Interested in our services?

Make an appointment with a member of our team today.

Make an appointment
X
🌱 IT SYSTEMES is committed to CSR!

Terms of use

Published on: July 01, 2023

Site presentation

In accordance with article 6 of French law no. 2004-575 of June 21, 2004 on confidence in the digital economy, users of the www.it-systemes.fr website, and associated domains and sub-domains such as www.it-systemes.ch, are informed of the identity of the various parties involved in its creation and follow-up:

Site owner: SAS IT SYSTEMES , headquartered at 58-60 rue Etienne Dolet 92240 MALAKOFF, registered with the NANTERRE Trade and Companies Register under number 521 984112 00057;

And whose secondary establishments are located:

- 51 Quai Lawton - 33300 Bordeaux, registered with the RCS of BORDEAUX under number 521 984112 00073

- 63 Rue André Bollier - 69007 Lyon, registered with the RCS of LYON under number 521 984112 00065

- 15 Boulevard de la Rocade - 74000 Annecy, registered with the RCS of ANNECY under number 521 984112 00081

Represented by its president, SARL 1640 RIVERSIDE, itself represented by its manager, Mr Samir AMARA.

Site creator: Agence Pure illusion

Publication manager: Mr Samuel Laublin - e-mail: s.laublin@it-systemes.fr

Site host: Webflow / Amazon Web Services (AWS)

General terms and conditions of use of the site and the services offered

Use of this website implies full acceptance of the general conditions of use described below. These conditions of use may be amended or supplemented at any time, and users of this site are therefore advised to consult them regularly.

This site is normally accessible to users at all times. However, IT SYSTEMES may decide to interrupt the site for technical maintenance purposes, in which case it will endeavour to inform users of the dates and times of the intervention in advance.

This site is regularly updated by Samuel LAUBLIN. In the same way, the legal notices may be modified at any time: they are nevertheless binding on the user, who is invited to refer to them as often as possible in order to take cognizance of them.

Description of services provided

The purpose of this site is to provide information about all the activities and news of the company IT SYSTEMES.

IT SYSTEMES strives to provide information on this site that is as accurate as possible. However, IT SYSTEMES cannot be held responsible for any omissions, inaccuracies or failure to update the information, whether caused by or by third-party partners supplying the information.

All information on this site is given for guidance only, and is subject to change. Furthermore, the information on this site is not exhaustive. It is subject to modifications having been made since it was put online.

The present website cannot be held responsible for any material damage linked to the use of the site. In addition, users of the site undertake to access the site using recent, virus-free equipment, with the latest generation browser.

Intellectual property and counterfeiting

IT SYSTEMES is the owner of the intellectual property rights or holds the rights of use on all the elements accessible on the site, notably texts, images, graphics, logos, icons, sounds and software.

Any reproduction, representation, modification, publication, adaptation of all or part of the elements of the site, whatever the means or process used, is forbidden, except with the prior written authorization of: IT SYSTEMES.

Any unauthorized use of the site or of any of the elements it contains will be considered as counterfeiting and will be prosecuted in accordance with the provisions of articles L.335-2 et seq. of the French Intellectual Property Code.

Limitation of liability

IT SYSTEMES cannot be held responsible for any direct or indirect damage caused to the user's equipment when accessing this site, and resulting either from the use of equipment that does not meet the aforementioned specifications, or from the appearance of a bug or incompatibility.

IT SYSTEMES cannot be held responsible for indirect damage (such as loss of market or loss of opportunity) resulting from the use of this site.

Interactive areas (possibility of sending a form in the Contact area) are available to users. IT SYSTEMES reserves the right to delete, without prior notice, any content posted in this area which contravenes legislation applicable in France, in particular provisions relating to data protection. Where applicable, IT SYSTEMES also reserves the right to hold the user civilly and/or criminally liable, particularly in the event of messages of a racist, insulting, defamatory or pornographic nature, whatever the medium used (text, photographs, etc.).

Data protection policy

1. Introduction

The GDPR (General Data Protection Regulation) is one of the regulations that govern how organizations carry out their information processing activities. It is the regulation that aims to protect the personal data of European Union citizens. Fines are applicable for any form of breach of the GDPR. Therefore, IT SYSTEMES should ensure compliance with the RGPD by establishing a data protection policy (DPP).

2. Objective

The purpose of this document is to describeIT SYSTEMES 's responsibilities with regard to the protection of personal data.

3. Principles of personal data processing

The RGPD is based on a number of fundamental principles:

  • Personal data should be processed fairly, lawfully and transparently in relation to the data subject.
  • Personal data should be collected for specific and legitimate purposes
  • Personal data should be accurate and kept up to date.
  • Inaccurate personal data should be deleted or rectified without delay.
  • Personal data should be processed and protected against unlawful or unauthorized processing IT SYSTEMES ensures compliance with all the above principles.
3.1 Rights of the person concerned

Rights of the data subject under the GDPR:

  • Right to information
  • Right of access
  • Right of rectification
  • Right to erasure
  • Right to restrict processing
  • Right to data portability
  • Rights related to automated decision-making and profiling
  • The right to object

The rights of data subjects are supported by appropriate procedures withinIT SYSTEMES that enable the required measures to be taken within the timeframes stipulated by the RGPD.

The deadlines for the requests of the persons concerned are indicated below:

Right to be informed
- Time limit: Within one month (if data not supplied by data subject)

Right of access
- Time limit: 1 month

Right of rectification
- Time limit: 1 month

Right to erasure
- Time limit: Without undue delay

Right to restrict processing
- Time limit: Without undue delay

Right to data portability
- Time limit: 1 month

Rights related to automated decision-making and profiling
- Time limit: Not specified

The right to object
- Time limit: On receipt of the objection

3.2 Legality of processing

TheIT SYSTEMES policy specifies the appropriate measures that should be taken to document and process a specific case of personal data. However, the RGPD proposes six other means that can be used by IT SYSTEMES, depending on the case.

Consent : Except for specific reasons that are indicated as permitted by the GDPR, IT SYSTEMES should obtain the consent of the data subject before collecting and processing their data. For example, any matter involving children under the age of 16 requires parental consent.

Contract performance: Explicit consent will not be required in cases where the data collected and processed is necessary for the performance of the contract, such as in cases where the contract cannot be finalized without the personal data. For example, if an address is missing in the delivery of a parcel, delivery cannot be made.

Legal obligation: Explicit consent will not be required in cases where the data collected and processed is necessary to comply with the law. Taxation and employment may be examples of such cases.

Fundamental interests of the data subject: A number of data processing operations may be lawful under certain conditions (notably in the public sector), such as in cases where the data is necessary for the protection of the data subject's main interests or for social welfare.

Carrying out public-interest missions: The consent of the data subject is not required in cases where IT SYSTEMES has to carry out a specific public-interest mission.

Legitimate interests: Data processing is considered lawful in cases where the processing of personal data does not significantly affect the rights and freedoms of the data subject. However, the taking of such measures should be appropriately justified and documented.

3.3 Data protection at the design stage

IT SYSTEMES should adopt the principle of data protection from the outset, and ensure that systems for collecting personal data take account of privacy issues. Systems should also successfully complete one or more data protection impact assessments.

The Data Protection Impact Assessment (DPIA) includes the following elements:

  • Determining the purpose of personal data processing
  • Determine whether processing of personal data is necessary
  • Identify the measures needed to deal with risks and comply with legislation

In order to respect the protection of personal data and comply with the RGPD, IT SYSTEMES may use techniques such as data minimization and pseudonymization.

3.4 Personal data processing contracts

According to the requirements of the RGPD, IT SYSTEMES should ensure that all personal data used is the subject of a contract, i.e. the RGPD Agreement Policy between the controller and the processor.

3.5 International transfers of personal data

Before transferring personal data outside Europe, IT SYSTEMES examines and ensures that it complies with RGPD regulations.

Therefore, in order to regulate international intra-group data transfers, binding corporate rules provide for enforceable rights for data subjects.

3.6 Violation notification

In all cases relating to personal data breaches, IT SYSTEMES is responsible for examining the measures that should be taken and for informing the parties concerned.

In accordance with the RGPD, if a personal data breach occurs, the competent authority should be informed within 72 hours. Such cases should be managed on the basis of the Information Security Incident Response Procedure, which sets out the process for handling information security incidents.

Applicable law and jurisdiction

Any dispute arising in connection with the use of this site is subject to French law. The competent courts have exclusive jurisdiction.

Contact us
Phone