The purpose of this privacy policy is to inform users of our site about the personal data we will collect and the following information, where applicable:
- The personal data we will collect
- How we use the data we collect
- Who has access to the data collected
- The rights of site users
- The site’s cookies policy
Personal data charter
1- LEGAL INFORMATION
The https://www.esma-artistique.com website (hereinafter the “Website”) is published by Ecoles Créatives Montpellier, a simplified joint stock company with share capital of €1,121,772.00, RCS Montpellier B 841 926 132, whose registered office is located at 1 place Niki de Saint Phalle, 34070 Montpellier, France, VAT number FR64841926132 (hereinafter the “Company”).
You may contact the Company :
By post at the following address: 1 place Niki de Saint Phalle, 34070 Montpellier
By e-mail at the following address: contact@esma-montpellier.com
Or by telephone on: 04 67 63 01 80.
Publication manager: Mr Karim Khenissi
Technical service provider (Host) : OVH – 2 rue Kellermann 59100 Roubaix 1007 – Telephone: 09 72 10 10 07. The server hosting the Site is located within the European Union.
2- PERSONAL DATA, GENERAL PRINCIPLES
Personal data is defined as any information relating to an identified or identifiable natural person, either directly (surname, first name) or indirectly (for example by an identifier, customer number, e-mail address or telephone number).
In accordance with applicable legislation, personal data must be :
– processed lawfully, fairly and transparently with regard to the data subject (lawfulness, fairness, transparency) ;
– collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes;
– adequate, relevant and limited to what is necessary for the purposes for which they are processed (data minimisation);
– accurate ;
– every reasonable step must be taken to ensure that personal data which are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (accuracy);
– kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which it is processed;
– processed in such a way as to guarantee appropriate security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (integrity and confidentiality).
3- PURPOSE
When browsing the Site, filling in forms on the Site or at trade fairs and events, Internet users (hereinafter referred to as “Users” or “the User”) may be required to communicate personal data to the Company, which it collects and processes. The purpose of this Personal Data Charter is to explain to Users of the Website the types of data that are collected, the conditions under which they are processed and used, and the rights they have under Act no. 78-17 of 6 January 1978, as amended, on Data Processing, Data Files and Individual Liberties and European Regulation no. 2016/679/EU of 27 April 2016 (known as the “RGPD”).
For any questions, requests or additional information, Users may contact the Company using the contact details given in the legal notice. Users may also consult the website of the Commission Nationale de l’Informatique et des Libertés (“CNIL”) (cnil.fr), which sets out the rights of the persons concerned and explains the applicable procedures.
By connecting to the Site and browsing the Site, Users acknowledge and accept the conditions set out in this Charter relating to the collection and processing of their personal data (the “Data”). Users may exercise the rights granted to them by Community regulations and by French law as explained below.
In accordance with article 15 of law no. 78-17 of 6 January 1978, taken in application of article 8 of the RGPD, a minor may consent alone to the processing of personal data with regard to the direct offer of information society services from the age of fifteen (15). If the User is under fifteen (15) years of age, he/she acknowledges that he/she must consent to the processing of Data concerning him/her only if the holder(s) of parental authority also consent(s) to said processing.
This Privacy Policy may be updated in line with the Data collection tools used by the Company, technical developments or changes to legislation and opinions issued by the CNIL (French Data Protection Authority).
4- TYPE OF DATA COLLECTED AND PURPOSES
The Company may collect the following data for the purposes specified below:
| Tool / Actions | Data | Purpose |
| Connection to the Site | Connection, browsing or location data. | To facilitate Users’ access to the Site or to offer them personalised content. To secure the Site against attacks and to obtain audience measurements. |
| Cookies | Information deposited on the hard disk by the server. This information is stored on the equipment used in a simple text file, which a server accesses to read and record certain information (IP address, connection method, Internet browser used, operating system, information relating to the computer, URL address of connections, technical identifiers). | To facilitate Users’ access to the Site or to offer them personalised content, to provide Users with an optimal service and for statistical purposes for the Company. Google ads services also enable the Company to personalise advertisements according to the User’s browsing habits. |
| Forms
(Contact, information requests, applications, etc.) |
The Data may consist of the User’s title, surname, first name, mobile phone number, e-mail address, country, date of birth, desired programme, admission route. | Information required to contact the User and process his/her requests. |
| Newsletter | By entering their e-mail address, Users can subscribe to the Newsletter published by the Company, in particular to keep up to date with its news and the events it organises. | Respond to Users’ requests for information. |
| Marketing tools | Targeted advertising using tools provided by third-party publishers. | Marketing campaigns. |
The pop-up window or “banner” displayed when the User’s consent is obtained for Cookies specifies the Cookies and tools used and their purpose. These Cookies and tools are likely to change over time and the User is invited to refer to the updated list of Cookies and tools and to manage their consent settings (in particular functional, statistical and marketing tools).
The Company does not under any circumstances collect or process Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership and does not process (collect, store, etc.) genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning the sex life or sexual orientation of a natural person.
5- USER CONSENT
The User’s prior and express consent is obtained by accepting Cookies, tools and tracers when browsing the Site. The banner displayed details the list of Cookies and tools used and their purpose. The present Data Charter can also be consulted, via a hypertext link, by the User before he or she chooses to accept or refuse said Cookies and trackers.
The User’s prior and express consent is also obtained prior to the collection of his/her Data, in particular when he/she subscribes to the Newsletter or when he/she transmits his/her Data via a material form (on the occasion of a trade fair or event) or on the Site.
When certain Data is mandatory in order to access specific features of the Site or to obtain the documents and information requested by the User, the mandatory nature of the Data is indicated as such at the time of entry (for example by an asterisk). Users are free to refuse the collection of such Data, but they acknowledge that if they do so, they will not be able to access certain services, functions or sections of the Site and/or they will not be able to obtain the information they have requested or apply online.
The Company may send a Newsletter to Users who have subscribed to such a service and who have provided their e-mail address. Users may stop receiving the Newsletter at any time by clicking on the “Unsubscribe” link in the Newsletter tab on the Site or on the Newsletter they receive.
In addition, by completing a form on the Site, the User agrees to receive electronic communications from the Company, in particular, confirmation of the receipt of his/her request or application, e-mails, e-mailings or information relating to the training courses offered. The Company may use the Contact Data for marketing campaigns on social networks. The User may, at any time, refuse to continue to receive the aforementioned communications by clicking on the unsubscribe link provided for this purpose on the offers or e-mails that may be sent to him/her.
6- STATISTICS AND AUDIENCE MEASUREMENT
In order to adapt the Site to Users’ requests, the Company measures the number of visits, the number of pages viewed, as well as Users’ activity on the Site and the frequency with which they return.
It is possible to refuse cookies by clicking on the banner displayed when consulting the Site. In this case, Users acknowledge that they will not be able to access the entire Site or all of its functions. It is also possible to deactivate these cookies. In addition, the User’s Internet browser can be configured to indicate which cookies are placed on the User’s equipment and to ask the User whether or not to accept them. The configuration of each browser is different and is described in the help menu of the browser used. Users acknowledge that the settings they choose may alter the conditions of access to the Site and its sections. Users who wish to do so may consult the CNIL’s advice on monitoring and managing cookies at the following link: https://www.cnil.fr/fr/cookies-et-autres-traceurs/comment-se-proteger/maitriser-votre-navigateur.
7- MARKETING TOOLS
The marketing tools referred to in article 4 are offered by third-party companies in their capacity as subcontractors or joint data processors. Users can find out about the confidentiality policies and personal data protection measures of third-party publishers by following the link mentioned in the Cookies and Tools management banner.
8- HYPERTEXT LINKS AND EMBEDDED CONTENT
The Site may contain hypertext links to other sites or social networks managed by third parties. As the Company has no control over the latter, it cannot be held responsible for the content, information, products or services offered and any direct or indirect damage resulting from the use of these third-party sites or social networks, nor for the personal data policy adopted by these third-party sites or social networks. Users are therefore invited to refer to the measures implemented by these sites or networks.
The Site may also include integrated content (e.g. videos, images, articles, etc.). Content integrated from third-party websites behaves in the same way as if the User were visiting the third-party website. On this occasion, the third-party website may collect Data, use cookies, embed tracking tools and track interactions with this embedded content if the User has an account connected to this third-party website. The Company invites Users to consult the policies relating to personal data implemented by these third parties. Furthermore, if Users do not wish third-party sites or social networks to collect information about them when browsing the Site, they are also advised to disconnect from said sites and networks before consulting this Site.
9- SOCIAL NETWORKS
The Company may invite users to interact with it on social networks such as Facebook, Twitter, TikTok or Instagram. The use of these social networks by Users may generate exchanges of Data between the social networks in question and the Company. The Company invites Users to familiarise themselves with the management policies and charters relating to the Data of each of the social networks used in order to find out what Data is likely to be collected, processed and/or transferred.
In addition, when they are open at the same time (via an application or a connection), the social networks are likely to collect Data when the User browses the Internet and, in particular, the Site. If Users do not wish such Data, in particular browsing Data, to be collected by these social networks, they must first disconnect or close the applications of these networks before consulting the Site.
10- USE OF DATA
The Data may be used for the following purposes, without the Company being obliged to implement each of these processing operations:
– Access to and efficient use of the Site,
– Optimising the operation of the Site,
– Communication between the User and the Company in order to respond to requests for contact, brochures, requests for information, applications from the User, etc.
– Addressing the Newsletter,
– Provision of specialised content and services according to the User’s preferences and history,
– Management of rights of access, modification and deletion of Data,
– Combating fraud, viruses and malicious software.
– For the Company’s marketing operations if the User has accepted them by means of Cookies or forms sent by him/her.
11- TRANSMISSION OF DATA
The Company undertakes to ensure that the companies in the group to which it belongs, as well as the members of its staff, comply with all the commitments made under the terms of this Charter.
The User is informed that the Company transfers Data to third parties for the purposes defined in this Charter, in particular to facilitate browsing on the Site, for audience measurement purposes or for the implementation of marketing campaigns relating to the activities of the Company or the companies in the group to which it belongs.
The Company’s third-party subcontractors or those jointly responsible for processing have established and implement policies relating to the management of personal data to which the User may refer, in particular by following the hypertext links appearing in the Cookies banner which is displayed or which may be consulted on the Site.
The Company may also transmit Users’ Data to the police or judicial authorities, in the context of requisitions, in particular as part of the fight against fraud, as well as to tax and administrative authorities in order to meet its legal obligations. The Company may also communicate the Data to an authorised third party if this communication is justified by a legitimate reason (for example, combating fraud, exercising legal rights or defending these same rights, intrusion into systems, security of Users’ Data).
Apart from these cases, the Company undertakes not to sell, transfer or give access to Users’ Data to third parties without their prior consent.
12- RETENTION PERIOD
The length of time set for the permanence of Cookies and the retention of Data collected during the User’s browsing of the Site or when he/she submits a form is specified in the pop-up window or “banner” for managing Cookies and Tools.
13- SECURITY
At the time of collection, during the storage period and at the time of transmission of the User’s Data, the Company implements organisational, software, legal and technical means to ensure the confidentiality and security of said Data so as to prevent it from being damaged, deleted or accessed by unauthorised third parties. In accordance with Article 33 of the GDPR, the Company shall notify the CNIL of any personal data breach of which it becomes aware as soon as possible and, if possible, no later than 72 (seventy-two) hours after becoming aware of the breach, unless the breach in question is not likely to result in a risk to the rights and freedoms of natural persons. Where notification to the supervisory authority is not made within 72 (seventy-two) hours, it shall be accompanied by the reasons for the delay.
Irrespective of its obligations under the RGPD, the Company does not guarantee the performance of the Site, in particular due to technical configurations or network quality. More generally, the Company may not be held liable for any malfunctions or damage to the Site, nor for any loss of User data in the general sense of the term that may be generated and its consequences.
14- USER RIGHTS
The User has a right of access, information, modification, portability and deletion (under the conditions set out below) of Data.
The User also has the right to object, in particular to his/her Data being used for marketing or commercial prospecting purposes, and the right to limit the processing of his/her Data for legitimate reasons.
The User may also define directives relating to the conservation, deletion and communication of his/her Data after his/her death.
These rights may be exercised directly by making a request to the Company by post or by e-mail to the contact details given in the “Legal Notice” section of this Charter. In order to prevent fraud, all requests must be accompanied by a copy of a valid identity document, which will be destroyed once the said request has been processed. The request may be made freely. However, to make it easier for Users to exercise their rights, the Company provides them with a rights exercise form which can be accessed by clicking on this link.
15- APPLICABLE LAW
This Charter and the commitments it contains are subject to European Regulation no. 2016/679/EU of 27 April 2016 and French law.
16- CNIL
For further information or to make a complaint, the Commission Nationale de l’Informatique et des Libertés (CNIL) can be contacted at the following address:
Commission Nationale de l’Informatique et des Libertés
3 Place de Fontenoy
TSA 80715
75334 PARIS CEDEX 07
www.cnil.fr
Update date: 10/07/24