General conditions
ARTICLE 1: THE PURPOSE
The purpose of these general conditions is to define the terms of Subscription and use of MeditBe or the MeditBe application. Any subscription to a Subscription and any use implies full acceptance of these general conditions of Subscription.
ARTICLE 2: DEFINITIONS
DMMXP provides the Internet user with resources related to meditation, through a website and an application called MeditBe. Some parts of MeditBe are accessible for free and others require payment.
THE SUBSCRIBER
Person contracting the Subscription allowing connection to the MeditBe subscriber area. This person must be of legal age and have the capacity to enter into such a commitment.
THE USER
Anyone using MeditBe. To have access to the subscriber area, this person will use an identifier and a password that the Subscriber will have previously sent to them. The Subscriber can also be the User.
SUBSCRIPTION
Contract binding the subscriber and DMMXP, for the use of the learning platform. The duration of the Subscription, the price and the services offered are detailed in the details of the packages and repeated when entering the registration form.
ARTICLE 3: TERMS OF USE OF THE MEDITBE SERVICE
To use MeditBe, the User must have a compatible computer, smartphone or tablet as well as Internet access, preferably broadband. The costs relating to these elements are the sole responsibility of the User. To check the compatibility of the installation, simply perform a free meditation. If the latter runs normally, the equipment is compatible for the entirety of the training offered.
The Subscription request is registered when the Subscriber has correctly validated the proposed registration tunnel. The Subscription is active upon validation of payment.
Access to the MeditBe training space is personal. the User is solely responsible for it and undertakes not to disclose it.
ARTICLE 4: ENTRY INTO EFFECT OF THE CONTRACT AND RIGHT OF WITHDRAWAL
The Subscription takes effect upon acceptance of payment.
In accordance with article L. 221-18 of the Consumer Code, the Subscriber has a maximum period of 14 days, after their payment date, to change their mind and be reimbursed.
The Subscriber must make his request in writing to DMMXP, MeditBe service, 11 imp la Croix des Ormeaux 22100 Lanvallay, within a maximum of 14 days from the date of your payment.
The following information will be included in the withdrawal letter:
Date of purchase
Email address validating the purchase
Copy of the email validating the purchase
Amount paid
Name and surname of the person who made the purchase
Reimbursement will take place within 14 days from the date of receipt of the withdrawal letter, by credit card recredit.
Please note that the subscribed service will be terminated upon receipt of the withdrawal letter.
The right of withdrawal cannot be exercised for service supply contracts whose execution has begun, with the consumer's agreement, before the end of the withdrawal period. Any connection to the MeditBe subscriber area is considered as the beginning of the service supply contract.
ARTICLE 5: OBLIGATIONS OF THE USER
The User undertakes not to use a nickname that sounds offensive, inappropriate or discriminatory. If this would be the case, MeditBe reserves the right to block access, while informing them of this incompatibility and allowing them to use a more appropriate nickname.
The content of MeditBe as well as all software necessary for its use, are protected by the Intellectual Property Code as well as all applicable international standards, and constitute, unless otherwise indicated, the exclusive property of DMMXP.
The MeditBe subscriber area, which can also be described as the dematerialized training platform, can only be used by the User on a personal basis, within the framework of the Subscription and in compliance with the conditions hereof. , to the exclusion of any commercial or collective exploitation.
MeditBe does not grant the User any license or any right other than that of consulting the site for the aforementioned purposes. Consequently, the User is prohibited in particular:
From distributing MeditBe content by any means whatsoever;
To download it, other than in cases authorized by MeditBe and, more generally, to fix and reproduce it on any medium whatsoever, by any means whatsoever.
More generally to exploit and/or use all or part of the elements of MeditBe by any means whatsoever and in any form whatsoever for purposes other than those expressly authorized.
Any use of MeditBe's content or any of its elements contrary to these terms will entail the liability of the User in particular with regard to DMMXP and may expose them to criminal sanctions.
Furthermore, in the event of violation by the User of any of the present conditions set out herein, DMMXP will be entitled automatically and without notice to suspend access to the site and/or to terminate the Subscription of the User, and will retain for his benefit any sum paid by him.
ARTICLE 6: EXEMPTION OF LIABILITY
DMMXP strives to ensure to the best of its ability permanent access to the site as well as the accuracy and updating of the information appearing on this site which it reserves the right to correct, at at any time and without notice, the content. However, DMMXP cannot guarantee the accuracy of the information made available on this site, particularly in the event of an unexpected change in regulations that DMMXP could not have anticipated.
Consequently, DMMXP declines all responsibility:
for any interruption of MeditBe, occurrence of bugs or other event rendering the site unfit for its use;
for any inaccuracy or omission relating to the information available on the application;
and more generally for any direct or indirect damage, whatever the cause or nature resulting from the consultation and use of MeditBe.
ARTICLE 7: CASE OF FORCE MAJEURE
Neither party can be held responsible towards the other party for the non-performance or delays in the performance of an obligation of this contract which would be due to the made by the other party following the occurrence of a case of force majeure as usually recognized by French case law.
ARTICLE 8: MODIFICATIONS
These conditions of use may be subject to modifications in accordance with any possible development of MeditBe. Users are therefore invited to consult these conditions of use. Continued use of MeditBe following a possible modification of these conditions of use constitutes acceptance of them.
ARTICLE 9: CONTACT INFORMATION
Any notification and other correspondence must be sent to the following address:
DMMXP
11 imp la Croix des Ormeaux
22100 Lanvallay
By email: contact@MeditBe
By telephone: +33176350310
ARTICLE 10: APPLICABLE LAW
The User's Subscription and these general conditions will be governed by French law.
ARTICLE 11: ACCEPTANCE
You declare that you have read the clauses of this contract and you undertake to respect its terms and conditions.
ARTICLE 13: MEDIATOR
National Association of Mediators
Mr. Jacques REVOL,Mr. Lionel DROUVIN
62, Rue Tiquetonne – 75002 PARIS
ARTICLE 13: GENERAL REGULATION ON THE PROTECTION OF COLLECTED DATA (GDPR)
Without your consent, we do not sell, exchange, or make available any personally identifiable information to any other organization. We may update this policy. We will notify you of significant changes in the way we treat personal information by sending a notice to the primary email address specified in your account linked to your subscriber area or by placing a prominent notice on our site.
I. NAME AND ADDRESS OF THE CONTROLLER
The responsible person within the meaning of the General Data Protection Regulation Act and other national data protection laws, as well as any other data protection provisions, is:
DMMXP
11 imp la Croix des Ormeaux
22100 Lanvallay
Tel.: +33 1 76 35 03 10 ??
II. NAME AND ADDRESS OF THE DATA PROTECTION RESPONSIBLE
The data protection officer of the data controller is:
DMMXP
11 imp la Croix des Ormeaux
22100 Lanvallay
Tel.: +33 1 76 35 01 70
III. GENERAL INFORMATION ON DATA PROCESSING
1. SCOPE OF PERSONAL DATA PROCESSING
We generally only process the personal data of our Users to offer them the full functionality of our website or if this information is required to access our content and services. Users' personal data is generally only processed when the User provides consent. The exception to this rule applies in cases where it is not possible to obtain prior consent for practical reasons and the processing of such data without consent is permitted by law.
2. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
Article 6, paragraph 1, point a) of the General Regulation on the processing of data of persons residing in the European Union (GDPR) serves as the legal basis for the processing of personal data, when the User has authorized us to do so.
In cases where the processing of personal data is necessary for the execution of a contract that the User in question has signed, in particular in the context of a Subscription, article 6, section 1, point b) GDPR applies. This also applies to processing procedures required for the execution of pre-contractual measures.
If the processing of personal data is required to fulfill legal obligations to which our company is subject, Article 6(1)(c) GDPR applies.
In cases where the vital interests of the data subject, or those of another natural person, make processing of personal data necessary, Article 6(1)(d) of the GDPR applies.
If the processing of personal data is necessary to protect the interests of our company or of a third party and these interests are not overridden by the interests, fundamental rights and freedoms of the data subject, Article 6 (1) (f) GDPR applies as the legal basis for data processing.
3. DELETION OF DATA AND DURATION OF THEIR STORAGE
Users' personal data is deleted or anonymized within 3 years, after the purpose for which it was collected has been achieved. Data may be stored beyond this period if provisions are made to this effect by legislators. The data will also be deleted, in accordance with Article XV. Rights of the data subject.
IV. VISITOR SITE AND CREATION OF LOG FILES
1. DESCRIPTION AND SCOPE OF DATA PROCESSING
Each time MeditBe is loaded, our program automatically collects data and information from the User's computer system. The following data is collected as part of this process:
Browser type and version
Operating system
Internet service provider
IP address
Date and time of access
Website from which the User has accessed ours
The websites that the User accesses from ours
This data is stored in log files on our system.
2. LEGAL BASIS FOR DATA PROCESSING
The legal basis for the temporary storage of data and log files is Article 6, Section 1, point (f) of the GDPR.
3. PURPOSE OF PROCESSING PERSONAL DATA
The temporary storage of IP addresses on the system is necessary to make the Website available on the User's computer. The User's IP address must be stored for the duration of the session. IP addresses are stored in log files to ensure MeditBe Internet functionality. This data also helps us ensure the security of our IT systems. Data stored in this way is not used for commercial purposes. These purposes pursue a legitimate interest in data processing within the meaning of Article 6, Section 1, point (f) of the GDPR.
4. STORAGE DURATION
The data is deleted as soon as the purposes for which it was collected have been fulfilled. If data collection is necessary for MeditBe to function, the data is deleted as soon as the application is deleted. If data is stored in log files, the data will be deleted no later than 30 days after access to MeditBe. Data may be stored for a longer period. In this case, the User's IP address is deleted or distorted to ensure that the client accessing the site can no longer be identified.
5. REVOCATION AND DELETION
The collection of data for the provision of MeditBe and the storage of data in log files is essential for the operation of MeditBe. There is therefore no possibility for the User to avoid this obligation.
V. USE OF COOKIES
1. DESCRIPTION AND SCOPE OF DATA PROCESSING
When a User accesses a website or application, a cookie may be stored on the User's device. This cookie contains a string of unique characters allowing the User to be identified if they access MeditBe again.
We use cookies to make MeditBe more user-friendly. Certain elements of our require that we be able to identify the browser of the User accessing MeditBe, in particular if the User returns after leaving.
The data stored and transferred in cookies can therefore be found in the following list of cookies or modules:
MeditBe session cookies so that the User can access their subscriber area.
Google Analytics module which uses cookies to identify the User without their personal information, in order to produce statistics on the use of our websites.
Facebook to simplify User registration.
Stripe to allow you to pay securely.
Google tag manager for audience tracking and marketing purposes
User data collected in this way is pseudonymised using technical procedures where possible. This means that it is no longer possible to attribute this data to the User who accesses MeditBe.
The data is not stored with the User's other personal data.
When a User accesses MeditBe for the first time, they are informed of the use of cookies as well as a link to this data protection declaration. By checking the “Accept” box, you accept cookies as well as the personal data processing policy.
In the fourth part of this article, information is provided on how to prevent cookies from being stored in their browser settings.
2. LEGAL BASIS FOR DATA PROCESSING
The legal basis for processing personal data using technical cookies is Article 6, Section 1, point (f) of the GDPR.
The legal basis for processing personal data using cookies for analytical purposes is the consent of Users, which is found in Article 6, section 1, point a) of the GDPR.
3. PURPOSE OF PROCESSING PERSONAL DATA
The use of technical cookies is intended to facilitate navigation on the website or application. Certain functions of MeditBe cannot be provided without the use of cookies. The use of cookies is required for the following applications:
Subscription to a subscription
Access to the subscriber area
User data collected using technical cookies is not used to create User profiles.
Analytical cookies aim to improve the quality and content of MeditBe. By using analytical cookies we can learn how MeditBe is used in order to continually improve it. These purposes also constitute a legitimate interest in the processing of personal data within the meaning of Article 6, section 1, point (f) of the GDPR.
4. DURATION OF STORAGE / REVOCATION AND DELETION OPTIONS
Cookies are stored on the User's device before being transferred to our servers. Users therefore have total control over the use of cookies. By modifying the Internet browser settings, the User can deactivate or limit the transmission of cookies. Stored cookies can be deleted at any time. If cookies are disabled for MeditBe, some functions may no longer be available.
VI. CONTACT FORMS AND EMAIL CONTACT
1. DESCRIPTION AND SCOPE OF DATA PROCESSING
A contact form is available on MeditBe and can be used to contact us. If a User takes advantage of this service, the data entered in the contact form is transferred to us and stored on our system. This data includes:
First name Last
name
Email
At the time the message is sent, the following additional data is collected:
User IP address
Date and time of registration
During the contact process, the User is asked to give consent for their data to be processed. A link to this data protection declaration is also provided. Alternatively, it is possible to contact us using the email address contact@dmmxp.com. In this case, the personal data transferred when sending the e-mail is stored on our system. None of the data collected for these purposes is shared with third parties. The data is used exclusively for the purpose of processing the conversation.
2. LEGAL BASIS FOR DATA PROCESSING
The legal basis for data processing once consent has been provided is Article 6, Section 1(a) of the GDPR. The legal basis for processing data transferred when a User sends an email can be found in Article 6, section 1, point a) of the GDPR. If the email is sent for the purposes of concluding a contract, the legal basis for processing this data is also Article 6 Section 1 point b) GDPR.
3. PURPOSE OF PROCESSING PERSONAL DATA
The sole purpose of processing the personal data provided in our form is to process any communication between our company and the respective Users. If a User contacts us by email, this also constitutes a legitimate interest in data processing. Any other data processed when a User sends an email is used to prevent misuse of our contact form and to ensure the security of our IT systems.
4. STORAGE DURATION
The data is deleted as soon as the purposes for which it was collected have been fulfilled. In the case of personal data entered in the contact form, as well as all data sent to us by email, they are deleted once the conversation with the User has ended. The conversation is considered over when the situation is resolved. Any additional personal data collected when sending an e-mail is generally deleted no later than 3 months after storage.
5. REVOCATION AND DELETION OPTIONS
The User has the possibility to revoke their consent to their data being processed at any time. If the User contacts us by email, they can revoke their consent to their data being stored at any time. In this case, the conversation cannot be continued. In this case, all personal data provided during the contact procedure will be deleted.
VII. REGISTERING A USER FOR FREE CONTENT
1. DESCRIPTION AND SCOPE OF DATA PROCESSING
We offer Users the possibility to load MeditBe and access free content by entering their personal data through an online registration form before being transferred and stored on our system . This data is not shared with any third parties. The following data may be collected as part of the registration process:
First
name Last name
Email address
Chosen password
Postal code
Telephone number
User's IP address
Date and time of registration
Users are asked to provide consent for this data to be processed as part of the registration process.
2. LEGAL BASIS FOR DATA PROCESSING
The legal basis for data processing once consent has been provided is Article 6, Section 1(a) of the GDPR. If registration is required for the execution of a contract to which the User is a party or for the implementation of pre-contractual measures, an additional legal basis for the processing of this data can be found in Article 6, section 1, point b) of the GDPR.
3. PURPOSE OF PROCESSING PERSONAL DATA
Users access MeditBe for the implementation of pre-contractual measures as well as to access free content.
4. STORAGE DURATION
The data is deleted as soon as the purposes for which it was collected have been fulfilled. This data will be kept as long as the User connects to the website and up to 6 months after the date of their last connection.
5. REVOCATION AND DELETION OPTIONS
The User has the possibility to cancel his registration or modify his data at any time. If the data is required for the execution of a contract or for the implementation of pre-contractual measures, the data may only be deleted if there are no legal obligations preventing the deletion of this data.
VIII. PERFORMANCE ANALYZES OF OUR RECOVERY EMAILS
1. DESCRIPTION AND SCOPE OF DATA PROCESSING
We analyze the distribution and reception of our reminder emails in order to continually optimize their content. For example, we record the number of Users who open these emails and the links on which prospects click in order to offer them suitable offers. Emails contain a small file that is retrieved from the sending server when the message is opened. The information transmitted is:
Email address
IP address
Timestamp
None of the data processed in this context is shared with third parties. The data is used exclusively for the purpose of providing our prospects with offers tailored to their needs.
2. LEGAL BASIS FOR DATA PROCESSING
The legal basis for data processing as part of our reminder email process is Article 6, Section 1, point (a) of the GDPR.
3. PURPOSE OF PROCESSING PERSONAL DATA
We analyze the performance of reminder emails to ensure continuous improvement of our services.
4. STORAGE DURATION
The data is deleted as soon as the purposes for which it was collected have been fulfilled. The results of performance analyzes of follow-up emails are stored as long as the User is qualified as a prospect, without exceeding a period of 6 months.
5. REVOCATION AND DELETION OPTIONS
Users can unsubscribe at any time. A link is provided in each email that Users can click to unsubscribe.
IX. SUBSCRIPTION
1. DESCRIPTION AND SCOPE OF DATA PROCESSING
We offer Users the possibility of subscribing to dematerialized meditation programs, by entering their personal data and making a payment by credit card or directly via the services of the application stores .
The Subscription is carried out in two stages:
Registration
Payment
A. REGISTRATION
Registration data is entered into an online form before being transferred and stored on our system. This data is not shared with any third parties. The following data is collected as part of this process:
First name Last
name
Email address
Chosen password
Postal code
Telephone number
Chosen package
In addition, for the same purposes, we also process data that the User voluntarily provides during registration. The data will be used by us to provide the User with access to MeditBe. The data is stored in a central User account where the User can consult, modify and update it at any time. For billing purposes, we also collect and process the User's payment data after registration, for example the bank card details provided by him or any other payment and invoice data. We use qualified payment providers for billing purposes and process payment data in the case of certain payment methods for the purpose of collecting complaints. This applies in particular if legal requirements or internationally recognized financial security standards such as PCI DSS (Payment Card Industry Data Security Standard) make this necessary. At the time of registration, the following additional data is collected:
The IP address of the User
The date and time of Subscription
Country of the User
Users are asked to provide their consent for this data to be processed as part of the Subscription process.
B. PAYMENT
To validate the Subscription, it is necessary to make payment. We use the services of Stripe and application stores to carry out this operation.
2. LEGAL BASIS FOR DATA PROCESSING
The legal basis for data processing once consent has been provided is Article 6, Section 1(a) of the GDPR. If registration is required for the execution of a contract to which the User is a party or for the implementation of pre-contractual measures, an additional legal basis for the processing of this data can be found in Article 6, section 1, point b) of the GDPR.
3. PURPOSE OF PROCESSING PERSONAL DATA
Users register on MeditBe for the purposes of concluding contracts or implementing pre-contractual measures, with the aim of accessing a meditation application.
4. STORAGE DURATION
The data is deleted as soon as the purposes for which it was collected have been fulfilled. This applies to data collected during the registration process in order to conclude a contract or to implement pre-contractual measures, if the data is no longer necessary for the execution of the contract. Even once the contract has been concluded, it may be necessary to store the personal data of the subscribed User, in order to comply with contractual or legal obligations. The data will be deleted 3 years after the end of the contract, unless legal provisions (e.g. tax law) provide for longer storage.
5. REVOCATION AND DELETION OPTIONS
The User has the possibility to cancel his registration at any time. He also has the possibility of modifying the data he has provided. If this data is required for the execution of a contract or for the implementation of pre-contractual measures, it may only be deleted if there are no legal obligations preventing its deletion.
X. Internet analysis using Google Analytics, Google Analytics remarketing, Google AdWords and Google conversion monitoring
1. Personal data processing
A. Google Analytics
Meditbe use Google Analytics with Google Tag Manager , a web analytics tool provided by Google Inc. Google Analytics uses cookies, which are text files stored on the User's device, to help the website analyze MeditBe usage.
The information generated by the cookie and concerning the behavior of the User when accessing the website (including their IP address) will be transmitted and stored by Google on servers in the United States. If IP anonymization is activated, Google will truncate / anonymize the last octet of the IP address for member states of the European Union as well as other parties to the Agreement on the European Economic Area before transferring data . Only in exceptional cases is the full IP address sent to Google servers in the USA and then shortened.
On behalf of the provider of MeditBe, Google will use this information to analyze the User's behavior while browsing MeditBe, compile reports on MeditBe activity and provide other services related to this activity and use. from MeditBe. Google will not link the User's IP address to other data stored by Google. The User can deactivate cookies by selecting the appropriate settings in their browser. However, it should be noted that if the User performs this operation, he or she may not be able to use all of MeditBe's features. Furthermore, the User can object to the transfer of data collected with cookies when using MeditBe (including the IP address) to Google and prevent Google from processing the data by downloading and installing a plug-in provided by Google.
Google Analytics cookies are stored on the basis of Article 6, Section 1, point a) GDPR. Storage is unlimited in time, unless you use your unsubscribe options. In exceptional cases, Google Analytics transfers personal data to the United States, which is subject to the EU-US-Privacy-Shield protocol. (Legal basis for the use of Google Analytics is Article 6, section 1, point f) GDPR)
Information about Google:
Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. Terms of use . Presentation of confidentiality rules. Privacy Policy Statement.
B. GOOGLE ANALYTICS REMARKETING
MeditBe uses the remarketing features of Google Analytics combined with the cross-device features of Google AdWords and DoubleClick. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States. This functionality makes it possible to link the target audiences of promotional marketing, created with Google Analytics Remarketing, to the multi-terminal functionalities of Google AdWords and Google DoubleClick. This allows advertising to be displayed based on Users' interests, identified based on their past usage and browsing behavior on one device (e.g. their mobile phone) or on other devices (such as a tablet or a computer).
Once the User has given their consent, Google will associate their browsing history on the applications with their Google account. This way, any device that logs into their Google account can use the same personalized promotional messaging. To support this functionality, Google Analytics collects Google-authenticated identifiers of Users temporarily linked to MeditBe publisher's Google Analytics data, in order to define and create audiences for cross-device advertising promotion. The User may permanently unsubscribe from cross-device remarketing/targeting by deactivating personalized advertising in their Google account.
The aggregation of the data collected in the User's Google account data is based solely on the User's consent, which the latter may give or withdraw from Google in accordance with Article 6, section 1, point a) of the GDPR.
For data collection operations not merged into the User's Google account (for example, because they do not have a Google account or have objected to the merger), the data collection is based on Article 6, section 1, point f) GDPR.
The publisher of MeditBe has a legitimate interest in analyzing the behavior of anonymous Users for promotional purposes.
C. GOOGLE ADWORDS AND GOOGLE CONVERSION-TRACKING
We use Google AdWords, which is an online advertising program of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google”). In the context of Google AdWords, we use conversion tracking.
When the User clicks on an ad placed by Google, a cookie is set for conversion tracking. This cookie loses its validity after 30 days and is not used to identify the User. If the User visits certain MeditBe pages and the cookie has not yet expired, Google can recognize that the User has clicked on the ad and has been redirected to this page.
Each Google AdWords customer gets a different cookie. These cookies cannot be tracked across AdWords customer websites. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have chosen conversion tracking. Customers see the total number of Users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, the publisher will not receive any information enabling Users to be identified. If the User does not wish to participate in tracking, he or she can unsubscribe by deactivating the Google conversion tracking cookie. Users are then not included in the conversion tracking statistics. Conversion cookies are stored on the basis of Art. 6 par. 1 bed. f DSGVO.
We have a legitimate interest in analyzing User behavior in order to optimize both MeditBe and our advertising. The User can configure his browser so that he is informed of the configuration of cookies or that his browser only allows cookies in certain cases. The User can exclude the acceptance of cookies in certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are disabled, MeditBe functionality may be reduced. For more information about Google AdWords and Google conversion tracking, see Google's privacy policy.
XI. REGISTRATION VIA GOOGLE
The User can register for MeditBe with their Google account. He is sent to MeditBe by Google (Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA), where he can log in with his Google login credentials.
1. SCOPE OF PERSONAL DATA PROCESSING
When the User logs in using their Google account, their Google profile will be linked to our service. Please note that we have no influence on the processing of data by Google. The User may need to sign out of their Google account after the transfer process. We receive and process the following information from Google:
Name
First name
Email address
This information is mandatory for the User to identify themselves on MeditBe. For more information about Google, see Google's privacy policy and terms of service.
2. LEGAL BASIS FOR PROCESSING PERSONAL DATA
The legal basis for processing personal data as part of the subscription or registration process is Article 6, Section 1, point (f) of the GDPR.
3. PURPOSE OF PROCESSING PERSONAL DATA
Login via Google is used to make the User's connection to our service as convenient as possible.
4. STORAGE DURATION
The data provided to us by Google is deleted as soon as the purposes for which it was collected have been fulfilled. The data collected is intended for the provision of our service, the data is deleted as soon as the corresponding session is ended. If data is stored in log files, the data will be deleted no later than 3 months after access to the website. Data may be stored for a longer period. In this case, the User's IP address is deleted or distorted to ensure that the client accessing the site can no longer be identified.
5. REVOCATION AND DELETION
Users have the possibility to cancel the registration at any time. They will be able to modify or delete the data stored about them at any time.
XII. PAYMENT VIA STRIPE
We use the services of Stripe to obtain payment for our services through an API that the latter has made available to us.
1. SCOPE OF PROCESSING PERSONAL DATA
When the User makes a payment, in particular for subscribing to a Subscription to MeditBE, he transmits the following information to Stripe via an API:
The name of the bank card holder
The bank card number
The expiration date of the bank card
The CVC code of the bank card
The email of the bank card holder
2. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
If registration is required for the execution of a contract to which the User is a party or for the implementation of pre-contractual measures, the legal basis for the processing of this data can be found in Article 6, section 1 of the GDPR.
3. PURPOSE OF PROCESSING PERSONAL DATA
Stripe's activity which consists of processing data that we transmit to it, for the purpose of carrying out a financial transaction between us and the User through Stripe. Stripe validates the transaction and remits the funds according to a schedule established by it, to our company.
4. STORAGE DURATION
The data we send to Stripe is not stored on our servers. They are used by Stripe under the following conditions.
XIII. RIGHTS OF THE PERSON CONCERNED
The following list includes all data subject rights under the GDPR. All rights declared apply to MeditBe. If Users' personal data is processed, they are considered a "data subject" within the meaning of the GDPR and enjoy the following rights.
1. RIGHT TO INFORMATION
The User may ask the data controller to confirm whether personal data concerning him or her are processed by us. If this is the case, the User may request the following information from the data controller:
the purposes for which the personal data are processed;
the categories of personal data processed;
the recipient or categories of recipients to whom the respective personal data has been shared or continues to be shared;
the planned storage period of the respective personal data or, if no specific information is available, the criteria for determining the storage period you have the right to rectify or erase the respective personal data, the right to restrict the processing carried out by the data controller or the right to object to the processing;
whether he has the right to appeal to a supervisory authority;
all available information regarding the origin of the data, if the personal data was not collected from the data subject;
whether an automated individual decision-making process, including profiling, exists in accordance with Article 22, Sections 1 and 4 of the GDPR and, if so, what authoritative information is available on the logic involved, as well as the scope and effects expected type of processing on the data subject.
The User has the right to request information regarding the sharing of his or her personal data with another country or state or with an international organization. In this regard, he may request information on appropriate guarantees in accordance with Article 46 of the GDPR with regard to the transfer of data.
2. RIGHT OF RECTIFICATION
The User has the right to obtain from the controller rectifications and/or completion of his data, if the data processed concerning him is inaccurate or incomplete. The data controller must make the correction without undue delay.
3. RIGHT TO RESTRICTION OF PROCESSING
In the following circumstances, the User may request restriction of the processing of their personal data:
if he disputes the accuracy of his personal data for a certain period of time, which allows the data controller to verify the accuracy of his personal information;
if the processing is illegal and the User refuses the erasure of personal data in favor of restricted use of their personal data;
the data controller no longer needs the personal data for processing purposes, but the User needs them for the establishment, exercise or defense of legal claims;
the User is opposed to the processing, under article 21, section 1 of the GDPR, pending verification whether the legitimate grounds of the controller take precedence over their own.
If the processing of the User's data is restricted, this data - with the exception of storage - will only be processed with his consent or for the establishment, exercise of the defense of legal claims or the protection of rights of another natural person or for reasons of important public interest of the Union or of a Member State.
If the User has obtained a restriction of processing in accordance with the aforementioned provisions, he will be informed of this by the controller before the restriction of processing is lifted.
4. RIGHT TO DELETE
A. OBLIGATION TO DELETE
The User may request from the data controller that their personal data be deleted without delay. The data controller is obliged to delete the data without delay if one of the following applies:
the personal data are no longer necessary in relation to the purposes for which they were collected or processed;
the data subject withdraws consent to which the processing is based on point (a) of Article 6, Section 1, or Article 9, Section 2 of the GDPR, and where there is no other legal ground for the treatment ;
the data subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no legitimate grounds for the processing or the data subject objects to the processing pursuant to the GDPR. Article 21, section 2 of the GDPR;
the personal data has been processed illegally;
the personal data must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
the personal data were collected in the context of the provision of information society services referred to in Article 8(1).
B.INFORMATION FOR THIRD PARTIES
Where the controller has made personal data public and is obliged pursuant to Article 17(1) of the GDPR to erase such personal data, the controller shall take into account available technologies and implementation costs. implemented, to inform those responsible who process the personal data that the data subject has requested erasure by them of any links, copies or replications of these personal data.
C. EXCEPTIONS
The right to erasure does not apply to the extent that processing is necessary:
to exercise the right to freedom of expression and information;
for compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or the exercise of the public authority of the controller;
for reasons of public interest in the field of public health, in accordance with Article 9, Section 2, points (h) and (i), and Article 9, Section 3 of the GDPR.
for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes in accordance with Article 89(1) of the GDPR, insofar as the right referred to in paragraph 1 risks render impossible the purposes of this processing, or for the creation, exercise or defense of legal claims.
5. RIGHT OF NOTIFICATION
If the User has the right of notification, erasure or restriction of processing, the data controller is required to communicate this rectification, erasure or restriction to all recipients to whom the personal data have been disclosed, unless this proves impossible or involves a disproportionate effort. The User has the right to be informed by the data controller of these recipients.
6. RIGHT TO DATA PORTABILITY
The User has the right to receive all personal data that he or she has provided to the data controller, in a structured, commonly used and machine-readable format. The User also has the right to transmit this data to another data controller, without any hindrance from the controller to whom he has provided his data, if:
the processing is based on consent pursuant to article 6, Section 1(a) GDPR or Article 9 Section 2(a) GDPR or on a contract pursuant to Article 6 Section 1(b) GDPR;
and the processing is carried out by automated means.
By exercising this right, the User also has the right to transmit personal data directly from one controller to another, where technically possible. This must not harm the rights and freedoms of others. The right to portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or for the exercise of the official authority of the controller.
7. RIGHT TO OBJECT
The User has the right to object at any time, for reasons related to his particular situation, to the processing of his personal data on the basis of article 6, section 1, point e) or f) GDPR, including profiling based on these provisions. The data controller will no longer process the personal data unless they demonstrate compelling legitimate reasons for processing which override the User's interests, rights and freedoms, or for the establishment, exercise or defense of legal claims.
If the User's personal data is processed for direct marketing purposes, he or she has the right to object at any time to the processing of his or her personal data for such marketing, including profiling to the extent it is related to this direct marketing. If the User objects to the processing for direct marketing purposes, their personal data will no longer be processed for these purposes. In the context of the use of information society services and notwithstanding Directive 2002/58 / EC, he has the possibility of exercising his right to object by automated means using technical specifications.
8. RIGHT TO REVOK THE DATA PROTECTION CONSENT DECLARATION
The User has the right to revoke his or her data protection consent declaration at any time. The revocation of consent does not affect the lawfulness of any processing carried out on the basis of consent prior to the revocation. If your consent is revoked, we are no longer able to make our services available to you for technical reasons.
9. AUTOMATED INDIVIDUAL DECISION-MAKING, INCLUDING PROFILING
The User has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects that concern or affect him or her just as importantly. This does not apply if the decision:
is necessary to enter into or perform a contract between him and the data controller;
is authorized by Union or Member State law to which the controller is subject and which also provides for appropriate measures to protect the User's own rights and freedoms as well as his legitimate interests
or is based on his explicit consent
These decisions must not be based on special categories of personal data referred to in Article 9, Section 1 of the GDPR, unless Article 9, paragraph 2, point (a) or (g) of the GDPR applies and appropriate measures to protect the User's rights, freedoms and legitimate interests. In the cases referred to in points (1) and (3), the data controller will implement appropriate measures to protect the User's rights, freedoms and legitimate interests, at least the right to obtain human intervention on the part of the data controller.
10. RIGHT TO MAKE A COMPLAINT TO A SUPERVISORY AUTHORITY
Without prejudice to any other administrative or judicial remedy, the User has the right to file a complaint with a supervisory authority, in particular in the Member State where he resides, at his place of work or presumed place of violation if his personal data violates the provisions of the GDPR. The supervisory authority to which the complaint was submitted must inform the complainant of the status and results of the complaint, including the possibility of legal recourse in accordance with Article 78 of the GDPR.
Updated February 20, 2024