DATA PROTECTION POLICY

Scope

Takoma grants the utmost importance and care to the protection of privacy and personal data, and with this in mind is committed to respecting the relevant legal requirements.

European Regulations on the subject of personal data protection state that any processing of personal data must be lawful, fair, and transparent. This Data Protection Policy (hereinafter the “Policy”) is destined to provide simple, clear information on how and why we process personal data relating to you, collected in the context of navigating and performing actions on our website.

1. Controller

In order for you to use our website https://www.takoma.fr, we collect and process personal data relevant to you, natural persons (hereinafter “concerned persons”).
Takoma SAS, headquarters at 14 boulevard Raymond Poincaré FR – 92380 Garches, will act as Controller of all data processing for which TAKOMA determines the means and purposes, as defined by current regulations regarding personal data, specifically Regulation UE 2016/679 relating to the protection of natural persons with regard to the processing of personal data and the free transmission of data.

2. What data do we collect and how?

By using our website, you communicate to us specific data relating to you, some of which could be used to identify you (“personal data”). This occurs when you browse our website or when you fill out online forms.
Each online form on the site limits the collection of personal data to only that which is necessary and will always indicate the purpose(s) of the data collection and the recipient(s) of said data. Data required to process your requests will always be indicated with the term “required”. If you do not fill in these fields, Takoma will not be able to process your request.
The nature and quality of collected personal data relevant to you will vary depending on the nature of the relationship between you and Takoma, the foremost being:
Log-in information: this includes any information that will allow us to identify you such as first name, last name, or telephone number. We may also need to collect your email address, and in case of a membership request, we may ask for official identification.
Connection data: cookies (Google Analytics), connection log

3. Description of the provided services

This policy covers data processing performed in the context of:
• Management of Takoma websites;
• Social network management;
• Requests sent from online forms on this website;
• Recruitment of Takoma employees;
• Management of Takoma’s customers, suppliers, and partners.
These processing methods exist in the following legal frameworks:
To meet our legal obligations
In certain specific cases we must collect personal information about you to meet our own legal obligations.
This is relevant to data processing in the context of managing user requests to exercise rights.
For our own legitimate interests
No data processing is based on this legal framework.
Consent
The processing of your personal data can be lawful based on your consent, for example to initiate contact for an information request regarding Takoma’s expertise.

4. Do we share your personal data?

We do not share your personal data with any other company for commercial purposes.
Each section dedicated to a processing method lists the internal recipients who will be accessing and processing said data. Data can be transmitted to technical third party subcontractors, chosen for their expertise and reliability, who act on our behalf and according to our instructions (IT subcontractor, server hosting, etc.).
We only authorize these subcontractors to use your personal data in situations where it is necessary in order to provide services to you in your name, or to abide by legal requirements, and we work to ensure that your personal data is protected at all times.
DPO Consulting can also in certain cases communicate your personal data to third parties when such communication is required by law, by a regulatory provision, or a judicial decision, or if this communication is required to ensure the protection and defence of our rights.
We do not sell your personal data.

5. Is your data transferred to other countries?

Takoma works to ensure your personal data remains within the European Union. However, the data we collect when you use our platform or services can be transferred to other countries, for example if a subcontractor is located outside the European Union.
In this type of transfer, we guarantee that:
– The transfer will me made to a country with adequate protection levels, that is to say a level of protection equal to those required by European regulations;
– The transfer is framed by standard contractual provisions.

6. How long do we keep your data?

Your personal data is stored only as long as strictly necessary in order to fulfil the purpose for which the data was collected, in order to meet your needs or our own legal obligations.
The duration of storage of this data will vary depending on various factors, including:
– The requirements of Takoma activities;
– Contractual requirements;
– Legal obligations;
– The recommendations of supervisory authorities.

7. How do we guarantee data security?

Takoma commits to protecting all personal data we collect or process against loss, destruction, alteration, and unauthorized access or transmission.
With this in mind, to protect your data we implement all technical and organisational measures necessary based on the nature of the data and the risks inherent to the processing method. These measures ensure we can maintain the security and confidentiality of your personal data. These measures can include actions such as limiting data access to only authorized persons based on their function.
Furthermore, our practices and policies and/or physical/logistical security measures (secured access, authentication procedures, back-up copies, software, etc.) are regularly verified and updated as necessary.

8. What are your rights?

Based on the private nature of the data that we collect/process, you can exercise the following rights:
– The right of access: you have the right to request access to the personal data regarding you that we possess, and you can request a copy;
– The right to rectification: you have the right to ask us to rectify information you think is inaccurate;
– The right to erasure: you have the right to ask us to erase your personal information in certain circumstances;
– The right to data portability: you have the right to ask that we transfer any personal data you have communicated to you in a structured format. You also have the right to ask that we transfer your personal data to another controller in certain circumstances;
– The right to restriction of processing: you have the right to ask us to restrict the processing of your information if:
• You contest the accuracy of the data concerning you, which we will verify;
• The processing is illegal but you do not want us to delete your data;
• We no longer need your personal data for processing requirements, but you need the data to pursue or defend yourself from any legal action;
• You are opposed to the processing of your data based on your own reasons pending an evaluation of our own legitimate and compelling justifications to determine which take precedent;
If this personal data is subject to limitations of this kind, we will only process your data with your consent, or with the objective to pursue or defend ourselves from any legal action;
– The right to object to processing for legitimate reasons;
– The right to revoke consent at any time.
You can exercise your rights by contacting our Data Protection Officer at the following address:
DPO Consulting
Service DPO Externalisé
1 – 3 rue Caumartin
FR– 75009 Paris
When you communicate a request to exercise your rights, you will be asked to specify as much as possible the scope of the request, the type of right you wish to exercise, the personal data processing method concerned, and any other useful information to facilitate the processing of your request. Furthermore, with this in mind you will have to provide proof of identity.

9. How should you contact us?

You can contact us using the following postal address:

Takoma
RH
14 Bd Raymond Poincaré
FR– 92380 Garches

10. Cookie management

Cookies are small text files that are downloaded onto your computer when you visit Takoma’s website. Some cookies are required to allow the site to function, while others can improve existing functions. Cookies are stored on your terminal or any device optimised for internet connectivity.
Takoma’s website employs the following cookie: Google Analytics.
We only collect and store anonymous data regarding site traffic via an analytic solution: this includes the number of unique visitors, the number of page views, the country of the user’s IP, the traffic source (direct traffic, search engines, or referring sites), the type of device (computer, smartphone, or tablet).
Cookie settings can be found directly in your Web browser and, depending on the browser of your choice, allow you to refuse all cookies when browsing, or only authorizing them on a case by case basis.
For additional information on cookie settings, please consult the dedicated page of the CNIL website (https://www.cnil.fr/fr/cookies-les-outils-pour-les-maitriser).

11. Update of this policy

This policy may regularly be updated to account for evolutions in regulations relating to personal data.
The last update is dated 27/09/2018.