When you use our site, information related to the navigation of your terminal (computer, tablet, smartphone, etc…), may be recorded in “cookies” files deposited on your terminal. You have the possibility to express your choices concerning these cookies, and to modify them at any time.

What is a cookie?

The term “cookie” refers to multiple technologies (cookies, tag, pixel, Javascript code, etc.) that allow tracking of navigation or behavioral analysis of a site visitor. These technologies are constantly evolving.   A cookie is a small text file recorded by the browser of your computer, tablet or smartphone and which makes it possible to store user data in order to facilitate navigation and allow certain functionalities.   2 types of cookies exist on our site:

• first party cookies, deposited by ALLOPASS for the purposes of navigation and operation of our site,,
• third party cookies deposited by third party partner companies in order to identify your centers of interest and to send you personalized offers. These third party cookies are directly managed by the companies that publish them and that must also respect the regulations on data protection.

What is the function of cookies, tags and tracers on our site?

ALLOPASS issues different types of cookies whose use is described below.

Functional cookies   These cookies are essential to the navigation on our site, and allow in particular:

• to memorize information collected via a form completed by you (creation or access to your account, subscribed service, etc.),
• to allow you to access reserved and personal areas of our site, such as your account, using identifiers,
• implement security measures, such as requiring you to log back into your account after a period of time.

Analytic and audience measurement cookies

These cookies allow us to establish statistics and to follow the volumes of frequentation and use of our services, in order to improve them and your experience as a user of our site. To do this, we use audience measurement cookies and in particular Google Analytics.

Personalize ads according to your interests We are committed to presenting you with offers and advertisements that are most relevant to you, which we do through advertising cookies that allow us to display to you, in real time, the content that is most relevant to your interests as deduced from your recent navigation.

Personalization of user experience

These customization cookies allow us to:

• to adapt the presentation of our site according to the terminal used,
• to adapt the presentation of our site according to the affinities of each user. ALLOPASS uses in particular an A/B testing solution using cookies to personalize the contents and to propose variants. These cookies are not essential but they allow you to navigate smoothly on our site, whatever the terminal used.

Most of these cookies expire when you terminate your visit to our site. Others have a longer lifespan, but this never exceeds thirteen (13) months, in accordance with the regulations in force.   For your complete information, you will find here the exhaustive list of cookies that may be deposited on your terminal.

Accept or decline cookies

Several possibilities are offered to you to manage the cookies. Any settings you may make (acceptance or refusal of cookies) may modify your browsing on our site and your conditions of access to certain services requiring the use of these cookies.   If you choose to refuse the recording of cookies in your terminal or if you delete those which are recorded there, we decline any responsibility for the consequences related to the degraded operation of our services resulting from the impossibility for us to record or consult the cookies necessary for their operation.   You can choose at any time to express and modify your wishes regarding cookies, by the means described below.

Setting up your internet browser

You can choose to deactivate these cookies at any time. Your browser can also be set to alert you to cookies that are being placed on your device and to ask you to accept or decline them. You can accept or refuse cookies on a case-by-case basis or systematically refuse them once and for all.   We remind you that the setting is likely to change your conditions of access to our services requiring the use of cookies.   In order to manage cookies in a way that best suits your needs, we invite you to set your browser’s parameters taking into account the purpose of cookies as mentioned above.   For the management of cookies and your choices, the configuration of each browser is different. It is described in the help menu of your browser, which will allow you to know how to modify your choices.

Chrome http://support.google.com/chrome/bin/answer.py?hl=fr&hlrm=en&answer=95647

• From the Chrome menu, select “Settings”.
• Display the advanced settings
• Go to the “Confidentiality” section
• Click on “Content Settings”.
• In the “cookies” section (first section), click on “cookies and site data”
• Find the cookies you want to delete and click “OK”. You can also choose to delete all your cookies.

Firefox http://support.mozilla.org/fr/kb/Activer%20et%20d%C3%A9sactiver%20les%20cookies

• In the Firefox menu, go to “Tools” and then to “Options”
• On the “Privacy” tab, click on “Show Cookies”
• Find the cookies you want to delete and click on “Delete Cookies”.

Internet Explorer http://windows.microsoft.com/fr-FR/windows-vista/Block-or-allow-cookies Internet Explorer does not allow differentiated cookie management. To delete all your cookies :

• Click on “Tools” and then on “Internet Options”.
• In the “General” tab, under “Browsing History”, click on “Delete”.
• Check the “cookies” box and click on “Delete”.

Safari http://docs.info.apple.com/article.html?path=Safari/3.0/fr/9277.html

• In the Safari menu, select “Preferences”
• In the window that opened, go to the “Security” tab
• Click on “Show Cookies”
• In the window that opens, find and select the cookies you want to delete, and click on “Delete”.

Private Navigation

The “Private Navigation”, offered today by all browsers, allows you to browse “anonymously”, i.e. without your history of visited pages and downloads being kept. Regarding cookies, all those that have been saved during your navigation will be deleted when you close your browser. It is therefore not a solution that allows you to refuse cookies; however, their life span is limited to the duration of your navigation.

Disabling third-party cookies  

Disabling third-party cookies allows you to accept only those cookies set by ALLOPASS. You can also block third-party cookies in general by following the procedure below, depending on your browser:

Chrome

• In the Chrome menu, select “Settings”
• View advanced settings
• Go to the “Confidentiality” section
• Click on “Content Settings”
• In the “cookies” paragraph (first paragraph), check the “Block cookies and third-party data” box
• Save the changes by clicking on “OK”.

Firefox

• In the Firefox menu, go to “Tools” and then to “Options”
• On the “Privacy” tab, check the “Accept Cookies” box
• For the “Accept third-party cookies” setting, select “Never”.
• Save the changes by clicking on “OK”.

Internet Explorer

• In the Internet Explorer menu, go to “Internet Options”.
• In the “Privacy” tab, click on the “Advanced” button
• Accept internal cookies, reject third party cookies
• Save the changes by clicking on “OK”.

Safari

• In the Safari menu, select “Preferences”
• In the window that opened, go to the “Security” tab
• Choose “Accept cookies”, select “Only from sites I visit”.

More information on cookies, tags and tracers on the site of the CNIL: http://www.cnil.fr/vos-droits/vos-traces/les-cookies/

ALLOPASS (hereinafter “we”) is concerned about the protection of your personal data. We are committed to ensuring the highest level of protection for your data in accordance with the French Data Protection Act of January 6, 1978 and Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data, General Data Protection Regulation (GDPR). By browsing our site, you declare that you accept our Personal Data Protection Policy.   This Policy, coupled with our General Terms of Sale, formalizes the contractual relationship between the ALLOPASS platform and its users.   The term “Personal Data” refers hereafter to any information relating to an identified or identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier. Thus, the data we collect may include your strictly personal data, in that it identifies you as a particular person. Conversely, some data does not allow us to identify you directly, such as your browsing data (type of browser, terminal and operating system, the path followed on the site, etc.) but is still considered Personal Data because it is attached to and/or attachable to the former.   The purpose of this Personal Data Protection Policy is to introduce you to the following terms:

• Who collects your data?
• What data is involved?
• What are the rules associated with the collection and retention of data?
• Who has access to your data?
• For what purposes is your personal data collected?
• What are your rights?
• How to exercise your Specific Rights?
• How is your data secured?
• Contacts and complaints

If you do not agree with our terms, you can choose to stop browsing our site, change your choices by clicking here, or exercise your deletion rights.   We invite the users of the platform to regularly refer to our Policy, which will be brought to evolve to adapt to the legislative and regulatory changes of the RGPD as well as the Data Protection Act.   For any information on the protection of personal data, you can also consult the website of the Commission Nationale de l’Informatique et des Libertés www.cnil.fr.

• Who collects your data ?

The company ALLOPASS, whose head office is located at 244, route de Seysses – 31100 Toulouse, registered at the R.C.S. of Toulouse under the number 824 638 209, provides a platform accessible from the website it operates.   Within the framework of the provision of its services in relation to the platform, ALLOPASS is led to collect and process Personal Data concerning the users, in order to enable it to manage the contractual relationship.   In this context, ALLOPASS is led to set up a data processing, in compliance with the RGPD, whose purposes are the management of customers (including the management of contractual relations, invoices, accounting, monitoring of the contractual relationship), and more generally the management of operations allowing it to communicate with users, or the provision of features necessary for navigation on our site.

• What data is involved ?

The data collected on the ALLOPASS platform. This data is divided into two main categories: The data directly filled in by you, when you create your account or when you interact with our customer service, or when you modify your profile.   The data that we collect automatically because of your actions on the site:

Some personal data (i.e. title, surname, first name, billing address, email address, password, date of birth, telephone number and, for payment purposes, your bank details), must be collected in order for you to benefit from our services.   If this information is not completed, you cannot use the ALLOPASS platform.

Banking data   For the purposes of the services, bank details are collected and stored by our payment service provider: HIPAY.   This norm is an international security standard whose objectives are to ensure the confidentiality and integrity of cardholder data, and thus to secure the protection of card and transaction data.

« Plug-ins » and social modules  Our site uses “plug-ins” or social modules. They allow you to share information from our site and applications on social networks. When you visit a page of our site containing social plug-ins or modules, a connection is established with the servers of the social networks which are then informed that you have accessed the corresponding page of the site consulted, even if you do not have a user account on the said social network(s), and even if you are not connected to your user account. For example: if you are connected to a social network while browsing the www.allopass.com website, the social networks to which you are connected may make mention of your visit in your social network account. If you use the plug-ins (e.g. “like”), your actions may be recorded and published on your social network accounts depending on the settings of your social network account. If you do not want the social networks to publish your actions from the plug-ins in your social network accounts, you must log out of your social networks before visiting our site.

• What are the associated rules for data collection and retention ?

Date of collection We collect the information you provide when:

• create your customer account.
• you subscribe to a service(s) on our site.
• you browse our site and consult services.
• you contact our Customer Service.

Time of data retention  

Your Personal Data concerning your account, as well as those concerning your navigation and/or your behavior on the site are kept for a period of five (5) years from your last activity on the site or on a ALLOPASS electronic communication medium. At the end of this period, your account is considered as “inactive” and will be automatically deactivated. It will thus be up to you to create a new one for any new use of the site.   On the other hand, the statistics of audience measurement and your raw data of frequentation of the site are not kept more than thirteen (13) months.   However, at the end of the above-mentioned periods, including as necessary from the date of your request for deletion, your personal data may be subject to intermediate archiving in order to meet our legal, accounting and tax obligations (such as the obligation to keep invoices for a period of ten (10) years as set out in Article L.123-22 of the French Commercial Code) and/or at least during the applicable limitation period (such as the common law limitation period of five (5) years set out in Article 2224 of the French Civil Code).

• Who has access to your data ?

The data collected on the site www.allopass.com are exclusively intended for the ALLOPASS company. In no case ALLOPASS will transmit your personal data to third parties for other purposes such as commercial and/or promotional without your consent.   The personal data can be transmitted to the companies – subcontractors/suppliers – which ALLOPASS calls upon within the framework of the execution of the services, in particular management, execution, treatment and payment.

Customer support

We provide our customers with telephone assistance.   In order to improve our services, conversations may be recorded to measure customer satisfaction and to ensure the quality of the assistance provided by our technicians.

Marketing

  We use service providers to help us communicate outside our site

Transfer and hosting of your data

The servers containing the data collected by ALLOPASS are hosted in Europe.   You are informed that data concerning you can be transmitted by ALLOPASS for the needs of the purposes defined in the present conditions to companies located in countries outside the European Union. Prior to the transfer outside the European Union, ALLOPASS will implement any procedure required to obtain the necessary guarantees for the security of such transfers (specific clauses, data anonymization). Transfers outside the European Union may be carried out in particular within the framework of our following activities: ALLOPASS customer service, IT services on ALLOPASS’s systems, exploitation of data in connection with social networks (see below). For the transfers to these providers, we made sure that they respect the Regulation on the Protection of Personal Data.

• For what purposes is your personal data collected?

Management of subscribed services Information and data concerning you are necessary for the management of the services that you subscribe.   This information may also be kept for evidence purposes in compliance with legal and regulatory obligations (payment, warranty, litigation, etc.).

Personalization of our services Information and data concerning you allow us to improve and personalize the services that we propose to you in particular on our Internet site and mobile site www.allopass.com and the information that we address to you.

ALLOPASS information In order to keep you informed of our news and benefits, you may receive offers by electronic communication (email, sms, etc.). We measure the opening rate of our mailings in order to adapt them to your needs. If you do not wish to receive information from ALLOPASS, you can refuse to receive it by indicating this when creating your account, or at any time by specifying it in the “XXX” section, or by unsubscribing using the unsubscribe link at the bottom of the emails. Depending on the choices made when creating or consulting your account, you may receive information from ALLOPASS.   In the absence of selection and if you did not object when creating your account, you will be likely to receive information on ALLOPASS’s news which relate to services similar to those you have already subscribed to.

Personalization of ads on the ALLOPASS website and social networks The information you receive from ALLOPASS may be personalized according to the data that ALLOPASS collects on its site (declarative and navigation data), or in connection with social networks. We invite you to consult the personal data protection policies of the social networks in order to take precise note of the information which is collected by the social networks and which can be transmitted to ALLOPASS.   Because of your use of ALLOPASS services, ALLOPASS is likely to receive information concerning you, in particular your public profile and your centers of interest communicated on the social networks, or other data that you will have authorized ALLOPASS to process by navigating on its site or by continuing to benefit from the services proposed by the platform (see paragraph above concerning the collected data).   ALLOPASS advertisements linked to your profile and to the information you publish or share (your centers of interest) may be displayed on your social network pages. If you do not want social networks or third parties including ALLOPASS to collect or use information based on your profile or activity on websites, devices or applications outside of social networks for the purpose of serving ads, you should refer to the terms of the social networks to learn how to set, unsubscribe or control the serving of ads. You can also opt-out using the settings of the applications or your mobile device, and directly on the social networks.

Cookies and advertising targeting Our site is designed to be particularly attentive to the needs and expectations of our customers.   That is why we use cookies or similar tracking technologies to identify you and personalize our services and advertising, in particular to access your account, manage the services you have subscribed to, remember your visits and personalize the offers we make and the information we send you.   You can choose to disable cookies at any time.

• What are your legal rights?

Your rights under the Data Protection Act In accordance with the Data Protection Act of January 6, 1978, as amended by the Act of August 6, 2004, you have the rights set out below with regard to your personal data. You just have to contact us by email at : contact@allopass.com or by mail at : ALLOPASS – Responsible for personal data – 244, route de Seysses – 31100 Toulouse, indicating your name, first name, e-mail and postal address.   In accordance with the regulations in force, your request must be signed and accompanied by a photocopy of an identity document bearing your signature and specify the address to which the reply should be sent. A reply will be sent to you within one (1) month of receipt of the request. If necessary, this period may be extended by two (2) months, taking into account the complexity and number of requests. The data controller will notify the data subject of this extension and the reasons for the postponement within one (1) month of receiving the request.   In particular, in accordance with the Personal Data Regulations, you have the following Specific Rights to/of :

• access (article 15 of the RGPD),
• rectification (Article 16 of the GDPR),
• deletion (Article 17 of the GDPR),
• limitation of processing (Article 18 of the GDPR),
• portability (Article 20 of the GDPR),
• opposition to processing and profiling (Article 21 and 22 of the GDPR),
• post-mortem directives (Law n°78-17 of January 6, 1978 relating to data processing, files and freedoms)

Access rights   You may obtain from ALLOPASS, confirmation as to whether or not your Data is being processed and, where it is, access to such Data and the following information:

• the purposes of the processing ;
• Data categories;
• the recipients or categories of recipients to whom the Data have been or will be disclosed;
• where possible, the intended period of retention of the Data or, where this is not possible, the criteria used to determine this period;
• the existence of the right to request from ALLOPASS the rectification or deletion of Data, or a limitation of the processing of your Data, or the right to object to such processing;
• the right to lodge a complaint with the CNIL;
• where Data is not collected from you, any available information as to its source;
• the existence of automated decision-making, including profiling, and, at least in such cases, useful information about the underlying logic and the significance and intended consequences of such processing for you.

Where Data is transferred to a third country or to an international organization, you have the right to be informed of the appropriate safeguards with respect to such transfer. ALLOPASS provides a copy of the Data being processed.   ALLOPASS may charge a reasonable fee based on administrative costs for any additional copies requested by the user.   When you submit your request electronically, the information will be provided in a commonly used electronic form, unless the user requests otherwise.   Your right to obtain a copy of your Data shall not infringe upon the rights and freedoms of others.

Rights of rectification  You have the possibility to obtain from ALLOPASS, as soon as possible, the rectification of the Data concerning you which are inaccurate. You also have the possibility to obtain that incomplete Data be completed, including by providing a complementary declaration.

Right to erasure   You have the right to obtain from ALLOPASS the deletion, as soon as possible, of Data concerning you when one of the following reasons applies:

• the Data is no longer necessary for the purposes for which it was collected or otherwise processed by ALLOPASS,
• you have withdrawn your consent to the processing of such Data and there is no other legal basis for the processing,
• you exercise your right to object under the conditions recalled below and there is no compelling legitimate reason for the processing,
• the Data has been processed unlawfully,
• the Data must be deleted to comply with a legal obligation,
• Data was collected from a child.

Limitation rights   You have the possibility to obtain from ALLOPASS the limitation of the processing of your Data when one of the following reasons applies:

• ALLOPASS will verify the accuracy of the Data following your challenge to the accuracy of the Data,
• the processing is unlawful and you object to the erasure of the Data and demand instead the restriction of their use,
• ALLOPASS no longer needs the Data for the purposes of processing, but it is still necessary for you to establish, exercise or defend legal claims,
• You have objected to the processing under the conditions recalled below and ALLOPASS verifies whether the legitimate reasons pursued prevail over your alleged reasons.

Rights to Data Portability  You have the option of receiving your Data from ALLOPASS in a structured, commonly used and machine-readable format when:

• the processing of the Data is based on consent, or on a contract and
• the treatment is carried out using automated processes.

When you exercise your right to portability you have the right to have the Data transmitted directly by ALLOPASS to a data controller designated by you where technically possible. Your right to portability of your Data must not infringe the rights and freedoms of others.

Right to object to processing and profiling  You have the right to object at any time, on grounds relating to your particular situation, to the processing of your Data based on ALLOPASS’s legitimate interests.

ALLOPASS will then no longer process the Data, unless it demonstrates that there are compelling legitimate grounds for the processing that override your interests and rights and freedoms, or may retain them for the establishment, exercise or defense of legal claims. Where Data is processed for canvassing purposes, you may object to the processing of such Data at any time.

Post-Mortem Instructions You may provide us with instructions regarding the retention, deletion, and disclosure of your Personal Data after your death, which instructions may also be registered with a “certified digital trustworthy third party.” These directives, or a sort of “digital will,” may designate a person to carry out the directive; if not, your heirs will be designated.   In the absence of a directive, your heirs may contact ALLOPASS to request a copy of the directive:

• to access the data processing allowing “the organization and the settlement of the succession of the deceased”;
• to receive communication of “digital assets” or “data similar to family memories, which can be transmitted to heirs”;
• to proceed to the closure of your account on the site and to oppose to the continuation of the processing of your Personal Data.

In any case, you have the possibility to indicate to us, at any time, that you do not wish, in case of death, that your Personal Data be communicated to a third party.   For more information, you can refer to Article 40-1 of the Law on Computers, files and freedoms.

• How to exercise your Specific Rights ?

To exercise your Specific Rights to the attention of ALLOPASS and/or, if applicable, to obtain an oral reading of this Policy, you may choose to address your request to :

• By email to : contact@allopass.com
• By mail to : ALLOPASS – Responsible for personal data – 244, route de Seysses – 31100 Toulouse.

An answer will be sent to you within one (1) month maximum following the date of reception of your request.   If necessary, this period may be extended by two (2) months by ALLOPASS, which will inform you of this, taking into account the complexity and/or the number of requests.   In case of request for deletion of your Data and/or in case of exercise of your right to request the deletion of your Data, we may however keep them in the form of intermediate archiving under the conditions and for the periods indicated above.   It is specified as necessary that the request for deletion of your account from the site is not interpreted by ALLOPASS as an express request to exercise your right to oppose, limit or delete for legitimate reasons.   Your account is thus rendered inactive and the Data concerning you are the object of an intermediate archiving in the conditions and durations indicated above.   You may, at any time, file a complaint with the competent control authority (in France, the CNIL: http://www.cnil.fr).

• How your data is secured ?

ALLOPASS protects your personal data by putting in place technical and organizational measures to ensure the security of the processing of personal data and the confidentiality thereof.   In this respect, ALLOPASS takes all useful precautions, with regard to the nature of the data and the risks presented by the processing, in order to preserve the security of the data and, in particular, to prevent them from being deformed, damaged, or from being accessed by unauthorized third parties: physical protection of the premises, authentication procedures with personal and secure access via confidential identifiers and passwords, encryption of certain data etc.   However, we remind you that you are responsible for the data concerning you that you transmit to ALLOPASS and that, as such, you contribute to the protection of your personal data by complying with good practices in the use of your computer tools.   You are informed that without adequate security measures (e.g. secure configuration of your web browser, updated anti-virus programs, firewall software, not using software from dubious sources, etc.), you run the risk that the data and passwords you use to protect your data could be disclosed to unauthorized third parties.

• Contacts and complaints

For any request, you can choose to send your request: By email to: contact@allopass.com, or By mail to: ALLOPASS – Personal data manager – 244, route de Seysses – 31100 Toulouse.   In case of lack of response or if you are not satisfied with the response provided, you have the possibility to lodge a complaint with the competent protection and control authority of the European Union Member State in which you usually reside.   For France – CNIL: http://www.cnil.fr For Spain – AEPD: https://www.aepd.es For Germany – Datenschutz: http://www.datenschutz.de For Belgium: http://www.privacycommission.be For other countries: http://ec.europa.eu/justice/article-29/structure/data-protection-authoritie s/index_en. htm Glossary “Cookies”: Designate the tracers and/or equivalent technologies, namely cookie, “Flash” cookie, result of the calculation of the fingerprint of your Terminal called “fingerprinting”, local web storage, invisible pixels, used alternatively or cumulatively to i) facilitate the user’s browsing (Browsing Cookies), ii) offer products and services tailored to the user’s interests (Advertising Cookies), iii) allow the compilation of statistics (Audience Cookies) and iv) allow the user to access personalized products and services on the site or via messages sent by ALLOPASS (Personalization Cookies) and allow interaction with Social Networks (Social Networking Cookies), etc.   “Personal Data” or “Data”: means any information relating to an identified or identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity. Thus, the data we collect may include your strictly personal data, in that it identifies you as a particular person. Conversely, certain data do not allow us to identify you directly, such as your occupation or your browsing data (type of browser, terminal and operating system, the path followed on the Site, etc.) but are still considered Personal Data because they are linked and/or attachable to the former.   “Specific Rights”: refers to the rights granted to the merchant/user by the Personal Data Regulations and in particular the rights to/of :

• access (article 15 of the RGPD),
• rectification (article 16 of the RGPD),
• erasure (Article 17 of the GDPR)
• limitation of Processing (article 18 of the GDPR),
• portability (article 20 of the GDPR),
• opposition (article 21 and 22 of the GDPR),
• post-mortem directives (Law n°78-17 of January 6, 1978 relating to data processing, files and freedoms).

These Specific Rights and the means to exercise them are specified in paragraph 4. Your Rights.   “Personal Data Regulation”: means together the RGPD, the Law n° 78-17 of January 6, 1978 relating to data processing, files and freedoms, as amended and any new law, decrees taken for its application.   “RGPD”: means the General Data Protection Regulation n°2016/679 of 27 April 2016 applicable from 25 May 2018 or, instead, any law that may be adopted in transposition of said Regulation.   “Terminal(s)” means the hardware equipment (computer, tablet, smartphone, phone, etc.) that you use to consult or view the Site and/or any other digital media published by a third party.