Privacy Policy

General Data Protection Regulation (GDPR)

Charter on the protection of personal data

Cenareo
SAS RCS Toulouse 789 137 650
201 rue Pierre et Marie Curie – 31670 Labège, France.

Entry into force: 1/02/2019

Download our privacy policy (GDPR)
01. Definition and nature of personal data

The following terms and expressions, when used with initial capital letters, have the meanings assigned to them in the CENAREO General Terms and Conditions of Licence and General Terms and Conditions of Use.

When you use the remote desktop management solution (hereinafter referred to as the ‘Solution’), we may ask you to provide us with personal data about you, in order to use the solution we propose.

For the purposes of this charter, the term 'Personal Data’ refers to all data that make it possible to identify an individual, which corresponds in particular to your surnames, first names, email addresses, telephone numbers, IP addresses, and any other information you choose to provide us regarding yourself.

02. Purpose of this charter

The purpose of this charter is to inform you about the means we use to collect your Personal Data, in

strict compliance with your rights.

In this respect, we inform you that we comply, in the collection and management of your Personal Data, with Law No. 78-17 of 6 January 1978 on data processing, files and freedoms, in its current version, known as ‘Information Technology and Civil Liberties’, and Regulation (EU) 2016/679 of 27 April 2016, since its entry into force (hereinafter referred to as ‘the GDPR’).

03. Identity of the data collector

The company responsible for collecting your Personal Data is CENAREO, a simplified joint stock company, registered in the Toulouse Trade and Companies Register under number 789 137 650, with its registered office at 201 Rue Pierre et Marie Curie, 31670, Labège, France (hereinafter: ‘We’).

The legal basis for the collection of your Personal Data is as follows:

  1. Legitimate interest:
    1. When you voluntarily provide us with Personal Data when you visit our Site, the data is then collected on our behalf,
      To better respond to your requests for information on our Solution,
    2. When we organise prospecting operations.
  2. Your consent:
    1. For us to send you our newsletters,
    2. For the use of Google Analytics cookies referred to in Article 10,
  3. Execution of a contract, when we keep the Personal Data of our customers and users.

Your personal data is collected for one or more of the following purposes:

  1. Manage your access to our Solution,
  2. Carry out customer management operations regarding contracts, orders, deliveries, invoices, loyalty programs and customer relationship management,
  3. Create a file of users, customers and prospects,
  4. Send newsletters, solicitations and promotional messages. In the event that you do not wish to do so, we give you the opportunity to express your refusal when collecting

    your data,

  5. Develop sales and traffic statistics for our Site and Solution,
  6. Manage the management of people's opinions on products, services or content,
  7. Manage outstanding bills and potential disputes regarding the use of our products and services,
  8. Personalise the answers to your requests for information,
  9. Comply with our legal and regulatory obligations.

We inform you, when collecting your Personal Data, whether certain data must be provided or whether it is optional. The mandatory data is required for the operation of the Solution. You are entirely free to provide or not provide optional data. We also inform you of the possible consequences of a failure to respond.

4. Recipients of the data collected

The following will have access to your personal data:

  1. Our company staff,
  2. Departments responsible for audits (in particular, the statutory auditor);
  3. Our subcontractors.

Public bodies may also be recipients of your personal data, exclusively to meet our legal obligations, court officers, ministerial officers and bodies responsible for debt recovery.

5. Transfer of personal data

Your personal data will not be transferred, rented or exchanged for the benefit of third parties.

6. Storage period for personal data

(i) Concerning data relating to the management of customers and prospects:

Your Personal Data will not be stored for longer than is strictly necessary to manage our business relationship with you. However, the data used to establish proof of a right or contract, which must be kept in compliance with a legal obligation, will be kept for the duration stipulated by the law in force.

Concerning possible prospecting operations for customers, their data may be kept for a period of three years from the end of the commercial relationship. Personal Data relating to a prospect who is not a customer may be kept for a period of three years from the date of collection or the last contact made by the prospect. At the end of this three-year period, we will be able to contact you again to find out if you wish to continue to receive sales operations.

(ii) Concerning data relating to user management:

Your Personal Data will not be stored for longer than is strictly necessary for the use of the Solution. However, the data used to establish proof of a right that must be preserved in order to comply with a legal obligation will be kept for the period provided for by the law in force.

(iii) Concerning the management of opposition lists to receive prospecting:

The information allowing your right of opposition to be taken into account is kept for a minimum of three years from the date of exercise of the right of opposition.

(iv) About cookies:

The storage period for the cookies referred to in Article 11 is 13 months.

7. Security

We inform you that you must take all appropriate precautions, organisational and technical measures to preserve the security, integrity and confidentiality of your personal data and in particular to prevent it from being distorted, damaged or accessed by unauthorised third parties.

8. Hosting

We inform you that your data is kept and stored, for the entire duration of its storage on Microsoft Azure company servers located in the European Union.

Your data will not be transferred outside the European Union in connection with the use of the services we offer you.

9. Cookies

Cookies are text files, often encrypted, stored in your browser. They are created when a user's browser loads a given website: the site sends information to the browser, which then creates a text file. Each time the user returns to the same site, the browser retrieves this file and sends it to the website server.

There are different types of cookies, which do not have the same purposes:

  • Technical cookies are used throughout your browsing experience to make certain functions easier to perform. For example, a technical cookie can be used to store the answers provided in a form or the user's preferences regarding the language or presentation of a website, when such options are available.
  • We use technical cookies.

  • Social network cookies can be created by social platforms to allow website designers to share the content of their site on those platforms. These cookies can be used by social platforms to track the navigation of
    internet users on the relevant website, whether or not they use these cookies.
  • We do not use cookies from social networks. If we decide to do so at a later date, we will ask for your agreement before placing them. You will also have the opportunity to find out about their nature, accept them or refuse them.
  • Advertising cookies can be created not only by the website on which the user navigates, but also by other websites displaying ads, announcements, widgets or other elements on the page displayed. In particular, these cookies can be used to carry out targeted advertising, i.e. advertising determined according to the user's navigation.
  • We do not use advertising cookies. If we decide to do so at a later date, we will ask for your agreement before placing them. You will also have the opportunity to find out about their nature, accept them or refuse them.
  • We use Google Analytics, a statistical audience analysis tool that generates a cookie to measure the number of visits to the Site, the number of pages viewed and visitor activity. Your IP address is also collected to determine the city from which you are connecting. This cookie is only stored if you give your consent. You can accept or reject it.
  • We remind you for all purposes that you can oppose the placement of cookies by configuring your browser. However, such a refusal could prevent the proper functioning of the Site.
10. Access to your Personal Data

In accordance with Act No. 78-17 of 6 January 1978 on data processing, data files and individual liberties, and Regulation (EU) 2016/679 of 27 April 2016, as soon as it enters into force (hereinafter: ‘GDPR’, you have the right to obtain the communication of and, if necessary, the rectification or deletion of data concerning you. You can send your request to us at:

  • the email address: legal@cenareo.com
  • the postal address: 201 rue Pierre et Marie Curie – 31670 Labège, France.

Persons whose data is collected on the basis of our legitimate interest, as mentioned in Article 5, are reminded that they may at any time object to the processing of their data. However, we may have to continue processing if there are legitimate reasons for the processing that prevail against your rights and freedoms or if the processing is necessary to establish, exercise or defend our rights in court.

11. Right to define guidelines for data processing after your death

You have the right to define guidelines for the storage, erasure and communication of your personal data after your death.

These guidelines can be general, i.e. they cover all personal data concerning you. In this case, they must be registered with a digital trusted third party certified by the CNIL.

The guidelines can also be specific to the data processed by our company. It is then advisable to send them to us at the following contact details:

  • the email address legal@cenareo.com
  • the postal address: 201 rue Pierre et Marie Curie – 31670 Labège, France.

By providing us with such instructions, you expressly consent to the storage, transmission and execution of such instructions in accordance with the terms hereof.

You can designate a person in your directives to be responsible for their execution. The latter will then be entitled, when you have passed away, to consult said guidelines and ask us to apply them. In the absence of designation, your heirs will be entitled to consult your instructions upon your death and ask us to implement them.

You may change or revoke your instructions at any time by writing to us at the above address.

12. Portability of your Personal Data

You have a right to the portability of the personal data you have given us, understood as the data you have actively and consciously declared in connection with access to and use of the services, as well as the data generated by your activity in connection with the use of the services. We remind you that this right does not apply to data collected and processed on a legal basis other than the consent or performance of the contract binding us.

This right can be exercised free of charge, at any time, and in particular when closing your account on the Platform, in order to retrieve and store your personal data.

In this context, we will send you your personal data, by any means deemed necessary, in an open standard format commonly used and machine-readable, in accordance with the state of the art.

13. Making a complaint to a supervisory authority

You are also informed that you have the right to lodge a complaint with a competent supervisory authority (the Commission Nationale Informatique et Libertés for France) in the Member State in which your habitual residence, place of work or place where the violation of your rights may have been committed, if you consider that the processing of your personal data covered by this Charter constitutes a violation of the applicable texts.

This remedy may be exercised without prejudice to any other remedy before an administrative or judicial court. Indeed, you also have a right to an effective administrative or judicial remedy if you consider that the processing of your personal data covered by this Charter constitutes a violation of the applicable texts.

14. Limitation of processing

You have the right to obtain a limitation on the processing of your Personal Data in the following cases:

  • During the verification period we apply, when you dispute the accuracy of your personal data,
  • When the processing of this data is unlawful, and you wish to limit this processing rather than delete your data,
  • When we no longer need your Personal Data, but you wish to keep it in order to exercise your rights,
  • During the period of verification of legitimate reasons, when you have objected to the processing of your Personal Data.
15. Modifications

We reserve the right, at our sole discretion, to modify this policy in whole or in part at any time. These modifications will come into force as of the publication of the new charter. Your use of the Solution following the entry into force of these modifications will constitute recognition and acceptance of the new charter. Otherwise, and if this new policy does not suit you, you should no longer access our Solution.

16. Entry into force

This charter entered into force on 01/02/2019