Politique de confidentialité

Object

This Policy is established by DistriLegend sprl located Rue des Anciens Etangs 40 to 1190 Forest,
reproduced under registration number BE0718812263 (hereinafter referred to as “the person responsible treatment “).
The purpose of this Policy is to inform visitors of the hosted website at following:

www.distrilegend.com (hereinafter referred to as the “website”)

of how data are collected and processed by the controller.

This Policy is in keeping with the wishes of the controller, to act in all transparency,
in accordance with its national provisions and Regulation (EU) 2016/679 of European Parliament and of the Council of 27 April 2016
on the protection of individuals with regard to the processing of personal data and the free movement of such data, and repealing
Directive 95/46 / EC (hereinafter referred to as the “General Regulation on the Protection of data “).

The controller shall pay particular attention to the protection of the privacy of users and
therefore undertakes to take the reasonable precautions required to protect the personal data collected against loss, theft, disclosure or unauthorized use.

“Personal data” is defined as all data of a personal data concerning the user, that is to say,
any information that enables him to be identified directly or indirectly as a natural person.
If the user wishes to react to one of the practices described below,
he can contact the data controller at the postal address or email address specified in “data contact “of this Policy.

Which data do we collect ?

The controller collects and processes, according to the terms and principles described below, the following personal data:
 his domain (automatically detected by the data controller’s server), including the dynamic IP address;

 his email address if the user has previously revealed it, for example in sending messages or questions on the website,
by contacting the person in charge of the e-mail processing, participating in the discussion forums, accessing the restricted part of the website through identification, etc. ;

 all the information concerning the pages that the user has viewed on the website;
 any information that the user has voluntarily given, for example in the context of inquiries and / or registrations on the website,
or by accessing the restricted website with an identification.

The controller may also need to collect data from non-personal character.
These data are qualified as non-personal data because they do not identify directly or indirectly a particular person.
They may therefore be used for any purpose, for example to improve website, the products and services offered or the advertisements of the controller.

In the event that non-personal data are combined with personal nature, so that an identification of the persons concerned would be possible,
data will be treated as personal data until their contact with a particular person is made impossible.

Methods of collections

The controller collects the personal data as follows:

Purpose of the treatment

Personal data are collected and processed only for the purposes mentioned below :

 ensure the management and control of the execution of the proposed services;
 sending and tracking orders and invoices;
 sending promotional information about the products and services of the controller;
 sending promotional material;
 answer questions from the user;

 produce statistics;
 improve the quality of the website and the products and / or services offered by the person in charge of the treatment ;
 to provide information on new products and / or services of the person in charge of the treatment ;
 for commercial prospecting actions;

 to allow a better identification of the interests of the user.

The controller may be required to perform treatments that are not still provided for in this Policy.
In this case, he will contact the user before reuse personal data in order to inform him of the changes and
to give him the possibility, if necessary, to refuse this reuse.

Legitimate interests

Some of the treatments performed by the controller are based on the legal basis legitimate interests of it.
These legitimate interests are proportionate to the respect rights and freedoms of the user.
If the user wishes to be informed of the details of the purposes based on the legal basis of legitimate interests,
it is recommended that it contact the data controller (see “contact data” point).

Duration of the retainment of data

In general, the controller does not store personal data only for the time reasonably necessary for the purposes pursued
and in accordance with the legal and regulatory requirements.

The personal data of a customer is kept for a maximum of 10 years after the end of the contractual relationship that binds the customer to the controller.
At the end of the retention period, the controller puts everything in to ensure that personal data have been made unavailable and inaccessible.

Application of the rights

For all rights listed below, the controller reserves the right to verify the identity of the user for the application of the rights listed below.
This request for additional information will be made within one month from the introduction of the request by the user.

Access to the data and copies

The user can obtain free written communication or a copy of the data at personal character that has been collected.
The controller may require the payment of reasonable costs based on the costs administration for any additional copy requested by the user.

When the user submits this request electronically, the information is provided in an electronic form in common use,
unless the user requests that it be other. With the exception of the general data protection regulation,
the copy of its data will be communicated to the user no later than one month after receipt of the request.

The right to rectification

The user can obtain free of charge, as soon as possible and at the latest within one month, the correction of his personal data which is inaccurate, incomplete or irrelevant,
as well as supplementing them if they prove to be incomplete.
With the exception of the general data protection regulation, the the right to rectification is dealt with in the month of the introduction of the latter.

Right to oppose the treatment

The user can at any time, for reasons related to his particular situation, oppose free of charge to the processing of his personal data, where:
◦ the processing is necessary for the execution of a mission of public interest or falling within the exercise the public authority of which the controller is to be invested;

◦ the processing is necessary for the legitimate interests pursued by the person in charge of the treatment or by a third party, unless the interests or
freedoms and rights prevail the data subject who require data protection staff (especially when the person concerned is a child).

The controller may refuse to implement the right of objection of the the user when it establishes the existence of compelling and legitimate reasons justifying the treatment,
override the interests or rights and freedoms of the user, or for the recognition, exercise or the defense of a right to justice.
In case of dispute, the user can lodge an appeal in accordance with the “claim and complaint” point of this Policy.

The user can also, at any time, object, without justification and for free, to the processing of personal data concerning him when his data are collected
at commercial prospecting purposes (including profiling). Where personal data are processed for the purposes of scientific research or historical data
or for statistical purposes in accordance with the General Regulation on the Protection of data, the user has the right to object,
for reasons relating to his particular situation, to processing of personal data concerning him, unless the processing is required for the performance of a public interest mission.

With the exception of the general data protection regulation, the person in charge of the processing is required to respond to the request of the user
as soon as possible and at most late in a month and to motivate his response when he intends not to proceed such a request.

Right to limitation of treatment

The user can obtain the limitation of the processing of his personal data in cases listed below:

◦ when the user disputes the accuracy of a data and only the time that the the controller can control it;
◦ when the treatment is illegal and the user prefers the limitation of the treatment to erasure;

◦ where, although no longer necessary for the pursuit of the purposes of the treatment, the user it is needed for the establishment, exercise or defense of its rights in court;
◦ during the time necessary to examine the merits of a request for opposition entered by the user,
in other words the time that the data controller the balance of interests between the legitimate interests of the person responsible for treatment and those of the user.

The controller will inform the user when the treatment limitation is lifted.

Right to removal (right to be forgotten)

The user can obtain the deletion of the personal data concerning him, when one of the following reasons applies:

◦ the data are no longer necessary for the purposes of the treatment;
◦ the user has withdrawn consent to have their data processed and does not exist other legal basis for the treatment;
◦ the user objects to the treatment and there is no compelling legitimate reason for the treatment and / or the user exercises his specific right
of opposition in relation to marketing direct (including profiling);

◦ personal data has been unlawfully processed; ◦ personal data must be erased in order to comply with a legal obligation
(of Union law or the law of the Member State) to which the controller is subject;
◦ personal data have been collected as part of the service offering of the information society that cater to children.

Deletion of data is however not applicable in the following cases:
◦ when the treatment is necessary for the exercise of the right to freedom of expression and of information ;
◦ where the processing is necessary to comply with a legal obligation that requires the provided for by the law of the Union or
by the law of the Member State to which the person responsible for treatment is submitted, or
to perform a public interest mission or exercise of the public authority of which the responsible person would be invested;

◦ where treatment is necessary for reasons of public interest in the field of health public;
◦ where the processing is necessary for archival purposes in the public interest, for the purpose of scientific or historical research or
for statistical purposes and provided that the right to the erasure is likely to render impossible or seriously jeopardize the realization objectives of the treatment in question;

◦ where the processing is necessary for the recognition, exercise or defense of rights in justice.
With the exception of the general data protection regulation, the person in charge of the processing is required to respond to the request of the user
as soon as possible and at most late in a month and to motivate his response when he intends not to proceed such a request.

Right to “data portability”

The user can at any time request to receive free of charge his data in a structured, commonly used and machine readable format,
particularly for to transmit them to another controller when:

◦ data processing is performed using automated processes; and when
◦ the processing is based on the consent of the user or on a contract concluded between this last and the controller.

Under the same conditions and under the same conditions, the user has the right to obtain responsible for the processing that personal data
concerning him are transmitted directly to another person responsible for the processing of personal data, provided that that it is technically possible.

The right to portability of data does not apply to the processing that is necessary to performance of a public interest mission or the exercise of
public authority of which would be invested the controller.

Recipients of data and disclosure to third parties

The recipients of the data collected and processed are, in addition to the controller himself, his agents or other subcontractors, his business partners selected with located in the European Union,
and who collaborate with the controller in the framework for the marketing of products or the supply of services.

Assuming the data would be disclosed to third parties for direct marketing purposes or commercial prospecting,
the user will be informed in advance so as to be able to choose to accept the transfer of their data to third parties.

Since this transfer is based on the consent of the user, he may, at any time withdraw consent for that specific purpose.
The controller respects the legal and regulatory provisions in force and
In any case, it shall be ensured that its partners, agents, subcontractors or other third parties access to this personal data complies with this Policy.

The controller discloses the personal data of the user in the hypothesis that a law, a judicial procedure or an order of a public authority would make this disclosure required. No transfer of personal data outside the European Union shall be effected by the responsible for the treatment.

Security

The data controller implements the technical and organizational measures appropriate to ensure a safe level of processing and data collected at the risks presented by the processing and
the nature of the data to be protected adapted to the risk.

It takes into account the state of knowledge, the costs of implementation and the nature, the scope, context and purpose of the processing as well as the risks to the rights and freedoms of users.

The controller always uses the encryption technologies that are recognized like industry standards within the IT sector when it transfers or receives data on the website.

The controller has put in place appropriate security measures to protect and avoid the loss, misuse or alteration of information received on the website.

In the case where the personal data that the controller treats should be compromised, it will act quickly to identify the cause of this violation and take appropriate remedial measures.

The controller informs the user of this incident if the law requires it.

Complaints

If the user wishes to respond to any of the practices described in this Policy, it is advised to contact the controller directly.
The user may also lodge a complaint with his national control, the details of which are given on the official website of the European Commission:

http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.

In addition, the user has the possibility to complain to the national courts competent.

Contact data

For any questions and / or complaints relating to this Policy,
the user may contact the controller:

By email: [email protected]

By mail: Rue des Anciens Etangs 40, 1190 Forest.

Modification

The controller reserves the right to modify at any time the provisions of the this Policy.

The changes will be posted directly on the manager’s website treatment.

Applicable law and competent jurisdiction

This Policy is governed by the national law of the principal place of business of responsible for the treatment.

Any dispute regarding the interpretation or execution of this Policy will be subject to jurisdiction of this national law.

This version of the Policy is dated 01/06/2019.