Personal Data Protection Policy and Cookies (GDPR)

ARTICLE 1: Definition  :

  • The “site” refers to the infrastructure developed by URIOS in accordance with the computer formats usable on the Internet, including data of various kinds, in particular text, sound, still or animated images, videos and databases, intended to be consulted and accessible at the address https://www.urios.com ;
  • Internet” refers to different networks of servers located in various places throughout the world, linked together by means of communication networks, and communicating using a specific protocol known as TCP/IP;
  • Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); an “identifiable natural person” is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity;
  • The “Controller” is the entity that collects and processes personal information (personal data);
  • The “Processor” is the natural or legal person, public authority, department or other body that processes personal data on behalf of the controller;
  • Recipients” means the natural or legal person, public authority, department or other body which receives personal data, whether or not it is a third party. However, public authorities which may receive personal data in the context of a particular enquiry in accordance with Union law or the law of a Member State shall not be regarded as recipients; the processing of such data by the public authorities in question shall be in accordance with the applicable data protection rules depending on the purposes of the processing;
  • Authorised third party” means a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and those persons who, under the direct authority of the controller or the processor, are authorised to process the personal data;
  • Data subject” means the natural person to whom the data undergoing processing relate;
  • Processing of personal data” means any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

 

ARTICLE 2: Scope of application

The purpose of this personal data protection policy (hereinafter the “Policy”) is to inform Data Subjects of how their personal data is collected and processed by URIOS.

 

ARTICLE 3: Identity of the data controller

Personal data are collected by :

  • SAS URIOS, with a capital of 3,000,000 euros registered in the Paris Trade and Companies Register under number 398 686 980 – NAF 8291Z – VAT: FR27398686980.

Represented by Mr. Desiderio SOARES MONTEIRO, as President.

 

ARTICLE 4: Processing of personal data

a) Purposes

In the context of the operation of the www.urios.com website, URIOS collects data about you in accordance with the purposes set out at the time of collection, namely :

  • Management of the Debtor area
  • Management of the Client area
  • Management of contact requests
  • Management of software demonstration requests
  • Management of study orders
  • Management of applications
  • Cookie management
  • Pop-up management
  • Event registration management
  • Management of customer complaints

As part of the implementation of the services, URIOS collects data about you in accordance with the purposes set out at the time of collection, namely :

  • Management of prospecting operations
  • Management of the customer file and customer relations
  • Management of orders
  • Management of complaints
  • Management of debt collection and preventive reminders
  • Management of accounting
  • Management of service delivery (strategic intelligence studies, Sapin 2 compliance studies, solvency studies, guarantee studies, amicable and judicial collection operations, and civil studies)

b) Data processed

When collecting Data, the User will be informed whether certain Data must be filled in or whether they are optional.

In particular, URIOS may need to collect the following data:

  • Identity: surname, first names, e-mail address, landline telephone number, mobile telephone number
  • Professional data: company name, position, department, CV, cover letter
  • Contact data: messages sent to the site via the contact forms, correspondence, including complaints, which may be sent to us.

Data may be collected in several ways: prior to the conclusion of a service contract (signatory, users and contact points), via the website, via telephone exchanges, via databases, via commercial prospecting operations or via social networks.

In the context of the online payment of claims, users’ bank details are not collected by the companies of the URIOS Group and are not processed by them. This data is exclusively and directly processed in a secure manner by the Crédit Lyonnais online payment service.

In the context of the “Online Order” of Solvency Studies, no banking data is collected or processed by URIOS. These are processed by the payment management service provider “Paybox by Verifone”, and secured via 3-D Secure.

Information relating to legal proceedings may be collected and processed by companies in the URIOS group. The purpose of this collection is the proper conduct of the main activity of the companies of the URIOS group, debt collection. Only the data necessary for this purpose are collected and processed.

c) Data encryption

The processed data is stored in encrypted form on URIOS servers and access to it is strictly controlled and restricted to those who need to access it.

d) Recipients of the Data collected

URIOS undertakes to take all useful precautions, organisational and technical measures appropriate to preserve the security, integrity and confidentiality of the Data and, in particular, to prevent it from being distorted, damaged or accessed by unauthorised third parties.

The data collected within the framework of the website and in the context of the provision of services are only accessible by the authorised URIOS services.

e) Data transferred to public authorities and/or public organisations

In accordance with the regulations in force, the Data may be transmitted to the competent authorities upon request and in particular to public organisations, exclusively in order to meet legal obligations, court officers, ministerial officers and organisations responsible for debt collection.

f) Data retention periods

Data relating to applications will not be kept for more than two years from the date of receipt of the application.

Invoicing data will be kept for 10 years from the date of the invoice (in accordance with Article L123-22 of the French Commercial Code).

After the end of the contractual relationship, customer data will be kept for 5 years. The end of the contractual relationship may be determined, for example, by the date of payment for a service or the end of the service contract.

At the end of the 5 year period, customer data may be retained for 3 years for marketing purposes.

Data relating to a non-customer prospect may be kept for 3 years from the date of collection or from the date of the last contact from that person.

Data relating to persons contacted in the context of the provision of services is not kept for more than 3 years from the last contact.

ARTICLE 5: Rights of the Persons concerned

As a reminder, Data Subjects have the right of access, the right of rectification, the right to erasure (right to be forgotten), the right to object, the right to limit processing and the right to portability. You may also define directives concerning the conservation, deletion and communication of your personal data after your death. These rights can be exercised, in accordance with the amended law n°78-17 of 6 January 1978, and the General Data Protection Regulation:

  • by simple request by e-mail to the following address: rgpd@urios.com
  • by letter to the following address: URIOS – 91, Avenue Paul Doumer – CS 41774 – 75783 PARIS Cedex 16

When processing your request, you may be asked to provide proof of identity.

URIOS undertakes to ensure that the data collected is kept in a form that allows the identification of the Persons concerned for a period that does not exceed the period necessary for the purposes for which they are collected and processed.

Subject to a breach of the provisions below, the User has the right to lodge a complaint with the CNIL (https://www.cnil.fr/).

ARTICLE 6: Transfer of personal data

The personal data collected on the site are exclusively reserved for URIOS.

URIOS is the sole recipient of this data. No transfers are made outside the European Union. However, URIOS reserves the right to transmit your personal data in order to comply with its legal obligations, and in particular if it is obliged to do so by judicial requisition.

ARTICLE 7: Commercial prospecting

The companies of the URIOS group may be led to carry out commercial prospecting with third party companies.

In this context, any person contacted in the context of commercial prospecting is informed that he or she may at any time request the deletion of data concerning him or her, by clicking on the link present in each prospecting email, or by contacting the person referred to in article 5 of the present policy.

The information collected for marketing purposes includes surname, first name, company, job title, business email address and business telephone number.

This information is stored securely by URIOS, and is not resold. It can only be accessed by members of the Marketing and Digital department in the context of their activity. The processing of this information is subject to the conditions set out in this Policy.

ARTICLE 8: Security

In accordance with Article 32 of the General Data Protection Regulation, URIOS implements all the technical and organisational measures necessary to guarantee the security and confidentiality of the personal data collected and processed, and in particular to prevent them from being distorted, damaged or communicated to unauthorised third parties, by ensuring a level of security adapted to the risks associated with the processing and the nature of the data to be protected, having regard to the level of technology and the cost of implementation.

In the event of unauthorised access to any system hosting the sensitive personal data of its users, the companies of the URIOS group undertake to make their best efforts to warn the users and the CNIL as soon as possible.

The companies of the URIOS group attach particular importance to the protection of the personal data of its users and partners, and invite you to adequately protect your personal data, by developing good practices, in particular in the choice of passwords (for more information, please refer to the guide: https://www.ssi.gouv.fr/guide/mot-de-passe).

 

ARTICLE 9: Cookies

A cookie (hereinafter the “Cookie(s)”) is a text file that may be stored in a terminal, such as your hard disk, when you consult a Service with a browser. During its period of validity, a Cookie enables its sender to recognise the terminal concerned each time this terminal accesses digital content containing Cookies from the same sender.

The User is informed that, when connecting to the Site or the Applications and when using the Services, Cookies are installed on the User’s receiving terminal (computer, tablet, smartphone, etc.), or on the User’s browser, subject to the User’s expressed choice concerning Cookies for the proper functioning of the Services; this choice may be modified at any time.

Several types of cookies are likely to be used by the site:

  • Cookies that are strictly necessary for browsing the site and to ensure its proper functioning;
  • Cookies that allow us to establish traffic statistics;

a) Cookies for navigation on the Site

Browsing Cookies allow us to improve the performance of the Services in order to provide the User with a better use of the Site. These Cookies do not require the User’s prior information and consent to be deposited on the User’s terminal.

More specifically, these browsing cookies allow us to :

  • To adapt the presentation of the Site to the display preferences of the terminal (language used, display resolution, operating system used, etc.) during Users’ visits to the Site, according to the hardware and the display or reading software that the terminal has;
  • To memorise information relating to the form that the User has filled in on the Site or to information that the User has chosen on the Site;
  • To implement security measures, for example when the User is asked to connect again to a content or a Service after a certain period of time has elapsed.

b) Cookies for audience measurement

The audience measurement cookies help to establish statistics and volumes of visits and use of the various elements making up the Site (sections and content visited, browsing), enabling the Publisher to improve the interest and ergonomics of the Services.

In the context of navigation on the site, the information collected (via the “Google Analytics” cookie) includes the anonymised IP address and navigation information.

The anonymised browsing information is intended for the marketing and sales departments of the URIOS Group companies, based in the European Union.

c) Google Analytics and Privacy

This website uses a web analysis service provided by Google Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is transferred to a Google server in the USA and stored there. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such data is processed by third parties on Google’s behalf. Your IP address will not be linked to any other data held by Google. You may refuse the use of cookies by changing the settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can disable the collection and storage of data by Google Analytics at any time by downloading a Browser-Add-on to disable Google Analytics and installing it for your browser. You can find the Add-on for deactivation at [http://tools.google.com/dlpage/gaoptout?hl=fr].

Refuse cookies

The User may configure his or her browsing software so that Cookies are recorded in the terminal or, on the contrary, that they are rejected, either systematically or according to their sender. The User may also configure his browser software so that he is offered the option of accepting or rejecting Cookies from time to time, before a Cookie is likely to be recorded in his terminal.

For the management of Cookies and the User’s choices, the configuration of each browser is different. It is described in the browser’s help menu, which will allow the User to know how to modify his wishes regarding Cookies:

  • For Internet Explorer™
  • For Safari™
  • For Chrome™
  • For Firefox™
  • For Opera™

At any time, the User may choose to express and modify his or her wishes with regard to cookies.

The length of time that cookies are stored varies depending on the type of cookie. We mainly use cookies that are self-destructing after the end of the connection. These are known as session or navigation cookies. A log file also allows us to record all accesses to our web pages or the downloading of various files available on our sites, for a period of 6 months. Finally, the information concerning your consent to cookies is kept for a maximum of 14 months. Cookies are used for internal purposes and are not accessible to third parties.