Privacy Policy
My DPO Partner, which manages the website www.mydpopartner.fr, is committed to protecting your personal data and complying with applicable regulations, in particular the General Data Protection Regulation (GDPR). This document aims to present, in a clear and accessible way, the reasons why we collect certain information about you and how it is used as part of the services we provide.
Who is this Privacy Policy for?
Our Privacy Policy applies to you:
- Clients/prospects of My DPO Partner;
- Users of the website www.mydpopartner.fr;
regardless of your place of residence.
Access to the website www.mydpopartner.fr is reserved for persons aged at least 15. Minors under 15 may only use our services with the prior and explicit consent of a parent or legal guardian. This consent must be sent to My DPO Partner by email at rgpd@mydpopartner.fr. In the absence of such consent, no personal data concerning a minor under 15 will be collected or processed.
If you have any doubt that My DPO Partner may hold personal data about your child without your consent, please report it by email to the address above.
What data, for what reason, and for how long does My DPO Partner process?
| Type of personal data processed | Purpose of processing | Legal basis | Retention period |
|---|---|---|---|
| Connection data (IP address, browser type, logs) | To enable you to browse the website www.mydpopartner.fr and view the videos available there | My DPO Partner’s legitimate interest in ensuring proper browsing on its website | 1 year |
| Identification data (first & last name) Contact data (email address, phone number) |
To respond to your requests | Legitimate interest in providing a good service | Time to handle your request + 3 years from your last contact |
| To allow you to book an appointment with My DPO Partner | Legitimate interest in providing a good service | Time necessary to organize and follow up the appointment + 3 years from your last contact | |
| To send the My DPO Partner newsletter and keep you informed of all news | Legitimate interest in providing a good service | For the duration of your newsletter subscription + 3 years from your last contact | |
| To send commercial prospecting messages | Legitimate interest in conducting commercial prospecting campaigns | 3 years from your last contact or from the last communication sent by My DPO Partner that received no objection | |
| To manage My DPO Partner’s administrative files | Legal obligation to retain administrative documents | Duration of our contractual relationship + statutory limitation period (5 years) | |
| To manage My DPO Partner’s accounting | Legal obligation to retain accounting supporting documents | All accounting supporting documents are kept for 10 years, then deleted | |
| To manage possible unpaid amounts | Legitimate interest in obtaining payment for services provided | Until the case is definitively closed + 5-year limitation period | |
| Financial and banking data (e.g., IBAN or card number), when these elements identify you personally | To manage invoicing and accounting | Legitimate interest in managing payments from clients | IBAN: for the duration of the contract if direct debits are set up + 5 years. Card: for the duration of the transaction, then deleted. |
| Identification data (first & last name) | To keep you informed of news shared on My DPO Partner’s social networks and to reply to your questions and/or comments | Legitimate interest in maintaining a presence on social networks | Time needed to process your request on our social networks + 5 years in case of a dispute |
How we collect your personal data
The majority of information about you is collected directly from you, whether you use My DPO Partner’s services as a client or simply browse our website www.mydpopartner.fr. My DPO Partner undertakes to use this data only for the purposes specified above.
Some personal data may also be collected indirectly, in particular at professional events (such as trade fairs) or via social platforms such as LinkedIn.
Please note that if you choose to publish content on pages administered by My DPO Partner on social networks, you are fully responsible for any personal data you share there, whatever their type or origin.
Who can access your personal data?
Your personal data are handled exclusively by our internal teams and by carefully selected technical service providers. Before any collaboration, My DPO Partner rigorously verifies our providers’ compliance with legal requirements (including the GDPR) and ensures they implement the necessary measures to guarantee the security and confidentiality of the information processed.
My DPO Partner guarantees that no personal data are transferred to third parties, except where such transfer is strictly justified by one of the purposes set out in this Privacy Policy.
Transfers of your data outside the EU
Certain technical tools used by My DPO Partner to operate the website www.mydpopartner.fr — such as analytics, communications or hosting services — may involve processing personal data outside the European Union.
Where such a transfer is necessary, My DPO Partner ensures it is covered by appropriate legal safeguards, in accordance with applicable regulations. This includes, in particular, the use of European Commission Standard Contractual Clauses or the existence of an adequacy decision. My DPO Partner ensures that these tools offer a level of protection equivalent to that required within the Union, in order to preserve the confidentiality and security of your personal data.
Security guarantees applied to your data
| Category of measures | Examples of measures applied |
|---|---|
| Technical measures |
Secure hosting on servers located in the EEA; HTTPS connection (SSL/TLS encryption); Regular data backups; Web application firewall and intrusion detection systems; Admin access protected by strong passwords and reinforced authentication. |
| Organisational measures |
Access to data limited to authorised persons only; Use of secure tools and devices (antivirus, regular updates, disk encryption); Internal procedure for handling GDPR rights requests. |
Does the website www.mydpopartner.fr set cookies?
The website www.mydpopartner.fr sets cookies. For more information, please refer to the Cookie Policy.
Your rights regarding the processing of your personal data
| Right | Description |
|---|---|
| Access | You have the right to consult the personal data that My DPO Partner holds about you, unless doing so would contravene confidentiality obligations (such as trade secrets or secrecy of correspondence). |
| Rectification | You may request updates or corrections to inaccurate, incomplete or outdated data. |
| Objection | You may object to the use of your data for prospecting or direct marketing. |
| Erasure (“right to be forgotten”) | You may request the deletion of your personal data when they are no longer necessary for the services provided by My DPO Partner. |
| Restriction | If you contest how your data are used, you may request that processing be temporarily suspended. |
| Portability | You may obtain certain personal data in a structured, machine-readable format, in order to transfer them to another service provider. |
| Post-mortem directives | You may define how your data are stored, deleted or disclosed after your death. These instructions may be provided by you, a trusted person or a beneficiary. |
How to exercise your rights
| Step | Information |
|---|---|
| Request | For any request related to your rights, please send an email to rgpd@mydpopartner.fr. |
| Identification | Only the data subject may submit a request. Proof of identity may be required if there is doubt. |
| Response time | My DPO Partner endeavours to respond within a maximum of 1 month. In the case of a complex request or a high volume of requests, the maximum response time is 3 months. |
| Refusal | Any request that is abusive, repetitive or manifestly unfounded may be rejected. |
Get more information on how My DPO Partner processes your personal data
For any request related to your rights or to obtain any information regarding the processing of your personal data, please contact My DPO Partner at rgpd@mydpopartner.fr.
Contact the CNIL
Service des plaintes – CNIL 3 place de Fontenoy – TSA 80751 75334 Paris Cedex 07 France Tel.: 01 53 73 22 22Changes to the Privacy Policy
The Privacy Policy of My DPO Partner may change at any time to adapt to legislative developments and to integrate new data processing operations implemented by the firm.