Version of March 27, 2023
PROTECTION OF PERSONAL DATA (RGPD and Data Protection Act)
In accordance with the provisions of the law known as “Informatique et Libertés” of January 6, 1978, amended by the law of October 7, 2016, is applicable whenever there is an automated processing or a manual file (i.e. a computer file or a “paper” file) containing personal information relating to natural persons. It defines the principles to be respected when collecting, processing and storing such data and guarantees a number of rights for individuals. You are informed that the Publishers of the site proceed to automated processing of your personal data, in particular when you connect to the site in a context requiring the collection of your personal data.
– What data we collect, considering as personal data “any information relating to an identified or identifiable natural person”;
– For what purposes this data is collected (purpose);
– With whom we share this data;
– How long and where we keep this data;
– Who is responsible for processing the personal data collected and processed;
– What are the rights of the Users regarding their data;
– The site’s policy on “cookies”;
– Justification of the processing (Legality of the processing).
What data do we collect?
We collect the following data on the site citizencode.net, whose controller is Tralalere. :
Questionnaire response data:
Age, number of participants, satisfaction scores, quiz answers, NPS.
Browser and connection data: The request headers (User-Agent, Origin and Referer), the software version, the date of the request
This data is collected when users create an account, when they log in and when students perform activities on the site.
This data is likely to evolve for the needs of the proper functioning of the project and the product.
For what purposes is this data collected?
The processing of personal data concerning users consists of the collection and storage of information concerning their use of the site. This information is collected for the following purposes:
- To produce statistics
- To manage complaints and requests from users
- To manage requests for access, rectification and opposition rights.
- To manage the security of the site to avoid SPAM and abuse
Limitation and relevance
We undertake to limit our collection of data to that which is strictly necessary for the purpose of the envisaged processing, without which we would not be able to provide the service of the site in a qualitative manner.
With whom do we share this data?
In order to ensure the best possible quality of service, we are led to communicate the data collected to various recipients, duly authorized for this purpose, namely
Our internal services: technical and functional administrators involved in the development, improvement and maintenance of the site.
Cloud-Infinity for server hosting. These subcontractors are central to the solution, they allow the hosting of servers, storage and calculations.
The data controller guarantees that its subcontractors are compliant with the RGPD and that no transfer outside the European Union will be made of personal data.
How long do we keep your data?
Your data is kept in our databases for the time necessary for the intended processing. After this period, the data is destroyed or archived according to the legislation in force.
For more details on these durations, we provide you with a summary table below:
Type of data
Duration of conservation
Browser and connexion data
one year after data generation
Where is your data hosted?
The citizencode.net website is hosted by : Cloud Infinity Communications SAS, whose registered office is located at the following address 32 Boulevard de Vaugirard 75015 Paris. The host can be contacted at the following telephone number: +33 (0) 9 70 75 02 30 -https://www.cloud- infinity.com/en . The data collected and processed by the site are exclusively hosted and processed in France.
Who is responsible for data processing?
The data controller for the site is Tralalere.
The data protection officer can be reached at email@example.com.
Tralalere, the data controller, is responsible for determining the purposes and means used to process personal data.
The data controller undertakes to protect the personal data collected, not to transmit them to third parties without the user’s knowledge and to respect the purposes for which the data were collected.
In the event that the integrity, confidentiality or security of the user’s personal data is compromised, the data controller undertakes to inform the user by any means.
What are your rights regarding your data?
Any modification of personal data is your right.
You can access and obtain a copy of the data concerning you, oppose the processing of this data, have it rectified or permanently deleted. You have the right to limit the processing of your data.
The Data Protection Officer (DPO) of TRALALERE is your contact for any request to exercise your rights on this processing.
Contact the DPO by electronic means: firstname.lastname@example.org
Contact the DPO by mail :
The Data Protection Officer
4 rue de Braque
Understand your rights to data processing and liberties: https://www.cnil.fr/fr/les-droits-pour-maitriser-vos-donnees-personnelles
We implement all technical and organizational measures that are useful in view of the nature of the personal data that you entrust to us and the risks presented by their processing, in order to preserve the security of your data and prevent it from being distorted, destroyed, damaged or accessed by unauthorized third parties.
To this end, we implement technical measures such as firewalls; organizational measures with a unique identifier and password system for each of our employees, internal or external; physical protection means, etc.
The site has an SSL certificate to ensure that the information and data transfer through the site is secure.
The purpose of an SSL certificate (“Secure Socket Layer” Certificate) is to secure the data exchanged between the user and the site.
Cookies and tracers
The cookies are the following:
pages consulted, searches on the site, downloads, geographical origins, peripherals, browser, timestamp, user ID, Google Tag Manager
They correspond to the measures strictly necessary for the good administration of the site.
The solution implemented are :
- Matomo Analytics in self-hosted mode, configured to fall within the scope of the exemption from the collection of consent.
- Google Tag Manager which is used only after the collection of consent.
Moreover, the parameter setting of the navigation software allows to inform of the presence of cookie and possibly, to refuse in the way described at the following address: https://www.cnil.fr/fr/les-conseils-de-la-cnil-pour-maitriser-votre-navigateur
Refusing to install a cookie may make it impossible to access certain services. The user can however configure his computer to refuse the installation of cookies. He can also delete them from his browser after accepting them.
The data controller reserves the right to modify it in order to ensure its compliance with the law in force.
Complaint to the CNIL
If you believe, after having contacted us, that your rights on your data are not respected, you can address a complaint to the CNIL: