Last update : November 08, 2024
Doc No: CPT-SEC-006
Revision No.001
1. Why a privacy policy ?
We place great importance on protecting your personal data. This privacy policy explains how we collect, use, share, and protect your information in accordance with the GDPR (General Data Protection Regulation 2016/679 of April 27, 2016). We encourage you to read this policy carefully to understand how we handle your personal data.
This policy applies to the entire Orsync.io website developed by CAREPROD Technologies, regardless of the device used during your visit to the site.
This policy may be updated regularly, depending on the needs of CAREPROD Technologies and regulatory developments. We encourage you to review this policy regularly to stay informed about our privacy practices.
This policy complements the legal notice.
2. Our Key principles
3. Who is the Data controller?
CAREPROD Technologies is the data controller within the meaning of Article 4 of the GDPR for all operations offered by the Orsync.io website. CAREPROD Technologies determines the means and purposes of the data processing necessary for the proper functioning of the Orsync.io website. CAREPROD Technologies, 447 rue de la tour de Candelon, 34090 Montpellier.
Calendly is a processor within the meaning of Article 4 of the GDPR. It hosts and stores the personal data of individuals requesting a demonstration. More information: https://calendly.com/legal/privacy-notice /
https://calendly.com/legal/customer-terms-conditions
4. I have a question, a complaint, or I want to exercise my rights
For any questions regarding security and personal data or to exercise your rights of access*, rectification*, deletion*, withdrawal*, restriction*, objection* to processing, or portability*, you can contact us:
– Via the “Contact the DPO” form on the website : here
– By email: dpo@careprodtechnologies.com
– By mail: to the attention of the DPO CAREPROD Technologies 447 rue de la tour de Candelon 34090 Montpellier, France
A response will be provided to you as soon as possible.
For more information, you can contact the CNIL (Commission Nationale Informatique et Liberté) on their website www.cnil.fr .
5. What data do we process ?
As a visitor to the site requesting a demonstration, we collect your name and email address via Calendly to contact you to organize the demonstration. Calendly has its own privacy policy that you can review at the time of booking.
As a visitor using the contact form, we collect the following data:
– Name, first name, email address to contact you and respond to your request;
– Job title to better target your activity and direct you to a collaborator who can provide a personalized and appropriate response;
– Title (Mr, Mrs, Dr, Prof, etc.) is used for display during your login and to communicate with you by email in the context of using one of the two tools (invitation, password change, etc.);
-The country you are located in to direct you to a collaborator who can contact you at appropriate times and in the language you are proficient in.
These mandatory data will be identified by a red asterisk (*).
Optionally, the following data will also be requested:
– The hospital or company you work for to better target your activity and direct you to a collaborator who can provide a personalized and appropriate response;
-Your phone number to have a second possible means of communication.
These data will be retained for 4 years after the last contact.
As a requester of information via the “Contact the DPO” form, we collect your name, first name, email address to contact you and respond to your request for information or exercise of rights.
These data will be retained for 5 years from the end of the calendar year of the request (CNIL recommendations).
These data are collected based on your consent, which you can withdraw at any time by contacting us (see §4 above).
6. How are the data protected?
We take appropriate security measures to protect your personal information against loss, misuse, unauthorized access, disclosure, alteration, or destruction. We comply with GDPR requirements for data protection and implement appropriate technical and organizational measures to ensure the security of your information.
7. Who has access to my data?
Data may be communicated to our partners to achieve the purposes defined above. Access will remain limited and governed by the required contractual measures to ensure the confidentiality of your data.
On the decision of a competent regulatory or judicial authority, in application of a law, data may be communicated.
Your data is not sold for commercial purposes.
Data is stored on servers in the United States. An additional contract (Business Associate Agreement, BAA) has been signed with the providers to include compliance with European regulations and protect the data in accordance with current regulations. There is no data transfer to other countries outside of this agreement.
8. And what about cookies?
CAREPROD Technologies uses functional cookies necessary for the use of the website. These cookies cannot be refused as they are necessary for the proper functioning of the platform.
Cookies | Description | Time | Type |
|---|---|---|---|
Wp-wpmi_current_language | The WordPress multilingual plugin sets this cookie to store the language settings used. | Session | Functional |
Elementor | This cookie is used by the WordPress theme of the website. It allows the site owner to implement or modify the site's content in real-time. | Never | Necessary |
wpEmojiSettingsSupports | WordPress uses this cookie when a user interacts with the site's emojis. | Session | Necessary |
_pk_id.4.239b | This cookie is generated by the use of Matomo. It is used to store information about the user, such as the unique visitor ID. | 13 months | Optional |
_pk_ses.4.239b | Short-term cookies used to temporarily store visit data. | 30 min | Optional |
CAREPROD Technologies does not control the cookie policies of other sites to which CAREPROD Technologies or the client of CAREPROD Technologies may communicate.
*GDPR Articles 15, 16,17,18,20,21, 23, 77