Privacy Policy

Synneo, which manages this platform, places great importance on the protection and confidentiality of your personal data. We see this as a sign of our commitment and trustworthiness.

As such, our Personal Data Privacy Policy precisely demonstrates our dedication to upholding the applicable rules for personal data protection within Synneo, especially those of the General Data Protection Regulation ("GDPR").

Specifically, our Privacy Policy aims to inform you about how and why we process your personal data in connection with the services we provide to you.

Who is our Privacy Policy intended for?

Our Privacy Policy applies to you, regardless of where you live, as long as you are at least 15 years old and a user of our platform.

If you are under the legal age detailed above, you are not authorized to use our services without the prior and explicit consent of one of your parents or the holder of parental authority. This consent must be sent to us via email at dpo@synneo.fr.

If you believe we hold personal data about your children without your consent, please contact us at the dedicated address mentioned above.

Why do we process your personal data?

We primarily process your personal data for the following reasons:

  • To enable you to use and benefit from our service and all its features (e.g., placing online orders, using our purchase delivery service, etc.), based on our Terms of Use.
  • To manage user accounts (e.g., account creation, service access, and account deletion), based on our Terms of Use.
  • To facilitate online payments, based on our Terms and Conditions of Sale.
  • To send you technical emails (e.g., password changes, etc.) essential for the proper functioning of our service, based on our Terms of Use.
  • To allow you to upload and import documents onto our platform, based on our Terms of Use.
  • To guarantee and enhance the security and quality of our services daily (e.g., statistics, data security, etc.), based on our legal obligations, our Terms of Use, and our legitimate interest in ensuring the smooth operation of our services.
  • To send you our newsletter, based on our legitimate interest in customer loyalty and on your consent if you are not yet a customer of our services.

Your data is collected directly from you as soon as you are a user of our platform, and we commit to processing your data only for the reasons described above.

What personal data do we process?

Below, we've summarized the categories of personal data we process and their respective retention periods:

  • Personal Identification Data (e.g., name, surname, etc.): Kept for the entire duration of service provision, plus any applicable legal prescription periods, which are generally 5 years.
  • Economic and Financial Data (e.g., bank account number, verification code, etc.): Retained for the duration necessary for the transaction and the management of invoicing and payments, plus any applicable legal prescription periods, which are generally 5 to 10 years.
  • Email Address for Technical Messages: Kept until your account is deleted.
  • Email Address for Newsletter: Retained until you unsubscribe from the newsletter.
  • Connection Data (e.g., logs, IP address, etc.): Kept for a period of 1 year.

Upon the expiration of the applicable retention periods, the deletion of your personal data is irreversible, and we will no longer be able to provide it to you after this time. At most, we may only retain anonymous data for statistical purposes.

Please also note that in the event of litigation, we are obligated to retain all data concerning you throughout the entire duration of the case's processing, even after the expiration of their previously described retention periods.

What Rights Do You Have to Control the Use of Your Personal Data?

Data protection regulations grant you specific rights that you can exercise, at any time and free of charge, to control how we use your data.

  • Right to Access and Copy your personal data, provided this request doesn't conflict with business secrets, confidentiality, or the privacy of communications.
  • Right to Rectification of personal data that is incorrect, outdated, or incomplete.
  • Right to Request Erasure ("right to be forgotten") of your personal data that isn't essential for the proper functioning of our services.
  • Right to Restriction of your personal data, which allows for a snapshot of your data's use in case of a dispute over the legitimacy of processing.
  • Right to Data Portability, enabling you to retrieve a portion of your personal data to easily store or transfer it from one information system to another.
  • Right to Issue Directives regarding the fate of your data in the event of your death, either directly or through a trusted third party or beneficiary.

For a request to be considered, it's crucial that it's made directly by you to dpo@synneo.fr. Any request not made in this manner cannot be processed.

Requests cannot come from anyone other than you. Therefore, we may ask for proof of identity if there's any doubt about the requester's identity.

We will respond to your request as quickly as possible, with a maximum delay of three months from its receipt if the request is technically complex or if we receive many requests simultaneously.

Please note that we may still refuse to respond to any excessive or unfounded request, particularly if it's repetitive.

Who Can Access Your Personal Data?

Your personal data is processed by our teams, by our professional client for whom this platform is developed, and by our technical service providers for the sole purpose of operating our service.

We specify that we vet all our technical service providers before recruiting them to ensure they scrupulously adhere to the applicable personal data protection rules.

Can Your Personal Data Be Transferred Outside the European Union?

The personal data processed by our platform is exclusively hosted on servers located within the European Union.

Furthermore, we do our utmost to use only technical tools whose servers are also located within the European Union. If, however, this is not the case, we scrupulously ensure that they implement the appropriate safeguards required to ensure the confidentiality and protection of your personal data.

How we protect your personal data

We implement technical and organizational measures to ensure the daily security of your personal data and, in particular, to combat any risk of destruction, loss, alteration, or disclosure.

Do we use cookies when you browse our platform?

WE GUARANTEE THAT WE DO NOT USE ANY ADVERTISING COOKIES FOR THE OPERATION OF THIS PLATFORM.

However, we would like to inform you that we do use statistical cookies when you browse our platform. For more information, please consult our Cookie Policy.

Who can you contact to obtain more information about the use of your personal data?

To best ensure the protection and integrity of your data, we have officially appointed an independent Data Protection Officer ("DPO") with our supervisory authority.

You can contact our DPO at any time, free of charge, at dpo@synneo.fr to get more information or details on how we process your data.

How can you contact the CNIL?

You can contact the "Commission nationale de l'informatique et des libertés" or "CNIL" at any time using the following contact details:

CNIL Complaints Department 3 place de Fontenoy – TSA 80751 75334 Paris Cedex 07 France

By phone: 01.53.73.22.22

Can the privacy policy be changed?

We may modify our Privacy Policy at any time to adapt it to new legal requirements and to new processing activities that we may implement in the future.