Novalist Thinking is committed to ensuring that the processing of personal data carried out on www.novalistthinking.fr complies with the General Data Protection Regulations (RGPD) and the Data Protection Act. This data protection policy applies to data processing carried out via the website om www.novalistthinking.fr. It informs you about the purpose (s) of the treatments carried out, the legal basis of the treatments, the recipients of the data as well as their retention period, the security measures (general description), the possible existence of data transfers outside of the European Union or automated decision-making, the use and management of cookies, your computer rights and freedoms and how to exercise them.
Who is responsible for the data processing carried out by this website?
The person responsible for data processing carried out by the website www.novalistthinking.fr is Novalist Thinking, located 366 Ter, Rue de Vaugirard 75015 Paris. For more information, see the legal notices .
Does this site collect personal data?
According to article 4.1 of the GDPR, personal data is any information that identifies you either directly or indirectly. This site collects personal data via its various contact forms. Personal data is freely communicated to Novalist Thinking by the persons concerned by consenting to the processing and by taking note of the information notice displayed under the various contact forms. The data collected is adequate, useful, necessary and limited to the strict minimum. These include identification (name, first name), professional (company) and connection (email address) data.
What are the purposes of data collection?
The personal data that are collected in the context of the various contact forms on the website have the following purposes:
- Respond to messages from website visitors.
- Receive your comments on the blog.
- Perform a GDPR diagnosis.
- Establish and ensure the follow-up of the commercial relationship.
- Receive and process your requests relating to your rights under the GDPR and the Data Protection Act.
What is the legal basis for the processing carried out by this site?
The processing of your personal data by Novalist Thinking is based on:
- Or on your consent for all cases where you yourself entrust your personal data. Your consent can of course be withdrawn at any time.
- Either on the execution of contractual or pre-contractual measures as part of your request for an estimate and the commercial relationship that may result from it.
- Or on compliance with a legal obligation, particularly in terms of exercising your rights under the GDPR and the Data Protection Act.
Who are the recipients of the data processed by this site?
Your personal data are primarily intended for Novalist Thinking, site editor and data controller. They are processed by the staff of the various departments concerned by your requests, such as the sales department and the personal data protection department. They are processed only for the purposes indicated above. Personal data concerning you may be processed from time to time by Novalist Thinking subcontractors (within the meaning of article 4.8 of the GDPR) in a strictly regulated manner. They are never communicated to third parties for commercial purposes.
Are personal data transferred outside the European Union?
The personal data collected by this website are not transferred to actors located outside the European Union. In the event of a contractual transfer of personal data, Novalist Thinking ensures that the recipients are based in the European Union. Novalist Thinking also monitors GDPR compliance for all data recipients.
How are the personal data processed by this site secure?
Novalist Thinking undertakes to protect the personal data processed within the framework of this site, in accordance with the state of the art. The indications below are the main security measures to protect your personal data:
- All the pages of the novalistthinking.fr website of Novalist Thinking are under the https protocol.
- The erasure of Personal Data is carried out at the request of the data subject or at the end of the retention period;
- An internal and external password management policy has been put in place;
- The data is stored on a dedicated 100% European data server respecting maximum technical security. Redundancy of servers is performed locally (multiple clusters). Cluster firewalls have been set up. Each cluster access is copied to disks twice a day. All these actions are duplicated on a remote site in another city.
What is the retention period for personal data processed by this site?
The personal data collected is stored in a database by Novalist Thinking and is kept for 3 years from your last contact or for the duration of the commercial relationship. The supporting documents collected within the framework of the exercise of your rights are kept for the time of processing your request (1 month maximum, according to the prescriptions of the CNIL).
Can I oppose these cookies?
Yes, in several ways. If you do not want this website to place cookies on your computer, you can block them:
- By configuring your browser appropriately or by installing an additional component on your browser, specifically designed for cookie management;
- By configuring your browser so that it transmits to the website your wish not to be “tracked” (“Do not track”). This website respects your choice.
What are the rights of the people concerned by the processing carried out by this site?
You can visit our website without having to disclose your identity and provide any personal information about yourself. However, you can ask us to contact you again using a specific form. We collect the individual data that you provide to us as part of the contact form, as well as in the emails you send to us.
In accordance with the General Regulations on the Protection of Personal Data (RGPD) which entered into force on May 25, 2018 and by LAW n ° 2018-493 of June 20, 2018 relating to the protection of personal data known as LIL3 and of Ordinance no. ° 2018-1125 of 12 December 2018 taken in application of article 32 of law n ° 2018-493 of 20 June 2018 relating to the protection of personal data and amending law n ° 78-17 of 6 January 1978 relating to data processing, files and freedoms, you have the following rights:
- Access to your personal data and information concerning them;
- Rectification, deletion and portability of your personal data;
- Limitation and opposition to the processing of your personal data;
- To withdraw your consent.
You also have (when applicable), the right to formulate general or specific directives relating to the storage, erasure and communication of your personal data after your death or right to be forgotten.
How can I exercise my rights provided for by the GDPR and by the Data Protection Act?
Your requests can be formulated in different ways:
- By email by writing to email@example.com
- In person by making an appointment and then going to the reception of Human Spirit Innovation – Novalist Thinking – 366 Ter, Rue de Vaugirard 75015 PARIS;
- By post by writing to Human Spirit Innovation – Novalist Thinking – 366 Ter, Rue de Vaugirard 75015 PARIS;
- Through an agent who will use one of the above channels to make the request.
Please formulate each of your requests by one of the means above, enclosing a copy of an identity document.
For a right of access request:
Please specify in your request which data or which processing operations it relates to.
Your data will be sent to you electronically or by post, by registered mail with acknowledgment of receipt.
Novalist Thinking may require payment of a reasonable fee based on administrative costs for any additional copies requested (Article 15.3 GDPR).
In the event of manifestly unfounded or excessive requests, Novalist Thinking may require the payment of reasonable fees which take into account the administrative costs incurred in providing the information or refusing to act on these requests (article 12.5 of the GDPR).
For a request for the right to rectification:
If you believe that information concerning you is incorrect and should be rectified, please indicate precisely the inaccurate or incomplete data concerning you, and provide all information allowing them to be corrected or supplemented (article 15 of the GDPR).
For a request for the right to erasure:
Please indicate precisely the data concerning you which you are requesting erasure, and the reasons for your request (Article 17 of the GDPR).
Note: this right is not absolute, Novalist Thinking may be required to keep information about you, in particular in the context of the management of the commercial relationship (management of invoices, management of litigation) and in the context of documentation and the provision of proof relating to the exercise of your rights.
For a request to limit processing :
Please indicate precisely the data concerning you for which you are requesting restriction of processing, and the reasons for your request.
Note: this right is not absolute, Novalist Thinking may decide to continue processing your data (article 18.3 of the GDPR). The limitation, if implemented, may result in the suspension of services provided by Novalist Thinking (access to works and deliverables, receipt of information, etc.). These consequences will be described to you in the letter acknowledging receipt of your request to limit processing.
For a request for the right to object :
Please indicate precisely the processing of data concerning you to which you wish to object, and the reasons for your request.
Note: this right is not absolute. Please indicate precisely the processing for which you object to the management of your personal data, and the reasons for your request (article 21 of the GDPR).
For a request for the right to portability :
Each user can at any time make a data portability request in order to retrieve the personal data that Novalist Thinking has collected on him within the framework of processing based on consent and on the basis of a contract.
If you want the data to be transmitted to another data controller in a standard format, please specify this and provide the contact details of this other data controller.
How to contact the DPO?
You can contact the DPO of the GDPR Agency by electronic means at the following address: firstname.lastname@example.org or by post by sending your mail to the following address: Human Spirit Innovation – Novalist Thinking – Délégué à la protection des data
366 Ter, Rue de Vaugirard 75015 PARIS
Updated 24 st March 2021.