Personal Data Protection and Cookies Policy
Personal Data Protection and Cookies Policy
This document aim is to inform the Panodyssey plateform’s users about the personal data management and their rights about it.
The personal data standards are :
-
The General Data Protection Regulation (hereafter “GDPR”) of 27th may 2016, come into effect on 25th may 2018.
-
The “Loi Informatique et Liberté” of 6th January 1978 (hereafter “LIL”).
1. Definitions
Personal Data : any information relating to an identified or identifiable natural person according to the GDPR’s 4-1 article. An identifiable natural person is one who can be identified directly or indirectly.
2. Processing of personal data by the platform
The Controller of personal data is our company (hereinafter referred to as “we” or “us”): Panodyssey Holding Group, a SAS company registered in the Nanterre Trade and Companies Register under the number 843 983 669, whose headquarters is located at 10 rue Bapst in Asnières sur Seine (92 600).
According to GDPR’s 4-7 article the controller is the natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data.
The company manage the Panodyssey platform accessible at www.panodyssey.com (hereinafter the "Platform"), which allows its users, depending upon the role they choose, to create, distribute and consult content.
User’s with a personal account on the Panodyssey platform can take part in it in different ways. The personal data’s control can differ according to it.
Those terms are defined in the GCU/TOS.
2.1 Simple Users
User's personal data are processed to :
- Manage the contractual relationship with them, in particular to ensure the execution of the contract concluded via the validation of our general terms of use,
- Manage their user's functionality and activities on the Platform,
- Provide the Platform's services : suggest publications according to the user's preferences and set up statistics.
- Communicate with them in the context of the provision of these services,
- Inform about the evolution of these services and similar services that we may develop,
- Invoice you for the Platform's paid services and to monitor the payment of our invoices (donation or creative room prime).
Furthermore, an Identity Document (hereinafter referred to as “ID”) is processed when users want to comment on Panodyssey’s publications. It allows us to identify the persons behind it and to make them aware of their responsibilities according to what they right.
2.2 Creators and Contributors
Creators and Contributor’s personal data are processed to :
- Manage the contractual relationship with them, in particular to ensure the execution of the contract concluded via the validation of our general terms of use,
- Manage their user's functionality and activities on the Platform,
- Provide the Platform's services : suggest publications according to the user's preferences and set up statistics.
- Communicate with them in the context of the provision of these services,
- Inform about the evolution of these services and similar services that we may develop,
- Invoice you for the Platform's paid services and to monitor the payment of our invoices (donation or creative room prime),
-
Allow them to monetize their contents,
-
Allow creators and contributors to make a bank transfer of the money that they earned by monetizing their contents on Panodyssey.
Furthermore, an ID is processed to :
-
Allow creators and contributors to comment on Panodyssey’s publications. It allows us to identify the persons behind it and to make them aware of their responsibilities according to what they right.
-
Manage the content’s monetization that is meant for adults (18 years old).
-
Establish the publications and contribution’s paternity.
-
Allow creators and contributors to make a bank transfer of the money that they earned by monetizing their contents on Panodyssey.
2.3 Minor’s personal data
Regarding the LIL’s 45 article and the article 8 of the (UE) 2016/679 Regulations of 27th April 2016, the processing of 15 years old child personal data is lawful.
Where the child is below the age of 15 years, such processing shall be lawful only if and to the extent that consent is given or authorised by the holder of parental responsibility over the child.
In accordance with the law, it is not possible to a child below the age of 15 years old to publish on Panodyssey without the consent of the holder of parental responsibility. Therefore, Panodyssey does not process child’s personal data without this kind of consent.
3 - Personal data transfer
The recipients of your Personal Data are our corporate officers and our employees in charge of managing the contractual relationship with you and the execution of the contract and, indirectly and on an ad hoc basis, our employees in charge of the administration and maintenance of the Platform and its operating environment.
Your Personal Data is transmitted on the servers of the Platform's hosting service provider, the company OVH : OVH, a SASU company registered in the Lille Trade and Companies Register under the number 424 761 419, whose headquarters is located at 2 rue Kellermann à Roubaix (59 100).
Indeed, we stock all the processed personal data on the OVH company’s server, located in France.
User’s personal data used for donation or prime may be transferred to the Mangopay company who set up a payment service for the online platform : MANGOPAY SA FRANCE, a foreign company registered in the Paris Trade and Companies Register under the number B 831 958 996, whose headquarters is located at 59 boulevard Royal, LUXEMBOURG (99137).
Personal data may be transmitted to other contractors involved in the above-mentioned tasks.
4 - Retention period of personal data
Personal data used for the user’s account functionalities are kept during the account’s existence, to allow its proper functioning.
Beyond a 3 years period where the account will remain inactive, personal data realted to this account will be erased. We will keep in an intermediate archive in pseudonymous (non-nominative) form the data necessary to exercise and prove our rights and obligations, for the duration of the applicable limitation periods or by virtue of the legal obligations to which we are subject.
Regarding IDs that have been processed, they are no longer kept by us. Once they have been processed, they are deleted. Therefore, we keep this copy in an intermediate archive, with enhanced security measures, to enable us to prove the verification carried out, for the duration of the applicable limitation periods.
In the same way, payment data, given for a prime subscription, after being transferred, are kept by our company in a partial and anonymous way, during the time of that subscription.
5 - Security and organisational measures
We are committed to the protection of your Personal Data. This is why we have implemented technical and organizational measures to ensure its security and confidentiality.
The corporate officers and employees of Panodyssey who have access to your Personal Data are bound by a confidentiality agreement which obliges them to keep it confidential.
In addition, access to your Personal Data is restricted to those officers and employees who are the only ones who have identifiers enabling them to access it.
Data flows with the Platform use the secure https protocol.
In addition, the Platform database is backed up every 2 hours.
Furthermore, to guarantee personal data protection, users have to guarantee it at their levels in choosing a strong password and in changing it regularly.
All the actions made on the platform with a login, and the password related, will be considered to be made by the user. If the user is not behind those actions, it has to inform us immediately.
6 - User’s Rights
Right of access : the data subject has the right to obtain the personal data processed by the platform. This right is defined by the GDPR’s 15 article. The user can have access to different types of information, explained in the article, as : purposes of the processing, categories of personal data concerned, recipient of those data, period for which the personal data will be stored and their different rights concerning the processing of their personal data.
Right to rectification : as defined in the GDPR’s 16 article, this right allows platform’s users to obtain from the controller the rectification of inaccurate personal data concerning him or her.
Right to erasure : the data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her, in compliance with the GDPR’s 17 article. The controller shall have the obligation to erase personal data without undue delay in different circumstances explained in the article.
Right to restriction of processing : according to the GDPR’s 18 article, the data subject shall have the right to obtain from the controller restriction of processing.
Right to data portability : according to the GDPR’s 20 article, the data subject shall have the right to receive, from the controller, the personal data concerning him or her in a structured format.
Right to object : the data subject shall have the right to object at any time to processing of personal data concerning him or her, according to the GDPR’s 21 article.
Right to be informed : the data subject shall have the right to be informed about the processing of his personal data. The LIL’s 48 article defines this right in detail.
The user can use those rights in sending an email, with an ID, to the following adresse : legal@panodyssey.com .
Where users will remain unanswered by our team in a one month period, they can contact the “Commission Nationale Informatique et Libertés” (CNIL) : 3 place de Fontenoy, Paris (75007).
7 - Cookies
The CNIL defines the cookies as little files stored in a server on a terminal owned by users.
During the first visit on the platform, the user is informed, by a frame, of all the cookies used.
7.1 Cookies used by Panodyssey’s platform
Necessary cookies : they are the cookies that guarantee the proper functioning of the platform, which cannot function without them. These are also the cookies that allow us to limit the number of times articles are read until you register.
Analytics cookies : these cookies allow us to measure our audience and to know how you end up on the Panodyssey website.
7.2 Cookies management
The user can inform himself/ herself about the different types of cookies used on the platform and choose which type of cookies will be used on his/ her navigation. The user is free to consent or not to those cookies according to their types.
Some cookies are necessary to the platform's fonctionnement ; If the user does not wish to accept them, he / she will not be able to access the platform.
Concerning advertising targeting cookies, we are committed to provide the user with an ad-free platform. We do not use cookies. They are therefore disabled by default.
Concerning social networking cookies, managing the posts you share on your social networks, are not used by the platform. They are therefore deactivated by default.
The user's cookie consent is valid for a six month duration.
Photo by Markus Spiske on Unsplash
Prince Of Panodyssey Alias Alexandre Leforestier vor 3 Jahren
Oui, on ne plaisante pas avec ce sujet !⛓
Yann Rigo vor 3 Jahren
Full transparency ! Well Done