Privacy policy

1 – PRIVACY POLICY

2 – COOKIES POLICY

1 – PRIVACY POLICY

Object

This Policy is established by the company H2 CONCEPT, whose registered office is at BOULOGNE BILLANCOURT (92100), 41, rue de Paul Bert, under the number SIREN: 797 401 544.

Hereinafter referred to as “controller”

The purpose of this Policy is to inform visitors to the website hosted at the following address: https://egeri-tour.com/

(Hereinafter referred to as the “website”) of the way in which the data is collected and processed by the data controller.

This Policy is in line with the wish of the controller to act in complete transparency, in compliance with its national provisions and with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 /CE.

(Hereinafter referred to as the “General Data Protection Regulation”).

The data controller pays particular attention to the protection of the privacy of its users and therefore undertakes to take the reasonable precautions required to protect the personal data collected against loss, theft, disclosure or unauthorized use.

“Personal data” is defined as all personal data relating to the user, that is to say any information which allows him to be identified directly or indirectly as a natural person.

If the user wishes to react to one of the practices described below, he can contact the data controller at the postal address or at the email address specified in the “contact details” section of this Policy.

What data do we collect?

The data controller collects and processes, according to the methods and principles described below, the following personal data on the website visitor:

  • Its domain (automatically detected by the controller server), including the dynamic IP address;
  • Its email address if the user has previously revealed it, for example by sending messages or questions on the website, or by communicating with the controller by email or via the contact form or even during the ‘registration;
  • All information about the pages that the user has visited on the website;

The data controller may also need to collect non-personal data. These data are qualified as non-personal data because they do not directly or indirectly identify a particular person. They may therefore be used for any purpose whatsoever, for example to improve the website, the products and services offered or the advertising of the data controller.

In the event that non-personal data is combined with personal data, it is possible to identify the data subjects, these data will be treated as personal data until their reconciliation with a particular person is made impossible.

Collection methods/treatment

The data controller may process personal data as follows:

  • Website registration form/contact form
  • Cookies
  • Solicit via social networks

Regarding the processing carried out within the framework of the organization of competitions:

Purposes and legal bases of processing

The legal basis is the Contract between H2 CONCEPT and the participant

  • Carry out operations relating to the management of participants concerning: contracts; the bills; accounting and in particular the management of customer accounts; monitoring the customer relationship such as carrying out satisfaction surveys, managing complaints and after-sales service; the selection of customers to carry out studies, surveys and product tests.
  • Management of unpaid bills and litigation;
  • The organization of beauty contests in order to provide the participant with visibility among professionals in the field via a beauty contest (the profits are distributed online)
  • First, the prior checking of the conditions required to participate in beauty contests (Selection phase);
  • The photoshoot for the preparation of a book for the model;
  • Second, the transmission to the agency;
  • Dissemination of models’ profiles on website and social networks (rarer) in order to find a model agency for the participant;
  • The transmission to partner modeling agencies of profiles for signature;
  • Third, the selection of the best candidates;
  • Organization of participants’ travel (Transport and accommodation)
  • The organization of the final for the top 20 remaining candidates.

The legal basis is the consent between the participant and the company

  • Sending prospecting for similar products (Organization of internship in order to retake the competition);

Data collected by the company H2 CONCEPT:

  • Identity: title, surname, first name, middle name, number (landline and/or mobile), email addresses, date of birth.
  • Identity of the legal representative: Surname, first name, email addresses and number;
  • Physical characteristics: Height, measurements, shoe size, eyes color, hair color.
  • Photographs sent by the participant;
  • Photographs taken by photographers during the first interview (Photo test);
  • Passport numbers of participants;
  • The civil liability insurance certificate;
  • The agreement of the parents or the legal representative as to the authorization of minors;
  • Data relating to the transaction such as the transaction number, details of the purchase, of the property;
  • Data relating to the follow-up of the commercial relationship: history of payments and provision of services, after-sales service (refund);
  • Data relating to invoice payments: payment terms,
  • Data necessary for carrying out prospecting and studies;

Internal recipients:

The recipients of the data are only the staff authorized by the company H2 CONCEPT in charge of security and customer relations.

External recipients:

  • For the accounting items: Bodies, court officials and ministerial officers, as part of their debt collection mission;
  • For partners on request on a case-by-case basis and with the authorization of the user

Sub-contractors:

The people outside the company with access to the data are the various hosts as well as our IT service providers in charge of maintenance. In addition, the external photographers in charge of taking the photograph are likely to keep them during the retouching.

The duration of preservation:

  • Concerning unsuccessful registration forms: immediate deletion
  • Concerning the participants selected but not presented: 2 years
  • Concerning the participants in the competitions: 3 years because the competition takes place over one year.

Regarding other processing carried out on the website

Categories of data collected:

  • Identity: name, email addresses, username on social media.
  • Data relating to the contributions of people who post opinions on products, services or content, in particular their pseudonym;
  • Internet connection data (cookies): IP, tracers, navigation data, audience measurements, etc.

Purposes and legal bases of processing

Personal data is collected and processed only for the purposes mentioned below:

Purposes

Legal bases

  • Carrying out solicitation operations: making contact via social networks with models,
  • Development of commercials statistics;
  • Management of requests made on the establishment’s website via the contact form;
  • The management of opinions left on social networks or comments under articles;
  • Targeted search for new candidates via social networks (Facebook, Instagram)
  • Legal basis is the legitimate interest of the data controller in finding prospects or responding to your requests.
  • Visitor tracking via audience measurement cookies
  • Legal basis is consent
  • The management of requests for access, rectification and opposition rights
  • Legal basis is the legal obligation of the controller

The data controller could be required to carry out processing operations that are not yet provided for in this Policy. In this case, he will contact the user before reusing his personal data, in order to inform him of the changes and give him the possibility, if necessary, to refuse this reuse.

The duration of preservation

The preservation period must be defined by the person in charge of processing the file. In general, the latter only keeps personal data for the time reasonably necessary for the purposes pursued and in accordance with legal and regulatory requirements.

Archived data is therefore only kept for the time necessary to accomplish the objective pursued by the data controller, it is therefore deleted when the reason for its archiving is no longer justified.

Regarding prospects:

Personal data relating to a non-client prospect may be kept for a period of three years from their collection by the data controller or from the last contact from the prospect.

At the end of this three-year period, the data controller may contact the data subject again in order to find out whether they wish to continue to receive commercial requests. In the absence of a positive and explicit response from the person, the data must be deleted or archived in accordance with the provisions in force, and in particular those provided for by the Commercial Code, the Civil Code and the Consumer Code.

In the event of exercise of the right of access or rectification, data relating to identity documents may be kept for the period provided for in Article 9 of the Code of Criminal Procedure (i.e. one year). If the right to object is exercised, this data may be archived during the limitation period provided for in Article 8 of the Code of Criminal Procedure (i.e. three years).

Regarding the preservation period of cookies:

The consent to be monitored may be forgotten by the people who have expressed it at a given moment, the CNIL considers it necessary to limit the scope of the latter in time.

It recommends that the period of validity of consent to deposit Cookies be extended to a maximum of 13 months. At the end of this period, the consent must be obtained again.

Consequently, cookies must therefore have a lifetime limited to thirteen months after their first deposit in the user’s terminal equipment (following the expression of consent).

Their lifespan should not be extended during new visits to the website.

Application of rights

For all processing reserves the right to verify the identity of the user for the application of the rights listed below.

This request for additional information will be made within one month of the user making the request.

Data access and copying

The user can obtain free of charge the written communication or a copy of the personal data concerning him that has been collected.

The controller may require payment of a reasonable fee based on administrative costs for any additional copies requested by the user.

When the user submits this request electronically, the information is provided in a commonly used electronic form, unless the user requests otherwise.

Unless otherwise provided for by the general data protection regulations, a copy of their data will be communicated to the user no later than one month after receipt of the request.

Right to withdraw consent

For all processing based on consent, the data subject has the right to withdraw consent at any time. Regarding canvassing via social networks or via databases which are the result of indirect collection, the data subject may object to this processing at any time.

Right of rectification

The user can obtain free of charge, as soon as possible and at the latest within one month, the rectification of his personal data which is inaccurate, incomplete or irrelevant, as well as complete them if they prove to be incomplete.

Unless otherwise provided for by the General Data Protection Regulation, the request for the application of the right to rectification is processed within one month of its introduction.

Right to object to processing

The user may at any time, for reasons relating to his particular situation, object free of charge to the processing of his personal data, except when:

  • Processing is necessary for the performance of a task in the public interest or falling within the exercise of public authority vested in the controller;
  • Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, unless the interests or the fundamental rights and freedoms of the data subject which require protection of personal data (in particular when the affected person is a child).

The controller may refuse to implement the user’s right to object when he establishes the existence of compelling and legitimate reasons justifying the processing, which take precedence over the interests or rights and freedoms of the user, or for the establishment, exercise or defense of legal claims. In the event of a dispute, the user may lodge an appeal in accordance with the point “complaints and complaints” of this Policy.

The user can also, at any time, object, without justification and free of charge, to the processing of personal data concerning him when his data is collected for the purposes of commercial prospecting (including profiling).

When personal data is processed for scientific or historical research purposes or for statistical purposes in accordance with the general data protection regulation, the user has the right to object, for reasons relating to his particular situation , to the processing of personal data concerning him, unless the processing is necessary for the performance of a task of public interest.

Unless otherwise provided for by the general data protection regulation, the controller is required to respond to the user’s request as soon as possible and at the latest within one month and to justify his response when he intends not to act on such a request.

Right to restriction of processing

The user can obtain the limitation of the processing of his personal data in the cases listed below:

  • When the user disputes the accuracy of a data and only for the time that the controller can check it;
  • When the processing is unlawful and the user prefers limitation of processing to erasure;
  • When, although no longer necessary for the pursuit of the processing purposes, the user needs it for the establishment, exercise or defense of their legal rights;
  • During the time necessary to examine the merits of a request for opposition submitted by the user, in other words the time for the controller to verify the balance of interests between the legitimate interests of the user. controller and those of the user.

The controller will inform the user when the restriction of processing is lifted.

Right to erasure (right to be forgotten)

The user can obtain the erasure of personal data concerning him, when one of the following reasons applies:

  • The data are no longer necessary for the purposes of the processing;
  • The user has withdrawn their consent to their data being processed and there is no other legal basis for the processing;
  • The user objects to the processing and there are no compelling legitimate grounds for the processing and/or the user exercises their specific right of opposition in direct marketing (including profiling);
  • Personal data have been the subject of unlawful processing;
  • Personal data must be erased to comply with a legal obligation (under Union law or Member State law) to which the controller is subject;
  • The personal data has been collected as part of the provision of information society services to children.

However, the erasure of data does not apply in the following cases:

  • When the processing is necessary for the exercise of the right to freedom of expression and information;
  • When the processing is necessary to comply with a legal obligation which requires the processing provided for by Union law or by the law of the Member State to which the controller is subject, or to perform a task of public interest or relevant the exercise of public authority vested in the person responsible;
  • When the processing is necessary for reasons of public interest in the field of public health;
  • When the processing is necessary for archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes and insofar as the right to erasure is likely to make impossible or seriously compromise the realization of the purposes of the processing in question;
  • When the processing is necessary for the establishment, exercise or defense of legal claims.

Unless otherwise provided for by the general data protection regulation, the controller is required to respond to the user’s request as soon as possible and at the latest within one month and to justify his response when he intends not to act on such a request.

Right to “data portability”

The user may at any time request to receive their personal data free of charge in a structured, commonly used and machine-readable format, in particular with a view to transmitting them to another controller, when:

  • Data processing is carried out using automated processes; and when
  • The processing is based on the user’s consent or on a contract concluded between the user and the controller.

Under the same conditions and according to the same modalities, the user has the right to obtain from the controller that the personal data concerning him be transmitted directly to another person responsible for the processing of personal data, insofar as this is technically possible.

The right to data portability does not apply to processing which is necessary for the performance of a task in the public interest or falling within the exercise of public authority vested in the controller.

Data recipients and disclosure to third parties

Internal recipients:

The recipients of the data are only the personnel authorized by the company H2 CONCEPT, in charge of security and the commercial relationship.

External recipients:

For exchanges via social networks between H2 CONCEPT and prospects, personal data is also processed by Facebook and Instagram in the case of advertising campaigns.

Subcontractors:

The people outside the company with access to the data are the various hosts as well as our IT service providers.

The recipients of the data collected and processed are, in addition to the data controller himself, its employees or other subcontractors, its carefully selected business partners, located in France or in the European Union, and who collaborate with the data controller. processing in connection with the marketing of products or the provision of services.

In the event that the data is disclosed to third parties for the purposes of direct marketing or commercial prospecting, the user will be informed in advance so that they can choose to accept the transfer of their data to third parties.

As soon as this transfer is based on the user’s consent, the user may, at any time, withdraw his consent for this specific purpose.

The data controller complies with the legal and regulatory provisions in force and will in all cases ensure that its partners, employees, subcontractors or other third parties having access to this personal data comply with this Policy.

The data controller discloses the user’s personal data in the event that a law, legal process or an order of a public authority makes this disclosure necessary.

No transfer of personal data outside the European Union is made by the controller.

Security

The data controller implements the appropriate technical and organizational measures to guarantee a level of security for the processing and the data collected with regard to the risks presented by the processing and the nature of the data to be protected, adapted to the risk. It takes into account the state of knowledge, the costs of implementation and the nature, scope, context and purposes of the processing as well as the risks to the rights and freedoms of users.

The data controller always uses encryption technologies that are recognized as industry standards within the IT sector when transferring or receiving data on the website.

The data controller has implemented appropriate security measures to protect and prevent the loss, misuse or alteration of information received on the website.

In the event that the personal data that the controller controls should be compromised, he will act quickly to identify the cause of this violation and take appropriate remedial measures.

The data controller informs the user of this incident if the law requires it.

Complaint

If the user wishes to react to one of the practices described in this Policy, it is advisable to contact the data controller directly.

The user can also lodge a complaint with his national supervisory authority, you can send a complaint online to the CNIL or by post:

Commission nationale de l’informatique et des libertés (CNIL)

3 Place de Fontenoy
TSA 80715
75334 Paris cedex 07
Tél : +33 1 53 73 22 22

In addition, the user has the possibility of lodging a complaint before the competent national courts. 

Contact details

For any questions and/or complaints relating to this Policy, the user can contact the data controller at the following address:

By email : contact-dpo@h2-concept.com

Or by mail:

H2 CONCEPT
41 – 43, rue Paul Bert
92100 BOULOGNE BILLANCOURT

Modification

The data controller reserves the right to modify the provisions of this Policy at any time. The changes will be published directly on the website of the data controller.

Applicable law and competent jurisdiction

This Policy is governed by the national law of the main place of business of the controller.

Any dispute relating to the interpretation or execution of this Policy will be submitted to the jurisdictions of this national law.

This version of the Policy dates from 09/01/2019.

2 – COOKIES POLICY

Object

This Policy is established by the company H2 CONCEPT, publisher of the website https://egeri-tour.com/ (hereinafter the “website”), whose registered office is located BOULOGNE BILLANCOURT (92100), 41, rue de Paul Bert, under the number SIREN: 797 401 544

The company H2 CONCEPT (hereinafter “We”, “our”) strives to offer you the best possible service and therefore wishes to preserve the confidence you have in our company by informing you of our policy of use and storage of cookies.

What is a cookie ?

A cookie is a small text file placed on the hard drive of your computer or mobile device which is sent by the server of the website you are visiting.

The cookie contains a unique code that allows its issuer to recognize the relevant terminal (your computer or your mobile device) each time the website is visited.

The cookie identifies the browser on your terminal but never you personally. In addition, a website server can only read cookies that it has placed itself and does not have access to any other information on your computer or mobile device.

Cookies can either be placed by the server of the website you are visiting “original cookies” or by partners with whom this website collaborates “third party cookies”.

Period of validity of a cookie

Some cookies expire when you close your browser “session cookies”, while others stay longer on your device, sometimes even until you manually delete “permanent cookies ».

In general, cookies have a limited period of validity. The most common period of validity is 30 days and the maximum period of 13 months from the day the cookie is placed on your terminal.

General purposes of cookies

The primary goal is to ensure more efficient and faster navigation (eg a cookie remembers the language you choose, identifies you when you access your account, etc.). Cookies remember your preferences and thus allow you to speed up and facilitate your access to the website.

They also help to understand how you navigate our website.

In addition, they offer the possibility of making the content of a website, or the advertising on that website, more relevant to you. The website will therefore be adapted to your personal tastes and needs.

Managing cookies

To place certain cookies on your device, it is necessary that we obtain your prior and explicit consent. We get it through the banner placed on the home page of the website.

In addition, most browsers use cookies. You can also delete these cookies or refuse their installation at any time and free of charge by modifying the options of your browser software. The configuration of each browser is different. Each procedure is described in the help menu of your browser. To do this, please go to the following links:

Firefox: https://support.mozilla.org/fr/kb/effacer-les-cookies-pour-supprimer-les-information

Chrome: https://support.google.com/chrome/answer/95647?hl=fr

Safari: https://support.apple.com/kb/PH21411?locale=nl_NL&viewlocale=fr_FR

Internet Explorer: https://support.microsoft.com/fr-be/help/17442/windows-internet-explorer-delete-manage-cookies

By refusing the use of cookies, you can access our website. However, some functionality will be limited, if not impossible.

Types of cookies

  • Technical cookies

These cookies, which only contain your IP address, are essential for visiting the site.

They allow:

  • Surf the different pages of the website and take advantage of its features;
  • Complete forms;
  • Ensure the verification of your identity when you access your personal data;
  • Secure access to the website.
  • These cookies do not require your consent since they allow you, in particular, to access the website.
  • Functional cookies

These cookies facilitate and analyze the functioning of our website. Thanks to these, we can make your browsing experience more pleasant and more personalized.

Thanks to them we can:

Personalize the services (language, currency, location, navigation data, etc.);

Remember your choices from a previous visit;

Collect information from online forms;

Compile statistics;

Analyze the use of the website.

Like technical cookies, these cookies are used to improve your browsing experience and do not require your consent.

  • Advertising cookies

These cookies give us information about your browsing habits and allow the advertising content of our website to be tailored to your interests.

On the basis of these we can analyze the effectiveness of advertising campaigns, in particular by identifying the subsequent actions that you take by clicking on these advertising banners. In addition, based on geolocation data, we can tailor the announcements made to you to let you know of the opportunities available near where you are.

These advertising cookies can also be used to send you targeted advertising messages using technologies that link data based on the sites you have visited.

The information we collect and share can only identify your device.

For these cookies, your consent is required and we ask you for it when you access our website.

  • Analytical or performance cookies

These cookies are used to collect information about how you visit our website. These allow us to measure the audience for the various content and sections of our website in order to improve them.

Thanks to these cookies we can detect navigation problems and improve the ergonomics of our website.

This data is collected and is therefore completely anonymized.

For these cookies, we need your consent.

  • Social media cookies

“Social network” cookies share the content that you choose to share via application buttons that belong to social networks. When you use these buttons, a third-party cookie is installed on your terminal and if you are connected to the social network, this information will be added to your profile.

Regarding these cookies, it is advisable to check on each social network what is the scope of the data collection and the use of these.

These cookies also require your consent.

Facebook https://fr-fr.facebook.com/policies/cookies/
Twitter https://help.twitter.com/fr/safety-and-security/twitter-do-not-track
Google https://support.google.com/accounts/answer/61416?hl=fr
Instagram https://help.instagram.com/1896641480634370
  • Third party cookies

These cookies are placed by third parties on our website and then on your device. We do not have control over these. To find out more, please see the information provided by these third-party sites on their own cookies.

Your rights over the processing of your personal data

Cookies which process personal data are subject to the rules on the protection of personal data. In this context, you have certain rights (right of access, a right of rectification, a right of opposition, a right of withdrawal of consent, etc.).

We refer you to our Privacy Policy accessible above, which details your rights and the conditions for their application.

Contact

: contact-dpo@h2-concept.com

:  H2 CONCEPT, 41 – 43, rue de Paul Bert (92100) BOULOGNE BILLANCOURT

Modification

We reserve the right to modify the provisions of this Policy at any time. We will post the changes directly on our website.

Applicable Law and Jurisdiction

This Policy is governed by the national law of our main place of business listed above.

Any dispute relating to the interpretation or execution of this Policy will be submitted to the jurisdictions of this national law.

This version of the Policy comes into force and was updated on 09/01/2019.