PRIVACY POLICY AND DATA PROTECTION

 

Preamble
As part of its business, NEXT 360 is required to process certain personal data as a processing manager for its internal needs.
These treatments take place in accordance with the Computer and Freedoms Act and the General Data Protection Regulations (GDPR).
The RGPD aims to uphold the fundamental freedoms and rights of individuals in particular, through the protection of personal data it provides, it aims to contribute to the achievement of an area of freedom, security and justice and economic union, economic and social progress, consolidation and convergence of economies within the internal market , as well as the well-being of individuals. In particular, it incorporates very strict requirements in terms of the protection of the personal data of individuals, which are necessary to guarantee the legal security and transparency of economic operators, and to offer individuals of all Member States the same level of enforceable rights and obligations and responsibilities for those responsible for treatment and subcontractors.
Thus, NEXT 360 is committed to an ongoing approach to protecting and security of personal data including:
The purpose of this policy
NEXT 360 informs you through this policy of how we protect data including personal data, processed via the online services accessible through the website https://www.next-360.io The Privacy Policy put in place by NEXT 360 is governed by the following conditions.
Definitions
  • Personal data or personal data (DCP):
Any information relating to an identified or identifiable individual; is deemed to be an “identifiable natural person” a natural person who can be identified, directly or indirectly
  • Processing personal data:
Any operation, or set of operations, involving personal data, regardless of the process used.
  • Data protection officer or data protection officer (DPO):
The Data Protection Commissioner (DPO), a central player in data protection compliance, independently monitors the legal and IT security of his agency and compliance with data protection regulations.
  • Cookies:
A cookie is information deposited on a user’s hard drive by the server of the site they visit. It contains several data: the name of the server that filed it, an identifier in the form of a single number, possibly an expiration date. This information is sometimes stored on the computer in a simple text file that a server accesses to read and record information
Data collection and origin
Data about users of NEXT 360 solutions is collected from the people involved in the context of:
– their entry into contact with NEXT 360;
– their registration on the platform.
– the use of NEXT 360 solutions;
Purpose of processing and types of data processed
The data collected are:
Some personal data is required to carry out the services offered by NEXT 360
 
The purposes are:
  • Optimizing navigation on the website
  • Registration, connection, use and platform NEXT 360
  • The development of statistics and the monitoring of compliance with computer and freedom regulations.
 
The data collected are:
  • Contact details (name, first name, function, email address, phone number);
  • Cookies (log and consultation data, IP addresses, logs, tracers).
Non-disclosure of personal data
Les The personal data collected is intended for exclusive use:
Staff empowered NEXT 360 to ensure the smooth running of services.
NEXT 360 ensures that only authorized persons can access the personal data of the individuals concerned and when necessary to carry out their missions.
Users’ personal data is not transmitted, rented or transferred to commercial or advertising actors.
When NEXT 360 uses subcontractors (archive or electronic signature service providers), the data is treated in absolute compliance with the above principle, exclusively in order to achieve the purposes of this policy.
As a principle NEXT 360 is committed to selecting subcontractors that meet the best quality and safety criteria, and have sufficient guarantees, in terms of reliability, safety, and resources, for the implementation of technical and organisational measures.
 
Place of data retention
The hosting servers on which NEXT 360 processes and stores the data are exclusively located within the French territory.
Moreover NEXT 360 undertakes not to transfer data outside the European Union.
Data retention time
The data is kept only for the time required for the purposes pursued:
– As a data subcontractor: the shelf life of NEXT 360 is set by the applicable prescribing rules. The archiving times are determined under the current regulatory requirement.
– As a processing manager, user data for the use of the NEXT 360 platform has a shelf life of one year. Contact data is kept for the time of the contractual relationship;
 
Contact, right of access, rectification and opposition
Any questions regarding NEXT 360’s Privacy Policy can be addressed:
  • by contact form on the site www. next-360.io
  • By mail to: next-360.io
8, avenue de la Baltique 91140 Villebon-sur-Yvette – France
Those affected have the following rights:
– The right to information
– The right of access;
– The right to rectify the process;
– The right to be erased or the right to be forgotten;
– The right to portability;
– Opposition rights;
– The right to limit treatment;
– The right to question;
– The right to set guidelines for the retention, erasure and disclosure of personal data after death
Users also have the option, once logged into NEXT 360 solutions, to modify their own data by updating their profiles.
Users can opt out of our posts and alerts by following the opt-out links in each of those emails.
Finally, these rights can be exercised by:
  • by contact form on the  site www. next-360.io
  • By mail to: next-360.io
8, avenue de la Baltique 91140 Villebon-sur-Yvette – France
As part of an application to exercise rights, you may be asked to provide proof of identity.
Those concerned can also refer the matter to the supervisory authority, the Cnil.