Privacy Policy

1. GENERAL

The purpose of this privacy policy (including the protection of personal data) (the “Policy”) is to inform you of our practices and the conditions under which ALLPEOPLE (AP) (“the Association”) collects, uses and retains your personal data (the “Data”) that you may provide to us via our website https://www.allpeople.app/ (the “Site”) or our partner sites, including the application dedicated to the management of shared experiences (“the Application”).

This Policy sets out how we treat the personal data that we collect and that you provide to us. We invite you to read this document carefully to learn about and understand our practices regarding the processing of your personal data by us, and inform you that consultation and/or use of our Sites necessarily entails acceptance of this Policy.

Our processing of personal data relies in particular on the following legal bases (GDPR): consent, contract (within the limits of joint subscription obligations), legal obligation, public interest mission (within the framework of that carried by the Association), legitimate interest. Each of our personal data processing operations has a purpose that relies on one of these five identified legal bases. The Association’s GDPR register listing data processing is available on request as described in paragraph 9.

By default, the personal data controller, if not specifically mentioned in the Association’s Articles of Association, will be its President in office.

2. WHAT PERSONAL DATA DO WE COLLECT AND HOW?

Depending on the nature and purpose of your interaction with the Association, we may collect two types of data.

The data you send us directly when :

  •  you join the Association, through the Site or the Application, or directly at a trade show, workshop or other physical interaction with a member of the Association’s office;
  • you fill in forms on the Application;
  • you create an account to place an order, share experiences, browse experiences or make any other use of the Application;
  • you contact us, whether by telephone, e-mail or any other means of communication, or when you make a request;
  • you contribute by sharing an experience via our Site or Application (please note that by doing so you consent to this sharing as well as to the sharing of personal data present in the media and metadata constituting the shared experiences, whether to private recipients – lists – or within the framework of a public sharing).

The data we automatically collect when :

  • you connect to our services using the social networking features made available to you. The Association will have access to some of the data (in particular, your first name, last name, photograph, e-mail address and number of Facebook friends) in your account on the said social network in accordance with the general terms of use of the social network concerned. We may also collect some of your Personal Data when you interact with features of these social networks, such as “Like” features;
  • you visit our Site or our partner sites. We may collect, in accordance with applicable law and with your consent, where applicable, information relating to the devices on which you use our services or the networks from which you access our services, such as in particular your IP addresses, connection data, types and versions of Internet browsers used, types and versions of your browser’s plugins, operating systems and platforms, data concerning your browsing on our Platform, including your browsing on the various URL pages of our Platforms, the content you access or consult, the search terms used, download errors, the duration of consultation of certain pages, your device’s advertising identifier, interactions with the page and any telephone number used to contact us. The technologies we use to collect this information include cookies.

3. WHO COLLECTS YOUR PERSONAL DATA AND WITH WHOM IS IT SHARED?

The Association is responsible for the processing of personal data and will make decisions regarding the purposes and methods of data processing and the instruments to be used, also including those employed as part of security measures.

Furthermore, in the course of our business, and for external processing purposes, personal data may be communicated to external companies to ensure the management of the site and services. For example, your payment details may be passed on to our payment service providers and account-holding banks in order to carry out transactions linked to your purchases and to manage marketing operations.

The latter are bound by contractual obligations to respect the confidentiality of the Data and to use it solely for the purposes for which we have transmitted it to them. Your Data may be transferred to any purchaser or other successor in the event of a merger, assignment, restructuring, reorganization, dissolution or other sale or transfer of some or all of the Association’s assets due to uncertainties or bankruptcy, liquidation or other processes in which the Data of users of the Site and the Application are among the assets transferred.

Finally, we may also disclose your Data:

to comply with any legal mandate, law or legal process, including governmental and regulatory requests;

if we believe that disclosure is necessary or appropriate to protect the rights, property or safety of the Association, its customers or other stakeholders. Such disclosure includes exchanging information with other companies and organizations for the purpose of protecting against fraud and counterfeiting.

Links to third-party sites

The Site may contain links to various social networking platforms managed on third-party servers, by persons or organizations over which the Association has no control.

As a result, we cannot under any circumstances be held responsible for the way in which your Data is stored or used on the servers of these third parties. We advise you to read the applicable privacy policy of each third-party website you access via our Site in order to understand how your Data will be used.

We undertake on the Site and the Application as well as on any other site and application created in the future by the Association to strictly respect the basic principles of the Association’s commitment (8 principles described in detail in the ALLPEOPLE book (the “Book”), and recalled on the Site, in the Application and accessible in the user help wizard of the same).

4. WHAT DO WE USE YOUR DATA FOR?

Your personal data is collected and processed for purposes strictly related to the use of the Site, the Application and associated services, following registration on the Site and the purchase of items.

Your personal data may also be used in other processing operations, but in any case under terms compatible with these purposes. In particular, your personal data will be processed for the following purposes:

  • To enable moderators to formally identify you as a unique individual prior to registering you on the Application. Please note that any identification documents provided on a temporary basis will be systematically destroyed after examination by the moderators and following the decision whether or not to register you;
  • execute the sale concluded between you and us and provide you with the information and services requested;
  • to send you, in accordance with applicable legal provisions and with your consent where required by law, marketing, advertising and promotional messages and information relating to the use of our services, or to suggest and advise you of goods or services that may be of interest to you. We may also use your data to send you advertising messages that may be of interest to you on social networking platforms or third-party sites. If you would like more information on this subject, we invite you to read the contractual documents of these platforms;
  • provide you with all information concerning the Association’s services and the purchase of items on the Site (such as alerts likely to be of interest to you, our news) by e-mail, SMS or any other means of communication;
  • – provide you with information on Internet browsing, browser compatibility, and the consultation and loading of Site pages;
  • help us maintain a safe and secure environment on our Platform;
  • to comply with our rights and obligations under contracts entered into with users, and for any other legal purposes.

We also use cookies or tracers for marketing purposes in order to improve your user experience, in particular by :

  • enabling our site to recognize your hardware, so you don’t have to provide the same information over and over again to perform the same task;
  • recognizing the username and password you have already provided, so you don’t have to re-enter them on every web page that requests them.
  • analyze traffic and data on our site in order to :
  • measure the number of users, thus making the site easier to use and ensuring its ability to respond quickly to your requests;
  • estimate browsing patterns and speed up your searches;
  • help us understand how you use our site in order to improve it.

5. SPECIAL CASE OF DATA CONTAINED IN CONTRIBUTIONS/SHARES.

As described in paragraph 2, personal data present in contributions in the form of shares made through the Site and/or the Application are covered by the GDPR regulation on a legal basis of consent and notified in the Association’s GDPR register. Please note that in the specific context of the Association’s service objective, the retention period for this data is 24 months, which will be systematically renewed at the end of the period for shared contributions so as to maintain access via the Site or Application only.

In strict compliance with its principles (Cf. paragraph 3), the Association undertakes to preserve these contributions over time and to protect them from any loss, modification or abnormal access or use (via use of the Site or Application only – within the strict framework of paragraph 3). As a matter of course, contributors’ data will be located in the country of origin declared at the time of registration.

Two provisions specific to the Association’s service objective should be noted:

  • Registered contributors to the Application are strictly responsible for the content of their contributions in the form of shared experiences (under no circumstances can the Association be held responsible for the creation of illicit content or its disclosure via the sharing thereof, which does not absolve the Association of its obligation to moderate and remove the dissemination of such content within the framework of its legal obligations and within the associated timeframe).
  • In the event of the death of a contributor, and provided that the Association is aware of the death, it must carry out its specific contribution legacy process, which has been drawn up and is available (Cf. paragraph 9). (To clarify the matter, the Association must check the content, freeze the public distribution of any illicit content identified, and find a legal successor capable of taking over responsibility for the deceased contributor’s Data – the “helper” function in the Application will be used for this purpose. After a period of three months has elapsed since the aforementioned search, the contributor’s Data will be stored and accessible according to the shares he had defined, but his account will be suspended).

6. WHAT SECURITY MEASURES ARE IN PLACE TO PROTECT YOUR DATA?

We have implemented security measures in order to minimize the risks of destruction or loss, even accidental, of this data, of unauthorized consultation or processing of the data or processing that does not comply with the collection purposes indicated in our Policy. Given the inherent characteristics of the Internet, however, we cannot guarantee that the security measures put in place for the protection and transmission of data on the Site will limit or exclude any risk of unauthorized access or loss of such data. We cannot be held responsible for non-compliance with the confidentiality settings or security measures in place on our Site and Application. We recommend that you equip your computer with software tools to protect the transmission/reception of your network data, both input and output, (such as an up-to-date antivirus system) and that you ensure that your Internet service provider has taken the necessary measures to guarantee the security of network data transmission (such as, for example, firewalls and spam filters).

7. WHAT ARE YOUR RIGHTS?

You have the right, at any time, to ask the Association to confirm whether or not personal data concerning you exists, even if it has not yet been recorded.

In addition, you are entitled to receive from the Association information on the origin of your personal data, the means and purposes of its processing, the reasoning behind any data processing carried out using electronic tools, details of the data controller and data processors, as well as an indication of the subjects or categories of subjects to whom your personal data may be disclosed or who may have access to it, in their capacity, for example, as data controllers or data processors. Some of this information is contained in our Policy; to find out more, please contact us as indicated in article 9 below.

You have the right to obtain from the Association at any time:

  • update, rectify or, if you wish, integrate your personal information ;
  • the deletion, conversion to an anonymous format or blocking of your personal data (which has been processed unlawfully), including data which does not need to be kept for the purposes for which it was collected and subsequently processed;
  • confirmation that the operations carried out in accordance with the above paragraphs have been notified (with the content of said operations) to those to whom the information has been disclosed or communicated, except in situations where this is impossible or where the means employed are clearly disproportionate to the protection of rights.

You have the right to object, in whole or in part :

  • for legitimate reasons, to the processing of your personal data, even if this processing respects the purposes for which they were collected;
  • to the processing of your personal data for advertising or direct marketing purposes, or for the purpose of conducting marketing studies or commercial communications.

You also have the right to define directives concerning the fate of your Data in the event of your death (this subject is specially studied by the Association and will be the subject of extensive information given the specific nature of the Association’s project).

Before responding to your request, we may verify your identity and ask you to provide further information in order to respond to your request. We will endeavour to respond to your request within a reasonable time and, in any event, within the time limits set by law.

8. LINKS TO OTHER WEBSITES AND SOCIAL NETWORKS

Our Platform may occasionally contain links to the websites of our partners or third-party companies.

The Association does not control or monitor such sites or their content. The Association cannot be held responsible for the content of these sites and the rules adopted by them, including with regard to the protection of your privacy and the processing of your personal data during browsing operations.

We invite you to read their general conditions of use and their privacy policy before sending them your Personal Data.

The Site provides a link to these Internet sites solely to assist the user in his/her search and navigation and to facilitate his/her connection to other sites via hypertext links. Activation of the link does not imply any recommendation or endorsement by the Association to access and browse these sites, nor any guarantee regarding their content, services or goods provided by them and sold to Internet users.

9. CONTACT

If you have any questions about this Policy or any request relating to your personal data, you can contact us by e-mail contact@allpeople.app, or by post: ALLPEOPLE (AP), 15 rue des Roitelets, 91400 Orsay.

It goes without saying that any user or contributor registered on the Site or Application has the right to lodge a complaint with the CNIL if they so wish. The Association recommends that you contact the CNIL to assist you in this process.

10. CHANGES TO OUR PRIVACY POLICY

The Association may modify or simply update all or part of the Policy, including when changes are made to the legal provisions or regulations governing data protection and protecting your rights. They will be binding as soon as they are published on the website in this section. We therefore invite you to consult this page regularly to ensure that you are aware of the latest updates to the Policy.