Data Protection Policy
With the aim of transparency regarding the use of data collected via social networks (Facebook,…) and this website, and in accordance with regulation (EU) 2016/679 (hereinafter called GDPR – General Regulations for the Protection of Personal Data), this document aims to present the means used by SOLADIS Group to collect and process all of the personal data in its possession.
Data Processing : any operation or set of operations (from collection to use) performed on data, whether by automated means or not.
Purpose : the objective pursued by the data controller, with a data collection in accordance with the law.
Data controller : the person responsible for creating the data collection by defining its purpose.
Personal data : any data relating to a person.
DPO : Data Protection Officer
GDPR : General Data Protection Regulations
You can contact the DPO (Data Protection Officer or Delegate for Data Protection) of SOLADIS at any time to obtain information through the following contact details:
DPO SOLADIS Group
8 rue Bellecombe
69006 Lyon, France
INFORMATION ON DATA COLLECTION AND PROCESSING
Data collection is carried out at the request of customers (the customer is considered as the data controller – SOLADIS is considered as a subcontractor, or processor). The contract signed between the client and SOLADIS specifies the methods of data collection and processing:
- Concerned data
- Purpose of the collection
- Processing methods
- Data retention period by Soladis
- Data transfering method from Soladis to the client
- Contact of the DPO of both companies.
The contract signed between the two entities also ensures compliance with the regulations in force concerning the protection of personal data.
The collection is carried out from tags and keywords on the public pages of the Facebook network, on the private pages of the client of Soladis who commissioned us for the study, and on the Facebook pages built by Soladis according to a specific theme.
Depending on the contract signed with the client, the data can be processed by SOLADIS. The data is processed in accordance with the purpose defined by the contract between the two parties. Soladis collects data (comments, tags, reviews, share, emoticons, sender nickname) using the APIs delivered by Facebook, without using other third parties. Soladis data processing is done on market or open source tools (R, Python, SAS…) to meet the purposes of customer requests (understanding of palatability) and only the Soladis teams in charge of processing have access to project data .
In accordance with the GDPR, any person can exercise its rights of access, opposition, rectification and erasure at any time through the company Facebook. In the event of a complaint, Facebook will contact the DPO of SOLADIS: email@example.com.
SECURITY AND CONFIDENTIALITY
The data collected is stored on a server internal to SOLADIS. The data stored on the first server is replicated daily on a second server and on a network hard disk type (NAS), a backup by snapshot taking place four times a day. The two servers are located respectively at 8 and 10 rue Bellecombe, 69006 Lyon. The retention period for replicated data is fixed at one year.
In the event of a generalized or temporary failure, or the erasure or modification of data, a system for restoring data and restoring systems is effective through the IT service provider of SOLADIS.
SOLADIS premises have fire safety and an intrusion alarm.
The IT system is managed by a subcontractor in accordance with the GDPR. It is secured by an anti-virus and a firewall
Access to computer data is only possible from the internal SOLADIS network, defined and limited according to the user’s profile. Any intrusion into the computer network or unauthorized access attempt is immediately reported to the information systems security service and to the general management of the SOLADIS group.
TRANSFER OF PERSONAL DATA
Subject to what is indicated in this personal data protection policy, we are likely to communicate personal (pseudo) data with people employed by the SOLADIS Group and only to the extent necessary for the performance of their tasks. assigned.
The data collected is not transferred to the customer. Only the analysis and the results of the analysis reach the end customer by:
- Secure FTP server FTP compartimentez by client
- Web visualization tools (datvizz) on secure server and compartmentalized by client
Due in particular to the international dimension of our customers, communications are likely to involve transfers of analyzes and results (excluding raw data) to countries not members of the European Economic Area, including legislation on protection of personal data differ from that of the European Union.
In this case, the contracts between SOLADIS and the customers are adapted and organizational, technical and personnel measures, rigorous and appropriate, ensure the security and confidentiality of personal data in accordance with European regulations.
CONSERVATION OF DATA
We aim to always keep personal data secure, and only for the time necessary to achieve the purpose pursued by the processing. In this sense, we are implementing the appropriate technical and organizational measures.
Once the data has been collected and / or processed, we leave access to the data to the customer for 6 months. Subsequently, these accesses are blocked and the data are archived and kept by SOLADIS for a period of time defined contractually beforehand, with regard to the intended purpose. If no deadline has been established, the data collected is deleted 3 years after the archiving date.