In compliance with the Data Protection Act and the GDPR
Personal data and cookies
The Company xxxxxxxxxx, specialist in rental accommodation is concerned about the protection and confidentiality of personal data and undertakes to ensure the best level of protection for your personal data in accordance with the regulations in force on the protection of personal data, applicable in Europe (GDPR) and in France.
The content of this page was last updated on xxxxxxxxxxxxxxxxx/2022
Personal data protection policy
EU Regulation No. 2016/679 of the European Parliament and of the Council of April 27, 2016 on the Protection of Individuals with regard to the processing of personal data and on the free movement of such data hereinafter "GDPR"
The Company xxxxxxxxxxxxxxx, whose head office is located at xxxxxxxxxxxxxxx, 29660 xxxxxxxxxxxxxxxx, registered with the RCS of xxxxxxxxxxxxxxxxxxx under the number xxxxxxxxxxxxxxxxxx which operates the website https://www.xxxxxxxxxxxxxxxxxx.bzh
The personal data protection officer is represented by one of the co-managers of the sarl xxxxxxxxxxxxxxxxx, he can be contacted by post at the head office or at the following email address: contact@xxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxx ensures that it only collects and processes the personal information necessary for the activity and services offered by xxxxxxxxxxxxxxxxxxxxx. They are collected and processed on the following legal bases:
- on the basis of your consent via a contact form
- in connection with the establishment of a commercial relationship or the performance of a contract
- in order to comply with our legal and regulatory obligations
- for purposes of legitimate interest
This data is collected from you on the occasion of:
- your navigation on this site
- commercial contact for the submission of a project, a specification, a quote request request for commercial documentation
- information via a contact form, or an unsolicited application or a job offer (the mandatory information on a form is indicated)
- the exercise of your rights relating to personal data
The personal data collected and processed are those that are strictly necessary for the purposes described above and essentially to ensure a good customer relationship, site consultation and audience statistics and only concern adults:
- identification data: surname, first name, e-mail address, telephone, company, postal code, city, message in the comment box, if applicable, proof of identity to exercise your rights
- connection data: IP address, type and version of browser, type of terminal, operating system as well as the date and time of access, connection logs
- cookies or similar technologies may be installed and/or read in your browser during your visit to the site
- commercial data: history of correspondence with customer service xxxxxxxxxxxxxxxxxxxx
Purpose of processing
- the operations necessary for the provision of our services
- responding to requests for information, quotes, documentation or demonstrations of our services
- exchanges within the framework of a contractualized customer relationship or not
- sending information on the modification or evolution of our services
- the measurement of the audience of our site for statistical purposes
- the automated collection by means of tracers of information concerning your navigation routes, traffic and interaction data, during your navigation on our sites. This information is used to better understand your needs and preferences, in order to improve your user experience.
- managing the exercise of your rights over your personal data
- marketing and commercial prospecting operations relating to our publications and/or service offers by email (newsletters, etc.).
Data retention period
Your personal data is kept for a maximum of 3 years from collection or from the last date of interaction with our services, in accordance with legal provisions.
Data related to your browsing on our online services, audience measurement and attendance is limited to a maximum of 13 months. The data is then anonymized and can be used for general statistical purposes.
Security of the Data collected
All data collected is processed in such a way as to guarantee appropriate security, which translates into a logical and material security policy and security measures specially adapted to our activities.
The xxxxxxxxxxxxxxxxxxx technical teams are made aware of the GDPR and the consideration of the protection of personal data is omnipresent when designing and operating applications. Thus, the following principles govern the development of sites and applications, both at the technical infrastructure level (secure redundant hosting, security policy and access control), and from the application point of view (development of sites and applications):
- secure data collection
- storage guaranteeing data integrity and confidentiality
- securing development environments
- securing data access
- voluntary limitation of subcontracting
- regular training of our technical teams
We process personal data within secure infrastructures located in the European Union.
Recipients of your personal data
Your personal data is communicated:
- internally, to service employees for the purposes of proper performance of services and/or customer relations. In accordance with the regulations, access to your data is based on individual, limited and supervised access authorizations
- occasionally, subject to the needs of the projects, to our co-contractors or subcontractors who can provide related services on our behalf
In application of the regulations, you have a right of access, rectification, deletion, opposition and a right to portability relating to all the data concerning you.
You also have the right to limit the processing using your personal data. Everyone also has the right not to be the subject of individual decision-making based exclusively on automated processing such as profiling. If you have consented to the processing of personal data, you can withdraw your consent at any time. You also have the right to define directives relating to the fate of your personal data in the event of death.
These rights can be exercised with the Data Protection Officer by post or electronic mail accompanied by a copy of the identity document at the following addresses:
- by email: contact@xxxxxxxxxxxxxxxx
- by mail: xxxxxxxxxxxxxxxxxxx, personal data department, xxxxxxxxxxxxxxxx, 29660 xxxxxxxxxxxxxxxx
What is a cookie" ?
A "cookie" is a file of limited size, generally consisting of letters and numbers, sent by the web server to the browser's cookie file located on your computer's hard drive. All about cookies on the dedicated page of the CNIL website
Three types of cookies are deposited via the xxxxxxxxxxxxxxxxxxx site:
a- Internal cookies necessary for the site to function
These cookies allow the site to function optimally. You can oppose and delete them using your browser settings, however your user experience may be degraded.
Tarteaucitron >> Backup of choices regarding cookie consent >> retention period: 12 months ( nb: open source script used by the CNIL ).
b- Audience measurement cookies
In order to adapt the site to the requests of its visitors, we measure the number of visits, the number of pages viewed as well as the activity of visitors to the site and their frequency of return. Google Analytics and Google Tags Manager, the statistics tools used by Versio, generate the following cookies:
_ga >> Statistical measures of site traffic >> retention period: 12 months
_gat_UA-xxxxxxx-x >> Statistical measurements of site traffic >> retention period: 12 months
resolution >> Detection of screen resolution >> retention period: the end of the current session
c- Third-party cookies intended to improve the interactivity of the site
The xxxxxxxxxxxxxxxxxxx site relies on certain services offered by third-party sites. These features use third-party cookies directly deposited by these services. These include:
- sharing buttons (twitter and facebook)
- lists of tweets (twitter)
- videos posted on the site (youtube, dailymotion)
- animated presentations
During your first visit to cocoleon.bzh, a banner informs you of the presence of these cookies and invites you to indicate your choice. They are only deposited if you accept them or if you continue browsing the site by visiting a second page of cocoleon.bzh
and indicate your preference, either globally or on a service-by-service basis.
Data retention period
Administrative useful lives (DUA) applicable to the main procedures managed by xxxxxxxxxxxxxxxxxxxx
nb: the DUA covers the retention period in the active database and in internal archives
- Request for information from xxxxxxxxxxxxxxxxxx, via the contact form, without commercial or recruitment follow-up: 90 days from receipt of the form data
- Direct contact by email with the webmaster: 6 months after receipt of the request
- Notification of a personal data breach: duration of existence of the file concerned + 1 year