Smarter Insights, Stronger Evidence

Quinten Health is committed to collecting and using your data in compliance with applicable regulations regarding personal data protection, specifically the European regulation on the protection of natural persons with regard to the processing of personal data (the “GDPR“), and to ensuring its security and confidentiality. This policy describes how Quinten Health uses information collected about the User when they use the website www.quinten-health.com (the “Site“), particularly via the contact form.

This policy complements the “General Terms of Use” and the “Legal References” (as well as any contractual document or information notice referring to this charter). This personal data protection policy (the “Policy“) aims to inform users of the reasons why Quinten Health processes their personal data and of their rights in this matter.

 

Article 1: Definitions

• Personal data: Personal data is any information or data that allows a natural person to be identified directly or indirectly by reference to a number or to one or more elements specific to them (including names, first name, phone number, email address, identification number, IP address, license plate, etc.). To determine if a person is identifiable, all means available to the data controller or any other person to enable their identification must be considered (the “Personal data“).
• Data processing: Data processing is any operation or set of operations performed or not using automated processes on personal data, which includes collection, recording, organization, storage, adaptation, modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, alignment or interconnection, limitation, erasure, or destruction (the “Processing“).
• Cookies: Cookies are tracers deposited and read, for example, during the consultation of a website, the reading of an email, the installation or use of software or a mobile application, regardless of the type of terminal used such as a computer, a Smartphone, a digital reader, and a video game console connected to the Internet. If they meet certain conditions, some tracers are exempt from this obligation (the “Cookie(s)“).
• Data controller: A data controller is the natural or legal person who determines, alone or jointly, the purposes and means of processing.
• Data Protection Officer (DPO): The Data Protection Officer is primarily responsible for monitoring compliance with the regulation and national data protection law (the “DPO“).
• Supervisory authority: The Commission Nationale de l’Informatique et des Libertés (the “CNIL“) is the supervisory authority. The CNIL is located at 3 place de Fontenoy, 75007 in Paris.

 

Article 2: Identity of the Data controller

During your navigation and/or registration on our Site or more generally within the framework of managing our contractual relations with our clients, the Data controller is:  the company Quinten Health, a single-member simplified joint-stock company registered with the Paris Trade and Companies Register under no. 909 352 023, with its registered office located at 8 rue Vernier, 75017 Paris;

(“We“, “Our“, or “ Quinten Health“).

However, when our services are used by client companies, we collect and process personal data in their name and on their behalf. Our client companies are therefore responsible for the data processing, and we act in the capacity of a processor.

 

Article 3: Personal data collected

The following Personal data is collected when the User completes the contact form:

• Identification data: Name, First name, Email address, Phone;
• Data relating to your professional life: Company name, Position;
• Navigation data on the Site: IP address, pages consulted, date and time of connection, browser used, operating system, user ID, IFA;
• Economic and financial data: Bank account details (RIB);
• Any information you wish to transmit to us as part of your contact request.

 

Article 4: How do we collect your personal data?

We may collect your personal data in two ways:

• Directly, when you have provided it to us (for example, by filling out a contact request form on our Site, or during a professional meeting);
• Indirectly, via business partners or online databases.

 

Article 5: Legal basis, purposes, and retention periods of Personal data

Objectives	Legal bases	Retention periods
Create a file of clients and prospects	Our legitimate interest in developing and promoting our business	For clients: Personal data is retained for the entire duration of the contractual relationship. For prospects: Personal data is retained for a period of 3 years from the last contact with us.
Send newsletters, solicitations, and promotional messages	Our legitimate interest in building loyalty and informing our clients and prospects of our latest news	Personal data is kept for 3 years from the last contact with us.
Respond to your requests for information	The execution of pre-contractual measures taken at your request	Personal data is retained for 3 years from the last contact with us.
Compile statistics (navigation, Site audience, etc.) and improve Site functionalities through the deposit of audience measurement cookies	Your consent	Personal data is retained for 2 years.
Display personalized advertising on the Site through the deposit of advertising cookies	Your consent	Personal data is retained for 2 years.
Respond to requests to exercise rights by the data subjects	Compliance with our legal and regulatory obligations	If we request proof of identity, we keep it only for the time necessary to verify identity. Once verification is complete, the proof is deleted. If you exercise your right to object to receiving prospecting, we keep this information for 3 years.
Monitor requests to exercise rights by the data subjects	Our legitimate interest in ensuring the follow-up of your requests to exercise rights	Information allowing the management of your requests to exercise rights under the GDPR will be kept for 3 years from the request. If you have exercised your right to the deletion of Personal data, we only keep an encrypted version of your data in order to no longer contact you.

 

Article 6: Recipients of Personal data

The following will have access to your personal data:

• The staff of Quinten Health;
• Our processors: hosting provider, newsletter sending provider, audience measurement and analysis provider, secure payment provider, billing tool, cookie management tool, CRM tool;
• Our partners acting as independent data controllers. We disclaim all liability regarding personal data processing carried out by our partners and invite you to consult their privacy policy;
• Where applicable: public and private bodies, exclusively to meet our legal obligations.

 

Article 7: Is your data likely to be transferred outside the European Union?

Your data is kept and stored for the entire duration of the processing on the servers of the company Matomo, located in the European Union.

Within the framework of the tools we use (see article on recipients regarding our processors), your data is likely to be subject to transfers outside the European Union.

The transfer of your data in this context is secured by means of the following tools:

• Either the data is transferred to a country that has been the subject of an adequacy decision by the European Commission, in accordance with Article 45 of the GDPR: in this case, this country ensures a level of protection deemed sufficient and adequate to the provisions of the GDPR;
• Or the data is transferred to a country whose level of data protection has not been recognized as adequate under the GDPR: in this case, these transfers are based on appropriate guarantees indicated in Article 46 of the GDPR, adapted to each provider, including but not limited to the conclusion of standard contractual clauses approved by the European Commission, the application of binding corporate rules, or pursuant to an approved certification mechanism;
• Or the data is transferred on the basis of one of the appropriate guarantees described in Chapter V of the GDPR. You can obtain a copy of the tools allowing the transfers of your data outside the European Union by contacting us at the contact details indicated in the “User rights” article below.

 

Article 8: User rights

Under the GDPR, the User has rights concerning the Processing of their Personal data. As such, the User has the following rights:

• Right to information: This is precisely why we have drafted this Policy. This right is provided for by Articles 13 and 14 of the GDPR.
• Right of access: Any User has the right under Article 15 of the GDPR to obtain confirmation that Personal Data concerning them is being processed, to obtain a copy thereof as well as certain information related to their processing.
• Right to rectification: Any User has the right to obtain the rectification of their Personal Data if it is inaccurate or incomplete in accordance with Article 16 of the GDPR.
• Right to erasure and right to be forgotten: Any User has the right to obtain the erasure of their Personal Data and to prohibit any future collection for the reasons set out in Article 17 of the GDPR. However, the right to erasure is not absolute and is subject to specific conditions. Quinten Health is likely to keep Personal Data to the extent authorized by applicable law, and in particular when their processing remains necessary for compliance with a legal obligation to which Quinten Health is subject or for the establishment, exercise, or defense of legal claims.
• Right to object: Under Article 21 of the GDPR, the User has the right to object to the processing of their Personal Data. However, Quinten Health may maintain the processing despite this objection, for legitimate reasons or the defense of legal claims.
• Right to withdraw consent: Any User has the right, without delay, to withdraw their consent to the processing of their Personal Data for purposes based on consent, under Article 7 of the GDPR. This withdrawal will not affect the lawfulness of the processing carried out before the withdrawal.
• Right to restriction: Any User has the right to obtain the restriction of the processing of their Personal Data in certain cases defined in Article 18 of the GDPR.
• Right to define directives relating to the retention, erasure, and communication of your personal data after death.
• Right to portability: Under certain conditions specified in Article 20 of the GDPR, any User has the right to receive their Personal Data in a standard machine-readable format and to demand their transfer to the recipient of your choice.

The User can exercise these rights upon simple request, or ask any questions about the processing of their Personal Data by contacting our DPO either: By email at the following email address: privacy@quinten-france.com; By post at 8 rue Vernier, 75017 Paris – France. Furthermore, the User is entitled, in accordance with Article 77 of the GDPR, to lodge a claim (complaint) with the CNIL, by sending a letter to the following address: 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07, or by telephone by contacting the following number: 01 53 73 22 22. Consult the site www.cnil.fr for more information on your rights.

 

Article 9: Cookies

The User is informed that during their visits to the Site, a Cookie may be installed automatically during their navigation on said Site. Cookies are small files stored temporarily on the hard drive of the User’s computer by your browser and which are necessary for the use of the Site. Cookies do not contain personal information and cannot be used to identify someone. A Cookie contains a unique identifier, generated randomly and therefore anonymous. Some Cookies expire at the end of the User’s visit, others remain. The information contained in Cookies is used to improve the experience on the Site. By navigating on the Site, the User can accept all or part of the Cookies, or can refuse the use of Cookies. The User is free to decide if they consent to all or part of the Cookies present on the Site. The User must however give their consent regarding the use of certain mandatory Cookies. The User manifests their consent to the Use of all or part of the Cookies by clicking on the section intended for this purpose. This section is displayed at each connection of the User to the Site. The User may deactivate these cookies via the settings appearing within their browser software. To learn more about the Cookies deposited on the Site, the User is invited to consult the Cookies Policy.

 

Article 10: Entry into force

We may modify this Policy at any time, in particular to comply with any regulatory, jurisprudential, editorial, or technical developments. These modifications will apply on the effective date of the modified version. You are therefore invited to regularly consult the latest version of this policy.