Updated on In the course of its activity, PAATCH, a simplified joint-stock company (société par actions simplifiée), with a capital of 1,000 euros, whose registered office is located at 24 rue de Clichy - 75009 Paris, registered under the unique identification number 911 060 176 R.C.S. Paris, represented by its president, Mr. Niels Rolland, duly authorized for the purposes hereof (hereinafter the “Company”) collects and processes personal data for the purpose of providing information and services to its contributors and partners. This privacy policy is intended to govern the processing of personal data carried out by it.
## I- Legal Notice
https://www.paat.ch is a publication of: PAATCH
Simplified joint-stock company with a capital of 1,000 euros
Registered office: 24 rue de Clichy - 75009 Paris
Registered under number: 911 060 176 R.C.S. Paris
VAT: FR94911060176
Contact: rgpd@paat.ch
Data Protection Officer: Mr. Niels Rolland
Website host: OVH
## II- Protection of Personal Data
Preamble
The Company, recipient of the collected data, undertakes to respect and protect your privacy in the context of your use of its website https://www.paat.ch (hereinafter the “Website”) and its products and services (as defined in the General Conditions and hereinafter collectively referred to as the “Services”).
Present in France, the Company undertakes to comply with the legislation and regulations in force regarding the protection of personal data and more particularly:
● The EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (GDPR);
● The Data Protection Act and Decree No. 2005-1309 of October 20, 2005, relating to the protection of personal data amending Law 78-17 of January 6, 1978, relating to data processing, files, and freedoms and various provisions concerning the protection of personal data; Thus, in accordance with current regulations, the data controller undertakes to process the personal data of its users, fairly, lawfully, and transparently for specified, explicit, and legitimate purposes.
### 1- Definitions Personal data (hereinafter “Personal Data”), is defined according to Article 4 §1 of the GDPR as any information relating to an identified or identifiable natural person. A processing of personal data (hereinafter “Processing”) is defined within the meaning of Article 4 §2 of the GDPR, as any operation or set of operations carried out with or without the aid of automated processes and applied to data or sets of data such as, in particular, collection, recording, storage, consultation, use. The user (hereinafter “User”) is designated, within the meaning of Article 4 1) of the GDPR, as a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, an online identifier.
### 2- Data Controller of Collected Personal Data
Mr. Niels Rolland acts as data controller in the collection and processing of personal data. As data controller, Mr. Niels Rolland ensures a high level of protection of the Personal Data of the Users of concerned Services at all stages of processing, including but not limited to collection, storage, and destruction.
### 3- Personal Data Processed
#### 3.1 Personal Data provided by the User
Upon registration, the User must create a client account (as defined in the General Conditions) allowing them to log in to access the content of the Services. The User is required to fill in and provide certain information qualifying as Personal Data. By virtue of the principle of minimization and privacy by default, only the Data necessary for the accomplishment of the following purposes are collected: Data transmitted directly by the User and without this list being exhaustive:
● The Data necessary for registration for the Services, namely the name(s), first name(s), email address, telephone number and password, billing address;
● Additional Data relating to civil status, the company name of the company in whose name the Client Account is created. This Data allows for the personalization of the User’s account and their relationship with the Services;
● Subscription to the newsletter using the User’s name, first name, and email address;
● The IP address, device model, browser, and language of the device with which the User connects to the Services;
● The photograph, curriculum vitae, and cover letter in the context of responses to job offers proposed by the Company;
● Responses to surveys in which the User may be invited to participate and the content of their publications and opinions. This information may be used in the context of research and analysis of User behavior, in order to improve the Services;
● Details of transactions and orders placed by the User through the Services;
● Details of visits related to the use of the Services on the various platforms, including but not limited to, traffic data, location data, resources consulted, and other communication data, if this is necessary for billing purposes;
● The history of User communications on the tools made available to them, between themselves and with the Company;
● Information from the User’s social network profile if they choose to connect to the Services through these channels;
● Any other information that the User wishes to bring to the Company’s attention.
#### 3.2 Personal Data collected automatically
Cookies Cookies are collected automatically, whether they are technical cookies necessary for navigation, strategic cookies, and on the basis of consent for advertising cookies or those necessary for redirection to social networks. The deposit of cookies that are not essential to the functioning of the Website requires your consent, as does the processing of Personal Data deduced from these cookies. This consent will be requested during your first visit upon arrival on a page of the Website. You can modify your preferences at any time, and in particular withdraw your consent, by clicking on the “cookie settings” icon present on the homepage of the Website. For more information, consult paragraph III “Cookie Usage Policy” herein. Personal Data related to social networks When the User accesses the Company’s social networks, by clicking on the redirection icons found on the Website, and if the User is connected to these social networks when they click on the icons, the Company may have access to certain Personal Data that the User has indicated as public and accessible from their profiles on the social networks concerned. The Company is not responsible for the collection or processing of Personal Data that the User has indicated as public on their profiles and which are not imported onto the Company’s platforms. The Company is not responsible for the management of Personal Data by third-party social networks. For more information, the User is invited to consult the privacy policies of the third-party social networks concerned.
### 4- Purposes of Processing
Personal Data is collected and processed for the following purposes:
● The creation and management of the Client Account;
● The provision of Services and in particular the connection of Users with each other;
● The management of orders and payments;
● Communication with Users and customer support;
● Sending newsletters and promotional offers, with the User’s consent;
● The improvement of Services and the carrying out of statistical analyses;
● The management of applications for job offers;
● Compliance with legal and regulatory obligations.
### 5- Recipients of Personal Data
The Personal Data collected is intended for the Company. It may be transmitted to subcontractors to whom the Company calls upon in the context of the execution of the Services (technical service providers, payment service providers, etc.). The Company ensures that its subcontractors provide sufficient guarantees regarding the implementation of appropriate technical and organizational measures so that the Processing meets the requirements of the GDPR and guarantees the protection of the rights of the data subject. Personal Data may also be communicated to the competent authorities, at their request, in the context of legal proceedings, requests for information, or in order to comply with other legal obligations.
### 6- Duration of Personal Data Retention
Personal Data is kept for the time necessary to accomplish the purposes for which it was collected, plus legal prescription periods. For example:
● Data relating to Client Account management and orders are kept for the entire duration of the contractual relationship and five (5) years after its termination;
● Data relating to commercial prospecting are kept for three (3) years from the last contact with the User or the end of the commercial relationship;
● Data relating to applications are kept for two (2) years after the last contact with the candidate, unless the latter agrees to a longer period;
● Cookies are kept for a maximum period of thirteen (13) months.
### 7- Security of Personal Data
The Company implements appropriate technical and organizational measures to ensure a level of security adapted to the risk, and in particular to protect Personal Data against destruction, loss, alteration, unauthorized disclosure, or unauthorized access. The Company requires its subcontractors to provide equivalent guarantees in terms of security. However, no transmission or electronic storage system is completely secure. Consequently, the Company cannot guarantee absolute security. In the event of a Personal Data breach likely to create a high risk for the rights and freedoms of Users, the Company will notify the breach to the competent supervisory authority and, if necessary, to the Users concerned, as soon as possible. The Company cannot be held responsible for damages resulting from fraudulent access to its computer systems or the illicit transmission of Personal Data. The User is responsible for the confidentiality of their password and access to their Client Account. They undertake not to communicate it to third parties and to take all appropriate measures to ensure its security. In the event of fraudulent use of their Client Account, the User undertakes to inform the Company immediately. The Company cannot be held responsible for the use made of the User’s Personal Data by third parties, particularly if this use results from the User’s negligence in managing their login credentials or personal information.
### 7bis - Transfer of Personal Data outside the European Union
Within the framework of the Services, certain Personal Data may be transferred to servers located outside the European Union, particularly in the United States. These transfers are governed by appropriate guarantee mechanisms, such as standard contractual clauses adopted by the European Commission or adherence to the Privacy Shield (for transfers to the United States). The User can obtain more information on these guarantees by contacting the Company at rgpd@paat.ch. The Company cannot be held responsible for the privacy practices of third-party websites accessible from the Website. The User is invited to consult the privacy policies of these websites.
### 8 - User Rights
The User has the right at any time to modify their Personal Data from their Client Account. They can also ask the Company not to use their Personal Data for marketing purposes. The User has a right of access, information, rectification, and opposition as well as erasure and portability when their Data has been collected on the basis of their consent and/or during the execution of a contractual obligation. The User also has a right to limit processing in certain cases as well as to file directives concerning the fate of their data after their death. To do so, the User must send a request, justifying their identity (name - first name or name of the company they represent) and send it to the following email address: rgpd@paat.ch. In the event of a dispute, the User concerned has the right to make a request directly to the competent supervisory authority, the CNIL.
### 9 - Privacy of Minors
The Services are designed for Users aged 18 and over. Non-emancipated minors may use the Services, but their use must be carried out solely under the supervision, control, and with the consent of their legal representatives.
### 10 - Modification of the Privacy Policy
The Company reserves the right to modify or update this Privacy Policy, or any other of its policies or practices, at any time, and to inform Users of the Services by publishing the updated Privacy Policy in question on its homepage as well as the update date. Any modification will take effect immediately after this publication. The use of the Services constitutes the User’s agreement to comply with the Privacy Policy in question as amended. In certain circumstances, if the use of Personal Data for purposes different from those indicated herein, and when necessary, the Company will request the User’s consent (or its renewal).
## III - Cookie Usage Policy
A cookie is a small file deposited and read when consulting a website or mobile application, regardless of the type of terminal used (telephone, computer, tablet, etc.). Its purpose is to collect information relating to the User’s navigation and to send them adapted content. Only the issuer of a cookie is likely to read the information contained therein, during its validity period. The deposit of non-purely technical cookies is subject to obtaining the User’s consent. In order to manage cookies in the manner closest to the User’s wishes, the latter is invited to take into account the purposes of the cookies, specified below, at the time of configuration. The Services use cookies for the following purposes:
● Purely technical and necessary for the functioning of the Services: these cookies allow the Services to function optimally and securely. They also allow some of the User’s choices to be memorized;
● Security cookies;
● With the User’s consent, authentication cookies, which exempt them from having to provide their username and password each time they connect to the Services;
● Social networks: to check if the User is connected to third-party social networks;
● Website improvement;
● Audience measurement: to track statistical data on Service traffic and to allow the study of the effectiveness of interactive online content, its characteristics, advertisements, and other communications. Through these cookies, third parties are likely to collect and use the User’s browsing data for their own purposes, in accordance with their own privacy policy. The Company cannot be held responsible for the use contrary to legal and regulatory provisions of personal data collected by a third party. The User may withdraw their consent at any time for the deposit of cookies operating during their navigation on the Company’s platforms.