SARL COTOLOT :  Dried fruit

TRADITIONAL KNOW-HOW
FOR REFINED TASTE

Privacy policy dated 25/05/2018

This CONFIDENTIALITY POLICY has for purpose to inform the users of the given web-site www.cotolot.com (hereinafter referred to as the Web-site) on the principles of collection, usage and protection in its integrity by Cotolot (hereinafter referred to as the Web-site administrator) of the data transmitted.

This CONFIDENTIALITY POLICY concludes the General Terms and Conditions, to find out more on its full version please go to General Terms and Conditions.

This CONFIDENTIALITY POLICY is subject to modification or completion by the Web-site Administrator, particularly in terms of conformity to legislation, norms and standards, law enforcement or technical issue which may evolve. In either of these cases any modification, whatsoever, shall be clearly identified via the date of update mentioned directly in the header section of the present POLICY. These modifications become effective for USERS immediately once published. It is strongly advised that USERS read regularly the present CONFIDENTIAL POLICY and POLICY ON USING COOKIES to be informed of eventual modifications.

By accessing the Web-site USERS accepts entirely and unconditionally the terms and conditions of the present CONFIDENTIALITY POLICY as well as the POLICY ON USING COOKIES.

USER recognizes to have read the information herein below and authorizes the Web-site Administrator to collect and process personal data transmitted via inquiry sheet, in conformity with the present CONFIDENTIALITY POLICY.

The CONFIDENTIALITY POLICY is valid for all the pages hosted by the dedicated server and for registered versions of the Web-site. It is in no case valid for the pages hosted by third persons, who could be receiving the information from the Web-site Administrator and whose confidential policies might be different from the given one. The Web-site Administrator in this case shall not be kept responsible for the data processed by these servers or other third persons whatsoever.

Article 1 : General principles on data collection and processing

In accordance with Article 5 of European Regulation 2016/679 (hereinafter referred to as GDPR) and Article 6 and 36 of the Act on Information Technology, Data Files and Civil Liberties of January 06th, 1978 enacted by the Decree of August 06th, 2004 on Data Processing, Files and Individual Liberties, collection and processing of the web-site users’ data shall conform to the following principles :

  • Lawful, correct and transparent data : these data are subject to collection and processing only upon explicit consent from a user. Each time personal information is being collected, the user shall be informed accordingly, and for what reason ;
  • Secured, explicit and legitimate data : these data are collected to attain certain objective(s) of the present CONFIDENTIAL POLICY ;
  • Adequate, relevant and limited data : only the data strictly essential for a proper execution of objectives pursued by the web-site ;
  • Short-term data storage : these data are stored for a limited period of time, the user being informed respectively ;
  • Exact, and if necessary, up-to-date information : data being collected and processed shall be kept duly up-to-date. Reasonable measures shall be taken in order to delete incomplete data and adjust wrong data within the shortest timelines ;
  • Integrity and confirdentiality of the collected and processed data : the person in charge shall provide security for personal information, including protection against non-authorised or illegal processing, data loss, data destruction or accidental damage, via appropriate technical and organisational measures.

 

To ensure the data are lawful, and in full conformity with Article 6 of GDPR, personal data collection and processing shall occur given that they fulfil at least with one of the conditions enlisted herein below :

  • The user has given his explicit consent for data processing ;
  • Data processing being an inseparable part to the execution of a contract which the user is a party to ;
  • Data processing results from a legal obligation which is binding upon the person in charge of processing;
  • Data processing is made necessary to preserve vital interestes of the person in charge of processing or any other individual ;
  • Data processing is imperative in pursuit of a public interest mission or public authority service whereof the person in charge of processing  might be involved ;
  •   Data processing is imperative to attain legitimate and private interests pursued by the person in charge of processing or a third person, on condition that fundamental interests and rights of the person concerned shall not prevail in any case over the interests of the person in charge of processing ;

 

Article 2 : Personal data collection

In general terms, it is possible to access the Web-site without indicating any personal information whatsoever. User is not in any way obliged to give this information to the Web-site Administrator.

However, in case of refusal to do so it is probable that you will have limited functionaly of the Web-site at your disposal, not being able to consult certain information or services you requested.

 

Article 2.1 : Inquiry form

The Web-site Administrator can, in certain cases, request you to communicate the following information : civility form, family name, e-mail address, telephone number, postal address, country (hereinafter referred to as Personal Information).

Article 2.2 : Server log

Once the user accesses the Web-site, the servers being visited register automatically the following information :

  • User’s domain name ;
  • User’s IP address ;
  • Date and hour of visiting the Web-site and other information related to web traffic ;
  • Duration of a visit (for traffic) ;
  • Visited pages ;
  • Type of browser used ;
  • Terminal equipment and/or operating system used ;

These data are stored exclusivley for statistics purposes and in order to improve for the Web-site services.

Article 3 : Data processing reasons and storage period

The Web-site Administrator shall be processing your personal information in the following cases :

 

Data related to potential customers database

  • These data are used to reply to your requests, prepare quotations, create and manage a list of potential clients and are stored for 3 years from collection date or last time a client was connected.
  • These data are used to provide you with information you requested via your subscription to a newsletter and are stored for 3 years after you subscription expired.

Data related to an active client

  • The data are used for contract execution, business relation management, invoicing, unpaid bills collection, debtor tracing tools and are stored throughout an existing business relation term or contractual validity period.

Data related to an inactive client

  • Information related to a client’s account, Purchase Orders, invoices, information on payments effectuated is stored for a period corresponding to legal, civil and tax requirements to this effect.

 

Data generated by the cookies

  • Information related to your surfing on the Web-site is used for improving the performance of the Web-site, measure frequency of site visits and is stored for 13 months maximum.

 

Data generated by log server database

  • This information related to your surfing on the Web-site is used to detect any malfunctioning, cyberattacks, fraud attempts and is stored for 13 months maximum.

 

Article 4 : Data transmission to third parties

Article 4.1 : Sharing your personal information with thirs party entities

 

Only the Web-site Administrator shall be the recipient of your personal information. This information shall not in any case be transmitted to a third party, with only exception of sub-contractors whoever the Web-site Administrator could be soliciting, among them : chartered acountant, web site hosting server, data hosting server, e-mailing company, software publisher, financial partner. Neither the web-site Administrator nor any of the sub-contractors enlisted herein above shall use personal information of users and visitors of the web-site for commercial purposes.

Personal information is likely to be transferred to countries outside the European Union (for example, the United states of America) within the framework of your data sorage or web hosting.

Thus, we shall warrant this transfer is secure and in full conformity with the applicable norms and regulations to provide a sufficient protection and safety of your private life and fundamental human rights through verification, most precisely, of the following criteria :

  • Whether the country or data recipient possess a certain security level considered as sufficient by the European Commission or fulfil the requirements of « Privacy Shield »,
  • Otherwise, transmission is being supervised in conformity with GDPR and its clauses covering types of security adopted by the European Commission.

For more information we can provide please send your request to the Person in charge of data processing via an inquiry form at our Web-site.

Article 4.2. Sharing database with authorities

We may be conducted to disclose your personal information to administrative or judicial authorities provided that this disclosure is essential to identification, convocation or legal pursuit of any individual who is likely to represent danger to our rights, or rights of any other user or a third person.

Article 5 : Security

The Web-site Administrator has taken necessary organisational and technical measures to provide sufficient protection corresponding to risk level and to ensure to the utmost degree that the servers hosting personal information concerned , prevent the following scenarios to occur :

  • Non-authorised access or modification of these data ;
  • Inappropriate usage or disclosure of these data ;
  • Illegal destruction or acciental loss of these data.

Organisational and technial measures :

  • The Web-site Administrator’s employees, who have been granted access to these data, shall be obliged to keep this information strictly confidential. The Administrator shall not, in any case, be held responsible for any inappropriate usage of these data by a third party despite the adopted security measures.
  • The Web-site is supplied with SSL certificate (« Secure Socket Layer » Certificate) which is to ensure that the data are being transmitted via secure web sites. An SSL certificate is used for securing data exchange between a user and a web site.
  • The host server is secured in conformity with existing IT norms and regulations which are being constantly revised.
  • Data process terminals possess an up-to-date anti-virus system, a complexe password system access, and firewall.

Users shall accept to avoid committing a wrong doing whatsoever which may contradict the given CONFIDENTIALITY POLICY, or, in general, the law.

 

Article 6 : Web hosting

The web-site is hosted by :

EFEDUS company, LLC with assets totalling to 30 000 EUR, with registered address at : 2791 Chemin Saint Bernard in VALLAURIS (06220), France, registered with the Chamber of Commerce of ANTIBES, registration number B 484 476 783, tax payer ID : FR15484476783, web-site at http://www.efedus.fr , telephone 04 93 32 76 84.

Article 7 : Person in charge of data processing

Person in charge of personal data processing shall be Mr VALCARENGHI.

You my join him at +33 (0)5 53 41 25 96 from MONDAY to FRIDAY from 8 am to 12 am and from 2 pm to 5.30 pm or by e-mail sent via an inquiry form at our Web-site.

The person in charge shall be entitled to determine purposes and means for personal data processing.

Article 8 : Obligations of the person in charge of data processing

The person in charge shall be liable for protection of the personal data collected, and shall not transmit these data to third parties without any prior notice and consent to do so on behalf of the person concerned, shall fulfil the purposes of data processing. He shall be liable for implementing appropriate organisational and technical measures in order to provide sufficient protection corresponding to risk level in question.

Furthermore, the person in charge of data processing shall be liable to notify the user in case the data concerning him/her have been modified or deleted, on condition that this action shall not entail any formalities, extra charges and other disproportionate consequences.

In case user’s personal information has been violated with risk engaged for user’s rights, the person in charge of data processing shall inform the user of this situation within the shortest timeline, as in conformity with Article 34 of GDPR.

Article 9 : User’s rights

In compliance with the norms and standards related to personal data processing, user possesses the following rights.

In order to render user’s rights legitimate by the person in charge of data processing, user shall be obliged to communicate the following information to the former : first name, family name, e-mail address accompagnied by a copy of his/her ID card or passport.

The person in charge of data processing shall provide a reply to the user within 30 (thirty) days maximum.

Article 9.1 : Right of access, modification and removal

User shall be entitled to take notion of, review, modify or request removal of the data concerning him/her by sending an e-mail to the person in charge of data processing via an inquiry form at our Web-site, specifying the nature of this request.

If the user possesses an account, he can request his deletion by sending an e-mail to the person in charge of data processing via an inquiry form at our Web-site, specifying the e-mail address of his account concerned.

Article 9.2 : Right of data portability

 

User shall be entitled to request portability for his personal information, stored by the Web-site, towards another site of his choice by sending the request to the person in charge of data processing via an inquiry form at our Web-site.

Article 9.3 : Right of limitation and opposition to data processing

User shall be entitled to request limitation or oppose to data processing if at least one of the clauses of Article 18 of GDPR may be applied.

In order to request limited processing of one’s personal information or to express opposition to data processing, user shall send a request request to the person in charge of data processing via an inquiry form at our Web-site.

Article 9.4 : Right of not being subject to decision based solely on automated processing

In compliance with the clauses of Article 22 of the Regulation 2016/679 user shall be entitled not to be subject to a decision based solely on automated processing, if this decision entails judiciary consequences for the user or affects him likewise in a significant manner.

Article 9.5 : Right of data disposal after death

User shall be entitled to decide what his/her personal data shall become after death, in accordance with the clauses of Article 40 of the Act on Information Technology, Data Files and Civil Liberties.

Article 9.6 : Right of seeking justice from a competent authority

If you consider that the person in charge of data processing does not fulfil his obligations related to your personal information, you can file a complaint or a demand with a competent authority concerned. In France this authority shall be the National Commission on Informatics and Liberty (CNIL). You can send your complaint by e-mail using the link here below :

https://www.cnil.fr/fr/plaintes/internet or by post to the following address :

Commission Nationale de l’Informatique et des Libertés

Service des plaintes

3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07

 

Article 10 : Children’s personal data

In conformity with the clauses of Article 8 of GDPR and the Act on Information Technology, Data Files and Civil Liberties, only persons aged 15 or more can give their consent for their personal data processing.

For a child under this age the consent shall be his own jointly with the consent of his tutor or a person execrcising parental authority.

If the user is under this age, consent of his/her legal representative shall be obligatory for personal data collection and processing.

The Web-site Administrator reserves the right to ensure by all means available that the user is at leas 15 years old or otherwise before browsing in the internet he has been given the consent of his legal representative to do so.

Article 11 : Policy on using cookies

Upon your fist connection at the Web-site you shall be informed via a pop-up banner that the information related to your browsing at the site are likely to be registered within the files called « cookies ». Our policy on using cookies enables you to have a better understanding of the measures we are implementing in terms of web surfing. It informs you in particular on the entirety of the cookies used at our Web-site, its purposes and gives you a guideline to set parametres as per your requirements.

Article 11.1 : General information on cookies used at our Web-site

The Web-site Administrator shall be entitled to install cookies on the hard disk of your terminal equipment (computer, laptop, cell phone, etc.) in order to guarantee a smooth and functional surfing at our Web-site.

Cookies (or otherwise connection indicators) are small text files limited in size, which allow to recognize your computer, laptop or cell phone and, thus, to customize the services we offer.

Data collected henceforth via cookies shall in no way make possible nominative identification. These data shall be used solely for our proper purposes in order to enhance interactivity and performance of our Web-site and furnish you with the information tailored for your needs and focused on areas of your interests.

Neither of this information shall be communicated to a third party except the case when the Web-site Administrator shall have your prior consent to do so or when data disclosure shall be required by law, upon a decison of court or any other administrative or judiciary authority.

For your better understanding of cookies and type information they serve to identify, please refer to the list of various types of cookies herein below, differentiated by their name, purpose and storage period.

Article 11.2 : Configuration of cookies

You can accept or refuse cookies at any moment.

Upon your fist connection at the Web-site, a banner will pop up giving you brief information on cookies and similar technologies. It equally warns you that by continuing your surfing at our Web-site (by loading a new page or by clicking anywhere at the Web-site, for example) you accept to receive cookies at your terminal equipment. Generally you are supposed to give your consent to receive cookies by clicking « X » icon in the top right-hand corner of the banner.

For any additional information or inquiry concerning the present policy on cookies please contact us via an inquiry form at our Web-site.

Depending on a type of cookie your consent for use and reading of cookies at your terminal equipment might be obligatory.

Article 11.2 : Cookies exempt from obligatory consent

In conformity with recommendations of the National Commission on Informatics and Liberty (CNIL), certain cookies might be exempt from obligatory prior consent on your part, on condition they are indispensable to a proper functioning of a web-site or they serve to simplify e-mail exchanges. This concerns mainly session ID, authentification, session load balancing cookies as well as your interface customised cookies.

All these cookies are subject to the present CONFIDENTIAL POLICY in a way that they are generated or transferred by the Web-site Administrator.

List of cookies subject to user’s prior consent

Cookies concerned are generated by a third party and are called « persistent », for a simple reason given that they are located inside your terminal equipment until they are deleted or their expiry date.

Use and storage of such cookies are subject to confidential policies of their own, please refer to the list herein below. This family of cookies contains audience measurement cookies ( Google Analitycs), publicity cookies (the web-site Administrator shall not use these), social links (in particular, coming from Facebook, YouTube, Twitter, Google+, LinkedIn, Viadeo), as well as exterior contents cookies (in particular, various pushbuttons at Facebook and Twitter, GoogleMaps, YouTube or Dailymotion videos).

Audience measurement cookies of social networking show statistics related to visits frequency and use of varios elements of a web-site (such as contents/visited pages). These data contribute to enhance the ergonomics of the Web-site. The following Audience measurement tool is used at our Web-site :

  • Google Analitycs, please refer to the confidential policy (only available in English) by clicking the link here below :

http://piwik.org/privacy-policy/

 

Social links cookies are generated and transferred by the person in charge of a social network concerned. On condition that your prior consent has been received,  these cookies allow to share easily a part of contents published at the Web-site, in particular via a « button » used for sharing by the social network in question. Four types of social links cookies are present at our Web-site :

  • Facebook, please refer to cookies policy by clicking the link below : https://fr-fr.facebook.com/policies/cookies/
  • Google+, please refer to cookies policy by clicking the link below : https://policies.google.com/privacy?hl=fr
  • LinkedIn, please refer to cookies policy by clicking the link below : https://www.linkedin.com/legal/cookie-policy ?_l=fr_FR
  • Twitter, please refer to the options on configuration or restriction of cookies by clicking the link below : https://support.twitter.com/articles/20170518#
  • Viadéo, please refer to cookies policy by clicking the link below :https://www.viadeo.com/fr/politique-cookies
  • YouTube, please refer to the guideline on deletion of cookies via Google Chrome browser by clicking the link below :https://support.google.com/youtube/answer/32050 ?hl=fr

please refer to cookies policy by clicking the link below : :

 

Various tools for cookies configuration

A major part of Internet browsers, as default settings, have cookies storage authorised. Your browser offers you an opportunity to adjust these parametres in a way that the entirety of cookies shall be systematically rejected or  only a part of cookies shall be accepted or rejected depending on a site sender.

ATTENTION : We draw your special attention to the fact that a refusal to accept cookies at your terminal equipment is likely to alter your web surfing experience, as well as your access to certain services or functions of the present Web-site.

If applicable, the Web-site Administrator shall refuse any responsibility arising from deterioration of web surfing conditions which result from refusal, deletion or blocking cookies indispensable to a proper functioning of a web site. These consequences shall in no circumstances constitute a damage, and no compensation shall be considered in this case.

Your browser equally enables you to delete cookies existing already at your terminal equiepment as well as notify you once new cookies are likely to be stored therein. This configuraion shall not have any impact whatsoever on your web surfing but you might eventually lose all the advantages that cookies may offer.

For more information on various cookies configuration tools please refer to the list herein below.

 

Cookies configuration tool provided by the Web-site

You can desactivate cookies at any moment. You can manage cookies via a banner available at the bottom right-hand corner of the page being visited (button Services management) and see the complete list of active cookies. In order to desactivate a cookie, please click on the cross right to the service being proposed. If the entirety of cookies are desactivated, the banner used for collecting user’s consent shall reappear once the page shall be refreshed.

Your Internet browser configuration

Each Internet browser offers its proper parametres for cookies. For more information please refer here below to the links which may be of help in this connection :

For more detailed information related to cookies management please go to CNIL web-site : https://www.cnil.fr/fr/cookies-les-outils-pour-les-maitriser