Targedys

Targedys
Menu

Data Protection

As data controller, the company Targedys, established in France at 1 chemin de Saulxier in Longjumeau (91160) (hereinafter, the “Controller”), undertakes to comply with the regulatory provisions applicable to the protection of personal data, in particular Regulation (EU) 2016/679 of April 27, 2016 – General Data Protection Regulation (hereinafter, the “GDPR”), on the processing that it implements on the Targedys Corporate website, accessible at www.targedys.com (hereinafter, the “Website”).

DATA PROTECTION POLICY

Definitions

With reference to Article 4 of the GDPR, the following definitions apply:

« Personal data » means any information relating to an identified or identifiable natural person; an « identifiable natural person » is deemed to be a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.

  • This includes, for example, any information concerning the user of the Website, such as surname, first name, e-mail address, etc.

« Processing » means any operation or set of operations, whether or not carried out using automated processes, applied to personal data or sets of personal data.

  • This refers to the Website or a service offered on the Website, such as the management of the users’ requests.

« Data controller » means the natural or legal person, public authority, department or other body which, alone or jointly with others, determines the purposes and means of processing.

  • The publisher of the Website acts as data controller.

« Data processor » means the natural or legal person, public authority, department or other body that processes personal data on behalf of the data controller.

  • For example, the Website host acts as data processor on behalf of the Website publisher.

« Recipient » means the natural or legal person, public authority, department or other body that receives personal data, whether or not it is a third party.

  • This may include the publisher staff authorized to manage the Website.

Generalities

The User is free to browse the Website without having to explicitly provide any personal information. However, he/she may be asked to provide personal data, for example by contacting the Controller. In addition, the Website uses « cookies », which may send data concerning the User to third-party companies.

The Website, as well as each service offered on the Website, limits the collection of personal data to what is strictly necessary and is accompanied by information detailing in particular:

  • The purpose of the processing of personal data,
  • The legal basis for the processing,
  • The source of the data (if not supplied by the Website user),
  • Whether data collection is mandatory or optional,
  • Recipients of the data,
  • Data retention period,
  • Whether data is transferred outside the European Union,
  • The rights of the individual to his or her data and how to exercise them.

Security measures

The Controller takes all necessary precautions to protect the security of the Website user’s personal data, and in particular to prevent it from being distorted, damaged or accessed by unauthorized third parties.

In addition, the Website has an SSL certificate to secure data exchanges between the user and the Website.

GDPR rights

In accordance with the GDPR, the user of the Website has a right of access, rectification, deletion, portability, limitation and opposition to the data concerning him/her, which he/she may exercise, under the conditions provided by the GDPR, with the Data Protection Officer (DPO) of Biocodex Group to which Targedys belongs (in English if French is not possible), via the e-mail address dpo[at]biocodex.com (replace « [at] » with « @ ») or by post: DPO BIOCODEX, 22 rue des Aqueducs, 94250 GENTILLY, France; he/she also has the right to lodge a complaint with a supervisory authority (the CNIL in France ; more information: https://edpb.europa.eu/about-edpb/about-edpb/members_en).

Website management

What is the purpose of the processing and what is its legal basis?

The purpose of processing personal data is to manage the Website. It enables the Controller:

  • The preparation and publication of content;
  • Putting services on line for users;
  • Technical administration, in conjunction with the service providers involved in processing;
  • Security management;
  • Production of statistics on audience and use of online services.

With reference to Article 6(1)(f) of the GDPR, the processing is necessary for the purposes of the legitimate interests pursued by the Controller (promote research on microbiota).

What data is processed, where they come from and how long are they kept?

The categories of data processed are:

  • Data relating to the persons who are the subject of publications (identity, functions, contact details, etc.);
  • Data relating to browsing on the Website (time stamps, users’ IP addresses, technical data relating to the equipment and browser used by users, geolocation, cookies) and on digital platforms via share buttons and media (cookies and other tracers);
  • Data relating to the management of services offered to users;
  • Data relating to the management of publications (purpose, deliverables, follow-up, statistics);
  • Data relating to the management of technical services (time-stamping and purpose of requests, tracking, follow-up, statistics);
  • Website audience and online services usage statistics.

Data may come from:

  • The Controller staff in charge of publishing content and technical administration of the Website;
  • Contributors to publications;
  • Website users;
  • Staff of the service providers concerned;
  • Third-party sites (websites, social networks, search engines, etc.).

Data collected during browsing, which is not necessary for the operation of the Website (such as some types of cookies), is optional.
Unless otherwise specified, all other data collected is mandatory.

Data retention:

  • Data relating to exchanges with service providers are kept for 5 years after the end of the contractual relationship;
  • Published data is kept online until the site is closed, after which it is archived for 5 years;
  • Unless required by law, or unless there is a particularly high risk, log data is kept for up to 6 months;
  • The data required to produce statistics on the audience and use of online services is kept in a format that does not allow individuals to be identified by their IP address, and includes an identifier (relating to the cookie) kept for a maximum of 13 months (unless the person concerned objects).

Who is the data intended for?

Depending on their respective needs, the following are recipients of all or part of the data:

  • The Controller staff in charge of content publication and technical administration of the Website;
  • Staff of the service providers concerned;
  • Website users;
  • Staff responsible for supervising the security of the Controller’s information systems.

Due to their presence on the Internet, publications may be accessible outside the European Union.

Management of requests

What is the purpose of the processing and what is its legal basis?

The purpose of processing personal data is to manage requests and reports made on the Website. It enables the Controller:

  • Receive requests/notifications;
  • Manage the follow-up of correspondence;
  • Drawing up anonymous activity statistics.

With reference to Article 6(1)(f) of the GDPR, the processing is necessary for the purposes of the legitimate interests pursued by the Controller
(collecting requests and reports from users from its websites).

What data is processed and how long are they kept?

The categories of data processed concerning the sender are:

  • Identity: name, e-mail address, company, country;
  • Subject and body of the message.

Unless otherwise specified, all data is mandatory.

Data is kept for up to 5 years from the time the request is processed.
If the request concerns an adverse reaction, a medical question or a product quality complaint, data retention is defined in the specific subsequent processing.

Who is the data intended for?

Depending on their respective needs, the following are recipients of all or part of the data:

  • Controller staff responsible for:
  • processing requests;
  • health vigilance, medical information or product quality complaints (where applicable);
  • data protection (where applicable).

About cookies

The Controller uses various computer « cookies » on the Website to measure the audience and integrate services to improve the interactivity of the Website.

What is a computer « cookie »?

A computer « cookie » is a text file that may be deposited on a user’s terminal during browsing on a website.
Cookies are an important tool enabling organizations to gain an overview of their users’ online activity.

How it works: generally small in size and identified by a name, it is transmitted to the user’s browser by the website visited.
The browser stores it for a certain period of time, and sends it back to the website each time it is reconnected.
In principle, cookies can be easily viewed and deleted.

In themselves, cookies are harmless, as they contain no executable code.
They perform important functions for websites: they can be used to memorize a customer account identifier,
browsing preferences, enable browsing to be tracked for statistical or advertising purposes, and so on.

However, cookies can store enough data to identify a user without his or her consent and, in some cases, can be used to create profiles of individuals.
This is why it is essential that cookie management is controlled within the framework of data protection.

What are the different types of cookies?

In general, cookies can be classified in three different ways: by origin, by lifetime and by purpose.

Origin

First-party cookies – These cookies are placed on the visitor’s terminal directly by the website being visited.

Third-party cookies – These cookies are placed on the visitor’s terminal by a third-party organization, such as an advertiser.

Lifetime

Session cookies – These cookies are temporary and expire when the browser is closed or at the end of the visit (session).

Persistent cookies – This category includes all cookies that remain on the visitor’s terminal until they are deleted.
They may be deleted manually or automatically (depending on the expiration date of the cookie, or when the browser is closed if so configured).

Purpose

Strictly necessary cookies – These cookies help to make a website usable by enabling basic functions such as page navigation,
access to secure areas of the site, or storing items in an online shopping cart. The website cannot function properly without these cookies.

Preference cookies (functionality cookies) – These cookies enable a website to retain information that modifies the way the site behaves or displays, such as the visitor’s preferred language or the region in which he or she is located.

Statistical cookies (performance cookies) – These cookies help the website owner, through the collection and communication of information, to understand how visitors interact with the site, such as which pages are visited, and which links are used. The aim is to subsequently improve the website. Although intended for use by the website owner, these cookies may come from third-party organizations that may track the visitor for marketing purposes.

Marketing cookies – These cookies track the user’s online activity to help, for example, advertisers deliver more relevant ads. These cookies may share this information with other organizations or advertisers. These cookies are persistent and almost always come from third parties.

How can I control the placement of cookies?

In general, website users can prevent cookies from being deposited on their terminal, or delete existing ones, by configuring their web browser accordingly.
For instructions on how to manage cookies, please refer to your browser’s help section.

  • Please note, however, that blocking the deposit of cookies in your web browser may lead to malfunctions on the Website, as well as on other websites.

What types of cookies are used on the Website?

Internal cookies used for audience measurement

These cookies are deposited directly by the Website and enable anonymous statistics.

 

_pk_id* :

Provider: Matomo (https://matomo.org/)

Functionality: to store a unique user ID

Maximum retention period: 13 months.

 

_pk_ses* :

Provider: Matomo (https://matomo.org/)

Functionality: to store a unique user ID

Maximum retention period: session.

Third-party cookies 

The Website uses no third-party cookies.