ARTICLE 1: PREAMBLE
The manner in which their personal data is collected and processed. Any data that could potentially identify a user should be considered personal data. This includes first and last name, age, postal address, email address, user location, and the user's IP address;
What rights users have in relation to these data;
Who is responsible for the processing of the personal data that is collected and processed;
To whom these data are transferred;
Possibly, the website's policy on "cookies".
ARTICLE 2: GENERAL PRINCIPLES FOR DATA COLLECTION AND PROCESSING
In accordance with the provisions of Article 5 of European Regulation 2016/679, the collection and processing of the users' data of the site respect the following principles:
Lawfulness, fairness, and transparency: data can only be collected and processed with the consent of the user who owns the data. Whenever personal data will be collected, it will be
indicated to the user that their data is being collected, and for what reasons their data is being collected;
Data collection and processing minimization: only the data necessary for the proper execution of the objectives pursued by the site are collected;
Reduction of data retention over time: data is kept for a limited duration, of which the user is informed. If this information cannot be provided, the user is informed of the criteria used to determine the retention duration;
Integrity and confidentiality of collected and processed data: the data processing manager commits to ensure the integrity and confidentiality of the collected data.
To be lawful, and in accordance with the requirements of Article 6 of European Regulation 2016/679, the collection and processing of personal data may only occur if they comply with at least one of the conditions listed below:
The user has expressly consented to the processing;
The processing is necessary for the proper performance of a contract;
The processing meets a legal obligation;
The processing is explained by a necessity related to the safeguarding of the vital interests of the person concerned or of another natural person;
The processing can be explained by a necessity related to the execution of a mission of public interest or that comes under the exercise of public authority;
The processing and collection of personal data are necessary for the legitimate private interests pursued by the person in charge of the processing or by a third party.
ARTICLE 3: PERSONAL DATA COLLECTED AND PROCESSED IN THE COURSE OF NAVIGATION ON THE SITE
A. COLLECTED AND PROCESSED DATA AND METHOD OF COLLECTION
The personal data collected on the Terre d'Egypte website are as follows:
- - Name
- - First name
- - Email address
- - Profile picture
- - Phone number, postal address, date of birth...
These data are collected when the user performs one of the following operations on the site:
- - In the context of your quote request and subsequently your registration
- - Via the contact form
- - If you authorize the third-party social network (Facebook, Gmail,...)
The data processing manager will keep all the collected data in the computer systems of the site under reasonable security conditions for a duration of:
- - Quote requests: 4 years;
- - Contractual, commercial documents: 4 years;
- - Analysis cookies: 13 months.
- - Accounting data: 10 years;
The collection and processing of data serve the following purposes:
- - Processing of quote requests, registrations.
- - Response to requests sent via the contact form or chat.
The data processing performed is based on the following legal grounds:
- - Execution of the contract;
- - User's consent;
- - Legal obligation.
B. TRANSMISSION OF DATA TO THIRD PARTIES
The data may be transmitted to the following third party(ies):
Certain collected data may be transferred to Hotels, airlines, transport companies...
C. DATA HOSTING
The Terre d'Egypte website is hosted by: Google Cloud, whose headquarters are located at the following address:
8 RUE DE LONDRES 75009 PARIS 09
The host can be contacted at the following phone number: 08 91 65 31 61.
The data collected and processed by the site are transferred to the following country(ies): Moncks Corner, South Carolina, North America. This transfer of personal data outside the European Union is justified for the following reasons:
The data is hosted in Moncks Corner, South Carolina, North America because the cloud contract with the host in these zones is less expensive.
ARTICLE 4: DATA PROCESSING RESPONSIBLE
A. THE DATA PROCESSING RESPONSIBLE
The data controller for personal data is: Peter Gad. He can be contacted as follows:
The data controller can be contacted by phone at +20 0122 44 55 366, from 8am to 7pm, from Monday to Friday.
The data controller is in charge of determining the purposes and means of processing personal data.
B. OBLIGATIONS OF THE DATA PROCESSING RESPONSIBLE
The data controller commits to protecting the collected personal data, not transmitting them to third parties without the user being informed, and respecting the purposes for which these data were collected.
The site has an SSL certificate to guarantee that the information and data transfer through the site are secure.
An SSL ("Secure Socket Layer") Certificate aims to secure data exchanged between the user and the site.
In addition, the data controller commits to notify the user in case of rectification or deletion of the data unless it implies for him disproportionate formalities, costs, and steps.
In the event that the integrity, confidentiality, or security of the user's personal data is compromised, the data controller commits to inform the user by any means.
ARTICLE 5: USER'S RIGHTS
In accordance with the regulations regarding the processing of personal data, the user has the rights listed below.
For the data controller to comply with his request, the user must provide him with: his first and last name, as well as his email address, and if relevant, his account number or personal space or subscriber number.
The data controller is required to respond to the user within a maximum of 30 (thirty) days.
A. PRESENTATION OF THE USER'S RIGHTS IN TERMS OF DATA COLLECTION AND PROCESSING
a. Right of access, rectification, and right to erasure
The user can review, update, modify or request the deletion of the data concerning him, following the procedure outlined below:
The user must send an email to the personal data processing controller, specifying the object of his request, to the contact email address.
If he has one, the user has the right to request the deletion of his personal space by following the following procedure:
The user must send an email to the controller specifying his personal space number. The request will be processed within 10 working days.
b. Right to data portability
The user has the right to request the portability of his personal data, held by the site, to another site, by complying with the procedure below:
The user must make a request for portability of his personal data to the data processing controller by sending an email via the contact form.
c. Right to limit and oppose data processing
The user has the right to request the limitation or to oppose the processing of his to: data by the site, without the site being able to refuse, unless it can demonstrate the existence of legitimate and compelling reasons, which could prevail over the interests and rights and freedoms of the user.
In order to request the limitation of the processing of his data or to file an opposition to the processing of his data, the user must follow the following procedure:
The user must make a request to limit the processing of his personal data to the data processing controller by sending an email using the site's contact form.
d. Right not to be subject to a decision based solely on automated processing
In accordance with the provisions of the General Data Protection Regulation, the user has the right not to be subject to a decision based solely on automated processing if the decision produces legal effects concerning him or significantly affects him.
e. Right to determine the fate of data after death
The user is reminded that he can organize what should be the fate of his collected and processed data if he dies, in accordance with the Law No. 2016-1321 of October 7, 2016.
f. Right to seize the competent supervisory authority
In the event that the data controller does not respond to the user's request, the user has the right to lodge a complaint with the competent supervisory authority.
The site may use "cookie" techniques allowing it to process statistics and traffic information, facilitate navigation and improve service for the user's comfort.
The site manager reserves the right to modify it in order to guarantee its conformity with the law.