PERSONAL DATA AND CONFIDENTIALITY POLICY
The company iHealthLabs Europe hereinafter referred to as « iHealth » is particularly attentive and takes all the necessary measures to ensure the protection and securing of the Personal Data related to the visitors and other users of the Internet Website www.ihealthlabs.eu (hereinafter referred to as « the Website »). iHealth strictly applies the rules, customs and good practices, in full conformity with the legal and regulatory provisions in force, whether of European or local origin, and in particular, when it comes to France, the laws and regulations arising from the “Computers and Freedom” Law of July 6, 1978as modified by the Law of August 6, 2004.
The purpose of the document herein is to inform the User on how iHealth may collect and use his/her Personal Data.
The User is therefore invited to get acquainted with the document herein before submitting or allowing the collection of any of his/her Personal Data when accessing and browsing through the Website.
In order to obtain further information regarding Personal Data protection in general, the User also has the possibility to consult the French National Commission for Information Technology and Civil Liberties (CNIL) website: www.cnil.fr. The User can also contact our services, for all general queries regarding iHealth Personal Data and Confidentiality Policy, by sending a message via the contact form [INSERT HYPERLINK] available on the Website, by sending an email to the following email address : email@example.com or by sending a mail to the following address: iHealthLabs Europe, 3 rue Tronchet, F-75008 Paris.
ARTICLE 1: GENERAL INFORMATION
Mr. Stéphane KERRIEN is responsible for data processing, as Manager of the one-shareholder Limited Liability company iHealthLabs Europe, registered at the Paris Trade and Companies Register (Registre du Commerce et des Sociétés de Paris) under number B 792 514 341, and which headquarters are located 3 rue Tronchet, F-75008 Paris.
When providing for his/her personal data, the User undertakes to only communicate to iHealth complete, accurate and up-to-date information without prejudice to third parties’ interests or rights.
Pursuant to Article 22 of the “Computers and Freedom” Law of July 6, 1978 as modified by the Law of August 6, 2004, iHealth automated personal data processing activity has been declared to theFrench National Commission for Information Technology and Civil Liberties (CNIL).
In accordance with the simplified standard 48 (Deliberation n° 2012-209 of June 21st, 2012), iHealth benefits from the simplified declaration procedure for any automated processing related to customers and prospects management.
The Personal Data and Confidentiality Policy implemented by iHealth is constantly accessible by the User on the Website, in particular when modified or updated.
It shall be stated that iHealth develops and offers products, solutions and applications to its customers who followed the procedures implemented for this purpose, allowing them to purchase connected objects which may, under certain conditions, lead to the collection, confidential processing and safe hosting of some of the user’s personal health data. All the information related to this specific data, and regarding in particular the safety procedures and measures implemented by iHealth on secure servers and approved by the French governmental authorities, notably by the ASIP Santé services (French Digital Health Agency), is accessible on the concerned products, solutions and applications data sheets, in the section dedicated to them on the Website.
ARTICLE 2: PURPOSE AND USE OF PERSONAL DATA
The Personal Data that may be collected by iHealth is processed confidentially and may only be operated in order to optimize the order management and facilitate the commercial relations with the Users, as well as for improved Website administration purposes.
ARTICLE 3: PERSONAL DATA COLLECTION
iHealth may collect the User’s Personal Data in the following cases :
– When the User wishes to make a request via the contact form available on the Website.
– When the User wishes to create a « personal » account on the Website.
– When the User wishes to establish and finalize the placement of an order of products.
In the cases mentioned above, iHealth shall collect the User’s last name, first name, email address, home address and, if need be, the User’s phone number.
It shall be stated herein that, when the User navigates through the Website and browses the products, iHealth uses analysis tools that are often used on the market, in order to carry out audience measurements, such as determining the number of web pages seen or the number of web-originated visits of the Website. These tools can also be used to, as the case may be, keep track of the User’s activity on the Website, such as the viewed products and how frequently the Users return on the Website.
At the time of data collection, asterisks will indicate whether the information to provide is optional or mandatory. Some data is collected automatically as a result of the User’s activity on the Website, in particular thanks to « cookies » which existence as well as the possibility to refuse them is indicated in section below of this document, specially dedicated to cookies.
The collected Personal Data can be nominative or non-nominative, but can also be electronic identification data related to the computer terminal used to access the Website. This data can be used to identify the connection terminal used to access the Website. It shall be stated that this data is generally not sufficient to establish a nominative identification of the related User.
Payments via credit/debit card are secured by OGONE, the PCI-DSS certified e-commerce solution. The PCI-DSS certification is an international safety standard, which purposes are to ensure the confidentiality and integrity of the cardholder’s data, as well as to secure the protection of bank data required to allow online payments on the Website.
For payment purposes, the bank details are collected and stored by OGONE, our payment service provider. This bank data collection and storing is realized within the strictly necessary limits to the processing of the order and its outcome (payment, guarantee, dispute…). None of this data shall be directly collected or stored by iHealth.
ARTICLE 4: PERSONAL DATA POLICY FOR MINORS
The Website does not target a public of under-aged Users.
However, if information about an under-aged or a legally unauthorized User were collected via our Website, his/her legal representative shall always have the possibility to contact iHealth in order to delete, rectify or amend the Personal Data of this under-aged or legally unauthorized User in accordance with the conditions referred to in Article 8 of the Personal Data and Confidentiality Policy.
ARTICLE 5: PERSONAL DATA SHARING
iHealth is the one and only recipient of the User’s Personal Data. iHealth does not transfer or disclose any of the Personal Data collected, unless requested by a legally authorized judicial or administrative authority that would request the disclosure of this data, in accordance with the legal and regulatory provisions in force.
ARTICLE 6: PERSONAL DATA RETENTION AND SAFETY
The User’s Personal Data is stored for as long as required by the data processing, and for at most four (4) years from the day it was collected. As for electronic identification data, it is retained for one year from its collection.
However, the User’s Personal Data may also be retained for proof purposes in accordance with the legal and regulatory provisions in force (in particular the provisions referred to in the French Commercial Code, the French Civil Code and the French Consumer Code).
iHealth undertakes to do its best efforts in order to preserve the safety and the confidentiality of the User’s Personal Data. iHealth would take necessary measures, in extreme and unlikely cases, in consideration of the precautions taken, in which it could happen, against any damage, loss, misappropriation, intrusion, disclosure, alteration and/or destruction of the User’s Personal Data.
iHealth undertakes to comply, in any cases and on every point, with the applicable rules and good practice, either required by the Law or simply advised, in particular by official organizations such as AFNOR, in France, which has advocated good practice with regard to this matter (AFNOR BP Z 90 – 001 Normative Guide) .
ARTICLE 7: COOKIES
– Cookies on the Website
The User shall be informed that, when visiting the Website, a cookie may be automatically installed on his/her browsing software. A cookie file is then stored on the hard drive of his/her computer terminal. This file shall be accessible via the Website tool on the User’s next visit.
A cookie file can contain, in particular, information such as the User’s username as well as some information related to the User’s browsing activity through the Website (seen web pages, date and time of consultation, etc.). In this case, the cookie file includes pieces of information that the User chose to store. Thus, for instance, the User will not need, when he next visits the Website, to fill out the mandatory identification fields again.
The information is retained by iHealth in the User’s computer for a maximum retention period of thirteen (13) months.
The User can refuse the presence of cookies by configuring his/her browsing software. In the event of a difficulty with the configuration, the User is invited to read the guide accessible via the following URL address: www.cnil.fr/fr/cookies-les-outils-pour-les-maîtriser
However, if the browser is configured in order to reject all cookies, the User’s navigation through the Website might be blocked, and he/she might be prevented from making all the suggested operations, in particular the purchase procedures or several functionalities necessary to facilitate the browsing through the Website, such as the possibility to store articles in the purchase basket made available to the User.
– cookies generated by the analysis tool used by the WEBSITE: Google Analytics
The data generated by the cookies are related to your activity on the Website (your IP address included) and shall be transferred to and stored by Google on servers located in the United States. Google shall use this information in order to assess your activity on the website and establish reports regarding the activity of the Website and the use of Internet. Google may communicate this data to third parties under legal requirements or if those third parties, such as the publisher of this Website, process this data on behalf of Google. Google undertakes not to intersect your IP address with any other data held by Google.
For further information regarding the confidentiality rules related to the use of Google Analytics, click here: http://www.google.com/intl/fr/policies/privacy/partners/
By using this Website, you expressly accept the processing of your nominative data by Google under the conditions and for the purposes described herein.
ARTICLE 8: USERS’ RIGHTS ON PERSONAL DATA AND ADDITIONAL INFORMATION
Pursuant to the “Computers and Freedom” Law of July 6, 1978 as modified by the Law of August 6, 2004, the User has a general right to access, amend, rectify and delete, in the event of legitimate reason, the Personal Data related to him/her, which might be collected thanks to cookies under the conditions defined below.
The User can exercise his rights and prerogatives by sending an email to the following address : firstname.lastname@example.org or by sending a mail to iHealthLabs Europe, 3 rue Tronchet, 75008 Paris, including his/her last name, first name, email address and, if possible, his/her client reference number.
An answer will be then sent to the User with a maximum period of two (2) months following the reception of the request.
WARNING: THE USER’S RIGHTS ARE STRICTLY INDIVIDUAL AND SHALL ONLY BE EXERCIZED BY THE CONCERNED USER WITH REGARD TO HIS/HER OWN INFORMATION. IN ACCORDANCE WITH THE LAW IN FORCE, THE USER’S REQUEST SHALL INCLUDE THE ADDRESS TO WHICH THE ANSWER MUST BE SENT AS WELL AS A COPY OF ELEMENTS PROVING THE USER’S IDENTITY.
For confidentiality and safety reasons, we recommend that you keep your username and password confidential. iHealth wishes to warn the Users on the fact that their username and password are delivered to them for personal use only.
In case you forget or lose your username and/or your password, you can ask iHealth to provide you with new credentials in accordance with the instructions referred to in the General Conditions of Use.
Should you access the Website from a shared computer (for instance: cybercafés, hotels, friend’s computers) or public computers, we recommend, for confidentiality reasons, that you delete any technical mark on the used computer.
ARTICLE 9: AMENDMENT OF THE PERSONAL DATA POLICY
iHealth reserves the right to discretionary amend the terms and conditions of the Personal Data Policy.
Any modification of this Personal Data Policy shall enter into force as soon as it is released online and shall be indicated at the top of the page.
Consequently, the User is advised to frequently read with the Personal Data Policy in order to get acquainted with the potential modifications.