, correspondence with the customer and after-sales service;

• you subscribe to our news (newsletters);

• you fill in a form (such as a request for a quote, request for documentation, etc.);

• Surfing and browsing actions on our website or our mobile applications.

The information collected is kept in a file for 3 years and is intended for the marketing and sales departments established at our head office in Pont-Evêque (France). This file is accessible only by management, employees of the marketing and the commercial departments within Neomitis.

We have implemented several security measures to protect and maintain the confidentiality of your personal information. We use encryption based software to protect sensitive information transmitted online, on our connected devices and services, ensuring passwords are not decodable. Only our teams that need to do specific work (for example, customer service) have access to personally identifiable information at your request.
Computers and servers used to store personally identifiable information are kept in a secure environment.

The collected data is exclusively for us. However data may be transmitted to subcontractors and partners to whom Néomitis use for services. Examples include sending emails, analyzing our databases and marketing services. These service providers have access to personal information needed to perform their services and are not allowed to use personal information for other purposes.

4.1 Customizing our services
Your data allow us to customize and improve:

• the services we offer you
• the information we send you

4.2 Information, email notifications and newsletters
By subscribing to our newsletters, you agree to receive email notifications containing information on the news of our products.

4.3 Audience Measurement
To better serve you, we measure statistics on visitor activity on our sites.

4.4 Related to bank cards

In the case of payment by bank card, the card number and the date of validity of the card may be kept for the purpose of proof in the event of a dispute over the transaction, in intermediate archives, for the period provided for in Article L. 133-24 of the Monetary and Financial Code, in this case thirteen months following the debit date. This period may be extended to fifteen months to take into account the possibility of using deferred debit cards. This data should only be used in the event of a dispute over the transaction. The data kept for this purpose must be subject to security measures, as described in Article 8 of this standard and in Article 5 of Deliberation No. 2013-358 of 14 November 2013 mentioned above.

Data relating to bank cards may be kept for a longer period of time subject to obtaining the express consent of the customer, who is informed in advance of the purpose of the processing (for example, to facilitate the payment of regular customers). The period of retention may not exceed the period necessary to achieve the purpose of the processing. Consent must take the form of an explicit act of will and may, for example, be collected through a checkbox, not pre-ticked by default. It cannot result from the acceptance of general conditions. In general, the data relating to the visual cryptogram are not kept beyond the time necessary for the completion of each transaction, including in the case of successive payments or retention of the card number for subsequent purchases.

According to the Data Protection Act of January 6, 1978, you have a right of access, rectification, opposition, cancellation, processing limitation and transferability of your personal data:

• The right of access: you can request information about the data we process and a copy of it. You may also have access at any time to any data that you have voluntarily provided to us.
• The right of rectification: you can request the rectification of inaccurate data and, considering the purposes of the processing, the finalization of incomplete data. In addition, you may change any information you have voluntarily provided.
• Right of cancellation/opposition: you have the option to request the deletion of your data for legitimate reasons.
• The right of processing limitation: processing limitation of your data is possible, subject to compliance with legal requirements.
• The right to data transferability: if the legal requirements are met, you can receive the data you provide in a structured, up-to-date and machine-readable format and transmit this data to another responsible person or, as far as technically possible, to have them transmitted by Neomitis.

To exercise this right, you can send your request stating your name and email:

• By e-mail at dpo_fr@neomitis.com
• By mail to the following address: NEOMITIS - ZI Montplaisir - 258 Rue du champ de courses - 38780 Pont-Evêque - France

Under current regulations, your letter must be signed and accompanied by a photocopy of an identity with your signature and specifying the address to which you must reach the answer. A response will then be sent within one months of receipt of the request.

Messages that you send via the Internet can be intercepted on the network. Their confidentiality cannot be fully guaranteed. Also, take care not to unnecessarily divulge personal or sensitive information in emails.