Request a demo
Thank you for your interest in a demonstration of our Risk Mapping and Action Plans solution.
Thank you for completing the form and we will contact you.
Thank you for your interest in a demonstration of our Risk Mapping and Action Plans solution.
Thank you for completing the form and we will contact you.
ETHIMAP - Privacy policy
The purpose of this policy (hereinafter the "Policy") is to inform Clients and Users of the website www.ethimap.com of the means implemented to collect personal data, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of personal data, and Law No. 78-17 of 6 January 1978 on information technology, files and freedoms, known as the "Data Protection Act", as amended by Law No. 2018-493 of 20 June 2018 on the protection of personal data (hereinafter referred to as the "Regulation").
All capitalized terms, if not defined in this Privacy Policy, shall have the meaning given to them in the Platform Terms of Use (TOU).
When ETHICORP collects personal data from Clients or Users of its Platform, in the context of a subscription taken out by the Client, it implements processing of such personal data for which it is qualified as a "data controller", within the meaning of the aforementioned texts.
In the context of the GCU, article 2.1, it is specified that ETHICORP opens the profiles and accesses the administrators of the Customer's entity(ies), and that these administrators can, in turn, authorise other Users to access their space on the Platform and configure their profile and access rights, without ETHICORP being informed or having to intervene.
The collaborative nature of the platform means that Administrators and subsequent Users can themselves open successive User accesses.
ETHICORP does not have access to the data entered by the User on the Platform, which is protected by encryption measures, unless the User or the Customer grants ETHICORP access to such data on a one-time basis for the purpose of supporting the User and maintaining the Platform. In such a case, ETHICORP may have to access the personal data of individuals provided by the User in the context of his use of the Platform and to process such personal data for the purposes mentioned above. In this respect, ETHICORP acts as a "subcontractor" of the Customer (through the User), ETHICORP being the person responsible for the processing of the personal data of the individuals entered by the User on the Platform.
ETHICORP undertakes to comply at all times with the requirements of the Regulations applicable to the protection of personal data and to process Users' Personal Data only in accordance with the conditions set out below.
By using the ETHIMAP Platform, the Client or the User may be led to transmit, directly or indirectly, to ETHICORP Personal Data.
ETHICORP collects the following personal data through the website www.ethimap.com integrating the ETHIMAP Platform:
– Identification data such as the surname, first name, e-mail or postal address, telephone number of the person concerned, in the context of the creation of a Customer or User Account;
– Transaction data such as subscription amount and credit card number.
– Technical data such as IP address, browser type and version, operating system used.
– Platform subscription data such as username and password.
– Data relating to messages and telephone calls in the context of ETHIMAP Assistance requests.
– Data related to professional life such as company name, professional e-mail and profession or function in the company;
– Connection data such as functions used, pages visited, configurations selected, time stamps of visits and search terms.
When collecting Personal Data, the User may be informed that some of them must be filled in to achieve the expected result, in particular by the presence of an asterisk next to the data to be filled in. Failure to provide this mandatory information may make it impossible to execute the request. The mandatory communication of certain personal data is necessary for ETHICORP to implement the above-mentioned purposes.
ETHICORP processes and collects Users' Personal Data in compliance with the Regulations and only within the framework of the following legal bases:
– Where necessary for the performance of a contract with the Customer ;
– Where necessary for ETHICORP to comply with its legal obligations;
– When the User has expressly consented to the processing of his/her Personal Data ;
– When necessary to ensure its legitimate interests, for example to detect, investigate and prevent technical, fraud and security problems, to protect its rights, property or the safety of its Users and employees, or for its own commercial prospecting for professionals.
ETHICORP processes Users' personal data for the following purposes:
– Management of the Platform :
o Managing access to and use of the ETHIMAP Platform;
o Processing requests for subscription to the Platform ;
o Technical assistance and maintenance for the proper functioning and security of the Platform;
o Transmission of ETHICORP's modifications or updates to the Platform;
o Response to information requests or messages from Users.
– Improvement of services :
o Improving the functionality and quality of the User's navigation on the Platform by carrying out tests, research, analyses, studies and surveys;
o Promotion of the Platform ;
o Proposal of relevant, adapted and personalised content;
o Improving customer relations ;
o Evaluation of the quality of the service.
– Commercial prospecting ;
– Employee training :
o Evaluation of employees ;
o Training of employees.
– Management of applications for recruitment purposes via the contact e-mail address.
The User's Personal Data are strictly confidential and intended exclusively for ETHICORP.
Unless required to do so by law, accounting or judicial order, ETHICORP will never disclose, transfer, rent or transmit the Personal Data of the Users to third parties other than the host of the Platform for the purpose of performing technical services of hosting and management of the databases, or the competent authorities in the context of the search for perpetrators of crime.
The Platform is hosted in France on servers made available to ETHICORP. The host acts as a subcontractor of ETHICORP within the meaning of the Regulations applicable to the protection of personal data, on the instructions of ETHICORP and under the contractual conditions signed with ETHICORP, which cannot derogate from the present article and which are in conformity with the Regulations.
For information on the host of the Platform, please refer to the ETHIMAP Legal Notice.
The User's Personal Data are only kept for the time strictly necessary to achieve the purposes pursued as set out in this Policy, and in accordance with the Regulations and applicable laws. This data is therefore kept for the duration of the subscription to the ETHIMAP Platform.
Beyond this retention period, the Personal Data are archived by ETHICORP, in a secure environment, for the legal period of prescription for the purpose of proof for the establishment, exercise or defence of a legal right.
After this period, the Personal Data will be deleted.
In accordance with the Regulation, ETHICORP guarantees to the User the effective exercise of all his rights on his Personal Data in accordance with the Regulation:
– Right of access to Personal Data ;
– Right to rectify Personal Data;
– Right to erasure of Personal Data;
– Right to limit the processing of Personal Data ;
– Right to withdraw consent to the processing of Personal Data;
– Right to object to the processing of Personal Data ;
– Right to the portability of Personal Data.
To exercise these rights, ETHICORP can be contacted at contact@ethicorp.com.
ETHICORP undertakes to ensure the security and integrity of the Personal Data of Clients and Users. In this respect, ETHICORP implements and maintains technical and organizational security measures for the Platform and, more generally, for its information system adapted to the nature of the personal data processed and the risks presented by their processing.
These measures aim to protect personal data against destruction, loss, alteration, disclosure to unauthorised third parties, and to ensure the restoration of availability and access to personal data in the event of a physical or technical incident.
In order to ensure the support of the User and the maintenance of the Platform, the User may be required to authorize ETHICORP to access, in a punctual, time-limited and secure manner, the data that he/she integrates on the Platform. In this context, ETHICORP may have to access the Personal Data that the User has entered in the context of its use of the Platform (hereinafter the "Customer Data") and to process these Personal Data for the above-mentioned purposes.
As such, ETHICORP is the subcontractor of the personal information collected on the www.ethimap.com website through the Risk Mapping Platform on behalf of the Client or the User as an intermediary authorised by the Client who is the data controller of the Client Data.
As the controller, the User (or through him the Customer), undertakes to comply strictly with the regulations when processing customer data and guarantees ETHICORP against any recourse from third parties for the protection of their Personal Data. As a subcontractor, ETHICORP undertakes to respect its obligations, in accordance with the Regulations and the General Terms of Use.
The subcontracted data are reserved for the exclusive use of ETHICORP and shall not be transferred, rented or exchanged for the benefit of a third party. The processing of personal data is necessary for the execution of the services requested.
A "cookie" is a small data file sent to the User's browser by a web server and stored on the User's computer hard drive. It does not damage the computer in any way.
ETHICORP, publisher of the ETHIMAP website (hereafter the "Publisher"), uses :
– Browser cookies:
o For the proper functioning of the www.ethimap.com website and the integrated Platform;
o To improve the quality of navigation on the Platform ;
o To provide the User with access to his or her account using his or her login details;
o To enable and facilitate communications between ETHICORP and the User; and
– Personalisation cookies to store information about the user and re-use it during future visits (display preferences, site connection information, etc.).
The information collected through Cookies is solely and strictly intended for ETHICORP, in compliance with the applicable regulations on the protection of personal data. Cookies from third party publishers allow these publishers to access the information collected through their Cookies, as specified in the table below.
ETHICORP uses a cookie manager on which the User can view all the cookies used by ETHICORP and freely consent or refuse, at any time, all or part of the cookies used. To do so, the User is invited to consult the Cookie Preference Centre.
The User can also set his browser to accept or deactivate Cookies. At any time, the User can choose to express and modify his/her wishes with regard to Cookies.
The User is presumed to have given his consent:
– By clicking on the "I accept" icon on the information banner visible when first connecting to the website;
– By continuing to browse, i.e. when the User has clicked on an element of the Site (image, link, button, etc.);
– By clicking on "Save and Exit" after having checked the Cookies options that he/she wishes to activate in any dialog box that may be proposed on the Site.
If the User accepts the recording of Cookies in his terminal via his navigation software, the Cookies integrated in the pages and contents that he has consulted may be stored temporarily in a dedicated space in his terminal. They will only be readable by the sender. The agreement given by the User is only valid for a period of thirteen (13) months from the first deposit in the User's terminal equipment, following the expression of the User's consent.
If the User refuses the storage of Cookies in his/her terminal or browser, or if he/she deletes those stored there, the User is informed that his/her navigation and experience on the Site may be limited.
This may also be the case when the Publisher is unable to recognise, for technical compatibility purposes, the type of browser used by the terminal, the language and display settings or the country from which the terminal appears to be connected to the Internet. In this case, the Publisher is not liable for the consequences of the impaired functioning of the Services resulting from the User's refusal to accept Cookies and/or the Publisher's inability to save or consult the Cookies necessary for their functioning due to the User's choice.