1.Introduction

BET2INVEST, a company with share capital of €36170, whose registered office is located at 99 A Boulevard Constantin DESCAT 59200 Tourcoing, registered in the Lille Métropole Trade and Companies Register under number 952 430 361, represented by its Chairman, hereinafter referred to as "THE COMPANY", is committed to a policy of respecting and maintaining high standards of personal data protection. 

As part of its business activity, THE COMPANY collects and processes personal data relating to its customers, Internet users, prospective customers and employees. 

With a view to fostering innovation while building a lasting relationship of trust based on shared responsible social values and respect for individuals, THE COMPANY has put in place the technical and organizational means necessary to protect the personal data it collects and processes.

The purpose of this policy is to present the commitments made by THE COMPANY with regard to the protection of personal data.

2.Fair and transparent data collection

In the interests of transparency, THE COMPANY takes care to inform its customers, Internet users, prospects and employees of any processing operations that concern them.

THE COMPANY is available at the following address to provide any clarification required concerning its personal data protection policy: 

[rgpd@bet2invest.com]

The purpose of collecting personal data is to optimize management of the platform accessible at https://bet2invest.com, as well as to manage professional relations with customers, prospects, web users and employees. 

3.Lawful and proportionate data processing

When THE COMPANY processes data, it does so for specific purposes: each data processing operation carried out by THE COMPANY has a legitimate, specific and explicit purpose.

When you order a service from THE COMPANY, you voluntarily provide personal data, in particular when subscribing to the information notices, the general terms of sale, or when requesting online contact on the sites belonging to THE COMPANY, and you therefore give us your consent to the processing of your personal data, as restrictively defined in article 4.

Respecting the right to be forgotten, THE COMPANY ensures that data is only kept in a form that allows identification of the persons concerned for as long as is necessary for the purposes for which it is processed.

4.Minimized and accurate data processing  

For each processing operation, THE COMPANY undertakes to collect and process only data that is adequate, relevant and limited to what is necessary for the purposes for which it is processed.

When placing orders, creating an online user account, using THE COMPANY online contact forms, or any other contractual commitment with THE COMPANY, you are informed of the processing of personal data that is essential for the provision of THE COMPANY's services. 

The data collected by THE COMPANY is processed by computer entry and is the subject of detailed information (nature of the data collected, purpose of processing, retention period and data transfer) by THE COMPANY to the persons concerned. 

Individuals whose data is collected are informed of how long their data will be kept when they sign a contract with the COMPANY.

Exceptions to the retention periods stipulated in contractual commitments are made in the case of information required to meet legal obligations.

Exceptions are also made to the above retention periods for trackers, as detailed in article 5 of the present policy.

ENTREPRISE ensures that data is, if necessary, updated and that procedures are implemented to ensure that inaccurate data is deleted or rectified.

5.Tracker management 

In order to optimize its operation, THE COMPANY is developing a website that uses analytical tracers to measure the site's audience for various purposes (performance measurement, detection of navigation problems, optimization of technical performance or ergonomics, estimation of server power requirements, analysis of content consulted). These tracers are necessary for the functioning and day-to-day operations of a website.  

It is imperative that the COMPANY provides Internet users with all the prior information necessary to enable informed, free, specific and unambiguous consent from Internet users, and in particular all the distinct purposes of each tracker and the identity of those jointly responsible for processing, within the meaning of CNIL deliberation no. 2020-091 of September 17, 2020 adopting guidelines relating to the application of article 82 of the amended law of January 6, 1978 to read and write operations in a user's terminal (in particular to "cookies and other trackers").

https://www.cnil.fr/sites/default/files/atoms/files/lignes_directrices_de_la_cnil_sur_les_cookies_et_autres_traceurs.pdf

THE COMPANY does not use cookies without the express consent of the persons concerned, except for the use of cookies exempted from the collection of consent, i.e. : 

• tracers used for authentication with a service, 
• tracers that retain the user's choice to deposit tracers, 
• Tracers whose purpose is strictly limited to measuring the audience for the site or application on behalf of the publisher only, and which are used solely to produce anonymous statistical data. The personal data collected cannot be cross-referenced with other processing or transmitted to third parties.

This information is kept for a maximum of 13 months, and you can opt out of the collection of cookies in your web browser. 

You can delete cookies from your computer via your web browser.

Below are the different procedures after opening the Internet browser:

6.Data processing and retention periods 

6.1.Personnel data 

The data collected by THE COMPANY concerning its personnel is as follows: 

Surname, first name, date of birth, place of birth, postal address, personal e-mail, business e-mail, personal telephone, business telephone, social security number, IBAN number, nationality, signature, photograph, nationality, vacations, position, remuneration, seniority, family situation of employees.

This data is kept for the duration of the employee's presence in the organization, and is stored on an archival medium after the employee leaves, in accordance with the CNIL guidelines on the processing of personal data for personnel management purposes.

6.2.Customer and user data

The data collected by the COMPANY concerning its customers is as follows: 

Surname, first name, email address, postal address, company name, registration number, date of birth, telephone number, bank details, geolocation data.

This data is kept for the duration of the commercial relationship, and is subsequently stored on archival media in accordance with the periods specified in the CNIL guidelines on the processing of personal data for the purposes of managing commercial activities. 

Any geolocation data is deleted after 24 hours. 

Health data, where applicable, is kept for up to 3 months from the end of the contractual relationship. 

7.Data protection guaranteed

The COMPANY attaches particular importance to the security of personal data.

Technical and organizational measures appropriate to the sensitivity of the data are implemented to protect it against malicious intrusion or accidental loss, destruction or damage that could undermine its confidentiality or integrity. 

When developing and designing, or selecting and using, the various tools that enable personal data to be processed, the COMPANY ensures, where applicable with the publishers of such tools, that they provide an optimum level of protection for the data processed.

THE COMPANY thus implements measures that respect the principles of protection by design and protection by default of processed data. To this end, THE COMPANY may use pseudonymization or encryption techniques whenever possible and/or necessary.

When using a service provider, THE COMPANY only communicates personal data to them after requiring them to comply with its own security principles.

Similarly, THE COMPANY regularly audits its own services and those of its service providers, in order to verify the application of data security rules.

8.Controlled access to data

The COMPANY applies strict authorization policies to ensure that the data it processes is transmitted only to persons authorized to have access to it.

The data of THE COMPANY customers, prospects, Internet users and staff is hosted by the company AWS.

Where the COMPANY needs to transfer data outside the European Union, it does so only under specific contractual arrangements that comply with the requirements of the competent supervisory authorities.

9.Respecting the rights of those concerned

THE COMPANY is particularly concerned about respecting the rights of persons concerned by the data processing it implements and therefore recognizes the existence of the following rights:

• the right to information and transparency ;
• right of access ;
• the right of rectification ;
• the right to erasure ("right to be forgotten");
• the right to restrict processing;
• the right to portability ;
• opposition rights ;
• the right to define directives concerning the conservation, erasure and communication of personal data after death.

The COMPANY also acknowledges that, except in the specific cases listed in the applicable regulations, individuals have the right not to be the subject of a decision based exclusively on automated processing, including profiling, likely to produce legal effects on the data subjects or to affect them in a similar significant way.

10.Easier contact

The COMPANY is able to respond to requests to exercise the rights of the persons concerned throughout the processing, in compliance with the conditions and deadlines laid down by the applicable regulations.

Requests for the exercise of rights by the person concerned shall be made, unless otherwise requested, by e-mail to the following address 

[rgpd@bet2invest.com]

The person concerned must clearly state his/her surname and first name(s), and indicate the address to which he/she wishes the reply to be sent. Proof of identity may be requested in case of reasonable doubt.