- IMVITRO’S COMMITMENT TO PROTECTING PERSONAL DATA
In order to best meet your expectations and build a close relationship with you, IMVITRO collects personal data concerning you in the context of your browsing on the Website. Please rest assured of the confidentiality of any information you exchange with Us. IMVITRO commits to not breaching your privacy and to ensure that the collection and storage of your personal data is transparent and secure.
- PROTECTION OF PERSONAL DATA: THE PRINCIPLES
IMVITRO makes sure that the fundamental principles of data protection are respected for each processing operation:
Legitimacy: data will only be collected for specific, explicit and legitimate purposes. The processing operations involved by browsing on this Website will not involve sensitive data (racial or ethnic origins, political, philosophical or religious opinions, trade union membership, health, sexual life, offences, convictions or security measures).
Relevance and Accuracy: We ensure that the collected data are adequate, relevant and non-excessive in relation with the purposes for which they are collected. We also have set technical and organisational measures in place in order to guarantee that the data we collect is accurate, complete and, where necessary, kept up to date.
Transparency: at the time of collection of your personal data, you will be duly informed with regards to the collection and processing of said data.
Limitation of retention: personal data will be kept for a period which does not exceed the time necessary for the purposes for which they are collected and processed.
Consent: Where necessary, your consent will be required prior to any collection of personal data.
Rights: You may request for access, rectification, limitation or deletion of your personal data at any given time. You may also object to the use of your personal data at any given time, and/or request for the portability of your data. To exercise these rights, please refer to article 12 of the Policy.
Confidentiality & Security: ImVitro undertakes to process your personal data in a way that guarantees its confidentiality and security by implementing appropriate technical and organisational measures.
For all of the Processing operations involved (cf. paragraph 6), IMVITRO is the entity that determines the means and the purposes and thus acts as Data Controller within the meaning of the applicable regulations on personal data and in particular EU Regulation 2016/679 on the protection of individuals with regard to the Processing of Personal Data and on the free movement of such Data (hereinafter “GDPR”).
- PERSONAL DATA COLLECTED
We will collect the following information about you when you use the “contact us” feature of our Website:
- Identification data (Name);
- Contact details (e-mail address);
- Comments field (subject, message)
The comments field in the “contact us” section of the Website allows you to address us directly and freely. Please refrain from using it inappropriately or transmitting us personal data that we do not require to answer your query, especially sensitive data as defined by article 9 of GDPR (data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation).
- TIME OF COLLECTION
The collection of your “personal data” only takes place when you use the “contact us” form (https://im-vitro.com/contact-us/).
- PURPOSES AND LEGAL BASIS OF PROCESSING
IMVITRO collects and processes your data for the purposes of answering requests and questions you submit via our “contact us” form or directly via email.
- RECIPIENTS OF YOUR PERSONAL DATA
Your data may be transferred:
- to technical service providers chosen for their expertise and reliability who act on our behalf and according to our instructions (host of our servers) ;
- to local authorities in the context of a legal obligation or at the request of an administrative authority authorised to make this type of request.
We never share your personal data with other companies for marketing purposes without your consent.
- INTERNATIONAL DATA TRANSFER
In the context of the Website’s hosting, the recipients of your personal data may be located abroad, including outside the European Economic Area (EEA) in countries where the data protection legislation differs from that which is applicable within the EEA.
Any transfer of data outside the EEA is subject to appropriate contractual and other safeguards in accordance with applicable data protection regulations, in particular articles 44 to 50 of the GDPR.
IMVITRO is committed to protecting your personal data against any loss, destruction, alteration, access or unauthorized disclosure.
To this end, IMVITRO implements the appropriate technical and organizational measures, given the nature of the data and the risks involved in processing them, to preserve the security and confidentiality of your personal data.
These measures may notably include practices such as limited access to personal data by contractual guarantees in the event of recourse to an external service provider, the performance of privacy impact studies, physical and/or logical security measures (secure access, authentication process, antivirus software, firewalls, etc.).
10.1 What is a cookie?
A cookie is a text file that can be stored in a dedicated area of your Terminal’s hard disk when viewing an online service using your browser. A cookie file enables its issuer to identify the terminal on which it is stored during the cookie’s validity or registration period.
* the Terminal means the hardware (computer, tablet, smartphone, etc.) that you use to view or display a website, application, advert, etc.
The only cookie used on our Website is the WordPress_test_cookie, which is a ‘strictly necessary’ user cookie of WordPress without which it will not be able to function. It is a session cookie that expires once you leave the Website page.
- DATA RETENTION
In accordance with data protection regulations, your personal data will be retained only for the period required for the purpose(s) for which the data have been collected and processed.
Since the retention needs may vary according to the particular purpose(s), the personal data retention period may also vary. The criteria used to determine the retention period include the following:
- the existence of a legal obligation to retain the data for a certain period of time;
- an administrative interest in retaining your personal data;
- the time limits of the applicable legal provisions.
- the time needed for IMVITRO to improve the platform’s interface
- YOUR RIGHTS REGARDING YOUR PERSONAL DATA
In accordance with the regulations in force, you have the right to access and rectify your personal data as well as, insofar as applicable, the right to request its deletion, the right to oppose the processing of your data for a legitimate reason and to obtain its limitation or portability.
When you exercise your rights, your personal data will be processed for the purposes of handling your request (civility, surname, first name, copy of identity document, nature of the request, response given). These data are kept for a period of one year or six years, depending on the right exercised, with the exception of the copy of the identity card, which will always be kept for one year (if it is collected).
You may exercise these rights or ask any question relating to the management of your personal data by IMVITRO by contacting its Data Protection Officer:
By e-mail to the following address: email@example.com
By mail to the following address:
A l’attention du DPO
96 bis boulevard raspail
Where there is reasonable doubt as to the identity of the applicant, proof of identity may be requested where appropriate.
You also have the right to refer any complaint relating to the way in which IMVITRO collects and processes your data to the Commission Nationale de l’Informatique et des Libertés (CNIL), 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07.