I. General Information, Responsible Authority, and Legal Framework
1. Legal Framework and Principles of Data Processing
We take the protection of your personal data very seriously and handle your personal data confidentiality and in accordance with the statutory data protection regulations (within the framework of the GDPR (EU), as well as this privacy policy.
When using our online services, we collect personal data about you. This privacy policy explains what data we collect and how we use it. It also explains how and for what purposes this is done.
2. Responsible Authority
The data controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).The responsible authority (hereinafter also ‘we’, ‘us’, ‘our’) in terms of data protection law is:
- OPENAX
- 8 RUE DE L’EST
- 92100 BOULOGNE-BILLANCOURT
- FRANCE
- Tel: +33 9 70 19 66 40
- [email protected]
- [email protected]
- IMPRINT
- VAT No: 315173021
- Registration No. SIRET: 901 808 261 00019
- Managing Director: Perez Moise
3. Definitions
Our privacy policy is based on the terms used by the European legislator in the adoption of the General Data Protection Regulation (GDPR). We would like to explain the essential terms:
- a. Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as ‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or to one or more specific factors inherent to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
- b. Data subject means any identified or identifiable natural person whose personal data is processed by the data controller.
- c. Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- d. Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future.
- e. Profiling means any type of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
- f. Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that the personal data cannot be attributed to an identified or identifiable natural person.
- g. Controller or data controller means the natural or legal person, authority, agency, or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for its designation may be provided for by Union law or the law of the Member States.
- h. Processor means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller pursuant to Article 28 GDPR and Article 9 GDPR.
- i. ‘Recipient’ means a natural or legal person, public authority, agency, or other body to which the personal data is disclosed, whether or not a third party. However, public authorities which may receive personal data in the course of a particular inquiry in accordance with Union law or the law of the Member States shall not be regarded as recipients.
- j. ‘Third party’ means a natural or legal person, public authority, agency, or body other than the data subject, the controller, the processor, and the persons who, under the direct authority of the controller or the processor, are authorized to process personal data.
- k. ‘Consent’ means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which the data subject signifies agreement to the processing of personal data relating to them.
