This Charter informs you of the nature of the personal information collected about you, the manner and purpose of its use, as well as the recipients of this information.

This Charter applies to personal information concerning our customers and future customers (interested in a service/product)

This Charter may be modified, supplemented or updated in order to comply with any legal, regulatory, jurisprudential and technical developments. However, your personal data will always be processed in accordance with the policy in force at the time of their collection, unless a mandatory legal requirement were to provide otherwise and would apply retroactively.

THE PROCESSING MANAGER

The controller for any processing referred to in this Charter is CYCLAND – Impasse Sully 17410 Saint Martin-de-Ré.

THE DATA COLLECTION

The data concerning you is collected directly from you or from our partners, after obtaining your consent when necessary, in the following cases:

When you visit the institution’s website:
If you accept cookies
If you make an appointment
If you request to receive the newsletter
If you place an order (service/product) online
If you submit a review on a service

THE NATURE OF DATA COLLECTED

The personal data collected may be the following:

Contact details and marital status (examples: surname, first name, civility, postal address, landline and/or mobile telephone number, email address, date of birth).
Information relating to the order of a service (examples: methods of receipt of a product, date and time of appointment for a service, information related to a possible loyalty account, etc.)
Payment information (examples: payment method used, financing terms, etc.)
Information related to the follow-up of the customer relationship (examples: satisfaction survey, retention of complaints, etc.).
Information related to commercial communication (e.g. choice to receive commercial offers)

PURPOSES AND BASIS OF PROCESSING.

The establishment will only collect your personal data according to a specific purpose, and according to a specific basis (performance of a contract, your consent or legitimate interest of the establishment).

Depending on the service, the purposes and bases are as follows:

Supply of products and services

Data collected: identity, contact details.

Purposes: taking care of the customer, making appointments, performing the service, invoicing and payment.

Basis: contractual performance.

Customer service and business relationship.

Data collected: identity, contact details, opinions and complaints.

Purposes: Responding to inquiries and complaints.

Basis: legitimate interest of the establishment and legal obligation (obligations related to the right of withdrawal of the consumer).

Promotions and communications.

Data collected: preferences relating to the products and services offered, preferences regarding the medium used to receive the communication, information about your lifestyle habits.

Purposes: informing the customer about news, new products, commercial offers.

Basis: Legitimate interest of the institution.

Statistical studies

Data collected: identity, data relating to the commercial relationship and in particular the use of products and services, information on your lifestyle.

Purposes: development of statistics, communication of personalized offers.

Basis: Legitimate interest of the institution.

Compliance with legal and regulatory obligations

Data: data of your transactions, payments, order history and order-related information

Purposes: fight against payment fraud.

Rationale: Legal obligations to cooperate with agencies fighting different types of fraud.

DATA RECIPIENTS

The establishment is likely to share your data with authorized organizations.

Thus, the establishment may have recourse to subcontractors (any company required to process personal data according to the establishment’s instructions) for the processing of your personal data to the extent necessary for the performance of their services (example : hosting a site, managing the sending of promotional offers).

The establishment ensures, by contract with the subcontractor, that the latter respects the confidentiality and security of the personal data they receive.

Except in the cases set out above, the establishment undertakes not to sell, rent or transfer your personal data to third parties without your consent.

DATA STORAGE DURATION

Your data will be kept secure by the establishment for the time strictly necessary to achieve the purposes indicated above, or for the minimum retention period provided for by the applicable legislation.

For example, the data related to the performance of the service will be kept for the duration of the contract, and for a period of 5 years from the end of the service, unless there is a more binding legal provision.

Another example: data related to the sending of promotional offers will be kept for 3 years after the last contact, unless you exercise your right to object.

EXERCISE OF YOUR RIGHTS

You can exercise with the establishment your rights of access, rectification, erasure, limitation, portability of your data, opposition to processing for legitimate reasons, and a right to define the fate of your data post -mortem.

You can exercise these rights by contacting CYCLAND – Impasse Sully 17410 Saint Martin-de-Ré..

You can also file a complaint directly with the Commission Nationale de l’Informatique et des Libertés (CNIL) at https://www.cnil.fr. For any information on the protection of personal data, you can also consult the CNIL.