Privacy Policy
1. Overview of data protection
General information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally. For detailed information on data protection, please see our privacy policy below.
Data collection on this website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the ‘Information about the data controller’ section of this privacy policy.
How do we collect your data?
Your data is collected, on the one hand, when you provide it to us. This may, for example, be the case when you fill in a contact form.
Other data is collected automatically or with your consent when you visit the website by our IT systems. This data is primarily technical in nature (for example, your web browser, operating system or the time you accessed the page). This data is collected automatically as soon as you access this website.
What is your data used for?
Some of the data is collected to ensure the website functions correctly. Other data may be used to analyse your user behaviour. If contracts can be concluded or initiated via the website, the data provided is also used for contractual offers, orders or other order-related enquiries.
What are your rights regarding your data?
You have the right at any time to obtain information, free of charge, about the source, recipients and purpose of your stored personal data. You also have the right to request the rectification or erasure of this data. If you have given your consent to the processing of data, you may withdraw it at any time with effect for the future. Furthermore, under certain circumstances, you have the right to request that the processing of your personal data be restricted. You also have the right to lodge a complaint with the relevant supervisory authority.
For this, as well as for any other questions relating to data protection, you can contact us at any time.
Analytics tools and third-party provider tools
When you visit this website, your browsing behaviour may be analysed statistically. This is primarily carried out using analytics programmes.
You will find detailed information on these analytics programmes in the following privacy policy.
2. General and mandatory information
Data protection
The operators of these pages take the protection of your personal data very seriously. We process your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.
When you use this website, various items of personal data are collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and for what purposes we use it. It also explains how and for what purpose this is done.
Please note that data transmission over the internet (for example, when communicating by email) may be subject to security vulnerabilities. It is not possible to provide complete protection of data against access by third parties.
Information on the data controller
The data controller for this website is:
SHP Scientifique SAS
6 Boulevard Montmartre
75009 Paris
France
Telephone: +33 (0) 139809982
Email:
The data controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g. names, email addresses, etc.).
Retention period
Unless otherwise stated in this privacy policy, your personal data will remain with us until the purpose for which it is processed no longer applies. If you make a legitimate request for erasure or withdraw your consent to data processing, your data will be erased, unless we have other legal grounds for retaining it (e.g. tax or commercial retention obligations); in such cases, the data will be erased once those grounds no longer apply.
General information on the legal bases for data processing on this website
If you have consented to the processing of your data, we process your personal data on the basis of Article 6(1)(a) of the GDPR or Article 9(2), (a) of the GDPR, insofar as special categories of data in accordance with Article 9(1) of the GDPR are processed. In the event of explicit consent to the transfer of personal data to third countries, data processing is also carried out on the basis of Article 49(1)(a) of the GDPR. If you have consented to the storage of cookies or to access to information on your device (e.g. via device fingerprinting), the processing of data is also based on Article 25(1) of the TDDG. Consent may be withdrawn at any time. If your data is necessary for the performance of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Article 6(1)(b) of the GDPR. Furthermore, we process your data if this is necessary to comply with a legal obligation under Article 6(1)(c) of the GDPR. Data processing may also be based on our legitimate interest in accordance with Article 6(1)(f) of the GDPR. The legal bases applicable in each case are set out in the following sections of this privacy policy.
Information on the transfer of data to third countries that do not offer adequate data protection, as well as to US companies that are not DPF-certified
In particular, we use tools provided by companies located in third countries that do not offer adequate data protection, as well as US tools whose providers are not certified under the EU-US Data Protection Framework (DPF). When these tools are in use, your personal data may be transferred to these countries and processed there. We would like to draw your attention to the fact that, in third countries that do not offer adequate data protection, a level of protection comparable to that of the EU cannot be guaranteed.
We would like to emphasise that the United States, as a safe third country, generally offers a level of protection comparable to that of the EU. A data transfer to the United States is therefore permitted if the recipient is certified under the ‘EU-US Data Privacy Framework’ (DPF) or has appropriate additional safeguards in place. You can find information on transfers to third countries, including the recipients of the data, in this privacy policy.
Recipients of personal data
As part of our business activities, we collaborate with various external entities. This may require the transfer of personal data to these entities. We only disclose personal data to external entities if this is necessary for the performance of a contract, if we are legally obliged to do so (for example, disclosure of data to tax authorities), if we have a legitimate interest in accordance with Article 6(1), (f) of the GDPR, or if another legal basis authorises such a transfer of data. When using data processors, we only transfer our customers’ personal data on the basis of a valid data processing agreement. In the case of joint processing, a joint processing agreement is concluded.
Withdrawal of your consent to data processing
Many data processing operations are only possible with your explicit consent. You may withdraw any consent you have already given at any time. The lawfulness of the data processing carried out up to the point of withdrawal remains unaffected by this.
Right to object to data collection in specific cases and to direct marketing (Art. 21 GDPR)
IF DATA PROCESSING IS BASED ON ART. 6(1) 1(e) or (f) of the GDPR, YOU HAVE THE RIGHT, AT ANY TIME AND ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE LEGAL BASES ON WHICH PROCESSING IS BASED ARE SET OUT IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA IN QUESTION, UNLESS WE CAN DEMONSTRATE COMPELLING AND LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS FOR THE PURPOSE OF ESTABLISHING, EXERCISING OR DEFENDING LEGAL CLAIMS (OBJECTION IN ACCORDANCE WITH ARTICLE 21(1) OF THE GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING PURPOSES; THIS ALSO APPLIES TO PROFILING IN SO FAR AS IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) OF THE GDPR).
Right to lodge a complaint with the competent supervisory authority
In the event of a breach of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place where the alleged infringement occurred. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.
Right to data portability
You have the right to receive the data that we process automatically on the basis of your consent or in the course of performing a contract, in a structured, commonly used and machine-readable format, and to transmit that data to yourself or to a third party. If you request the direct transfer of the data to another controller, this will be carried out to the extent that it is technically feasible.
Right of access, rectification and erasure
In accordance with the applicable legal provisions, you have the right at any time to obtain, free of charge, information about your stored personal data, its origin, its recipients and the purpose of the data processing, as well as the right to have this data rectified or erased where applicable. To do so, or for any other enquiries regarding personal data, you may contact us at any time.
Right to restriction of processing
You have the right to request the restriction of the processing of your personal data. To do so, you may contact us at any time. The right to restriction of processing applies in the following cases:
- If you dispute the accuracy of the personal data we have recorded, we will need time to verify this dispute. Whilst this verification is taking place, you have the right to request the restriction of the processing of your personal data.
- If the processing of your personal data has been carried out unlawfully, you may request the restriction of the processing of the data instead of its erasure.
- If we no longer require your personal data, but you require it to exercise, defend or assert legal claims, you have the right to request the restriction of the processing of your personal data instead of its erasure.
- If you have objected under Article 21(1) of the GDPR, a balancing of your interests against ours must be carried out. Until it has been determined which interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, such data may not be processed – apart from for storage purposes – except with your consent or for the establishment, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of substantial public interest of the European Union or a Member State.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or enquiries you send to us as the website operator, SSL or TLS encryption. You can recognise an encrypted connection by the fact that the browser’s address bar changes from ‘ http://’ to ‘https://’ and by the padlock symbol in the address bar.
When SSL or TLS encryption is enabled, the data you send to us cannot be read by third parties.
Opting out of advertising emails
The use of contact details published in accordance with legal identification requirements for the purpose of sending unsolicited advertising and information is prohibited. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising material, such as spam.
3. Data collection on this website
Consent with Usercentrics
This website uses Usercentrics’ consent technology to obtain your consent to the storage of certain cookies on your device or to the use of certain technologies, and to document this consent in accordance with data protection regulations. The provider of this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, website: https://usercentrics.com/fr/ (hereinafter ‘Usercentrics’).
When you visit our website, the following personal data is transmitted to Usercentrics:
- Your consents or the withdrawal of your consents
- Your IP address
- Information about your browser
- Information about your device
- Date and time of your visit to the website
- Geolocation
In addition, Usercentrics stores a cookie in your browser to record the consents you have given or withdrawn. The data collected in this way is retained until you ask us to delete it, until you delete the Usercentrics cookie yourself, or until the purpose for which it is retained no longer applies. Mandatory legal retention obligations remain unaffected.
The banner Usercentrics banner on this website has been configured with the assistance of eRecht24, as indicated by the presence of the eRecht24 logo on the banner. To display this logo, a connection is established with eRecht24’s image server, which involves the transmission of the IP address; however, this is stored in an anonymised form in the server logs. The eRecht24 image server is located in Germany, hosted by a German provider. The banner itself is provided exclusively by Usercentrics.
The use of Usercentrics is necessary to obtain the legally required consents for the use of certain technologies. The legal basis is Article 6(1)(c) of the GDPR.
Contact form
If you contact us via the contact form, the information you provide, including your contact details, will be stored by us to process your enquiry and respond to any follow-up questions. This data will not be passed on without your consent.
The processing of this data is based on Article 6(1)(b) of the GDPR if your enquiry relates to the performance of a contract or is necessary for pre-contractual measures. In other cases, processing is based on our legitimate interest in efficiently handling enquiries addressed to us (Article 6(1)(f) of the GDPR) or on your consent (Article 6(1)(a) of the GDPR), where such consent has been obtained. This consent may be withdrawn at any time.
The data you enter in the contact form will be retained by us until you ask us to delete it, withdraw your consent to its storage, or the purpose for which it is stored no longer applies (for example, once your enquiry has been dealt with). Mandatory legal obligations – in particular retention periods – remain unaffected.
Enquiries by email, telephone or fax
If you contact us by email, telephone or fax, your enquiry, including any personal data it contains (name, enquiry), will be stored and processed by us for the purpose of dealing with your enquiry. This data will not be passed on without your consent.
The processing of this data is based on Article 6(1)(b) of the GDPR if your enquiry relates to the performance of a contract or is necessary for pre-contractual measures. In other cases, processing is based on our legitimate interest in efficiently handling enquiries addressed to us (Article 6(1)(f) of the GDPR) or on your consent (Article 6(1)(a) of the GDPR), insofar as such consent has been obtained. This consent may be withdrawn at any time.
The data you provide to us via your enquiries will be retained by us until you ask us to delete it, withdraw your consent to its storage, or the purpose for which it is held ceases to apply (for example, once your enquiry has been processed). Mandatory legal obligations – in particular statutory retention periods – remain unaffected.
4. Social media
eRecht24 Safe Sharing Tool
The content on this website can be shared in a data-protection-compliant manner on social media platforms such as Facebook, X, etc. To this end, this page uses the eRecht24 Safe Sharing Tool. This tool establishes a direct connection between the social media platforms and users only when the user actively clicks on one of these buttons. Clicking the button constitutes consent within the meaning of Article 6(1)(a) of the GDPR and Article 25(1) of the TDDDG. This consent may be withdrawn at any time with future effect.
This tool does not automatically transmit any user data to the operators of these platforms. If the user is logged in to one of the social networks, an information window appears when using social media elements from Facebook, X, etc., in which the user can confirm the text before sending it.
Our users can share content from this website in compliance with data protection regulations on social media platforms without the platform operators creating comprehensive browsing profiles.
The use of this service is necessary to obtain the legally required consents for the use of certain technologies. The legal basis is Article 6(1)(c) of the GDPR.
5. Analytics and advertising tools
Google Tag Manager
We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is a tool that enables us to integrate tracking tools, statistical tools and other technologies into our website. Google Tag Manager itself does not create user profiles, store cookies or carry out independent analyses. It is used solely for the management and display of the tools integrated via it. However, Google Tag Manager collects your IP address, which may also be transmitted to Google’s parent company in the United States.
The use of Google Tag Manager is based on Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in the quick and straightforward integration of various tools on its website. Where appropriate consent has been obtained, the processing is based exclusively on Article 6, paragraph 1(a) of the GDPR and Section 25(1) of the TDDDG, insofar as the consent covers the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent may be withdrawn at any time.
The company holds certification under the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the United States which guarantees compliance with European data protection standards when data is processed in the United States. Any company certified under the DPF undertakes to comply with these data protection standards. You can obtain further information on this subject from the provider via the following link: https://www.dataprivacyframework.gov/participant/5780.
Google Analytics
This website uses the functions of the web analytics service Google Analytics. The provider is Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyse the behaviour of website visitors. The operator receives various usage data, such as the number of pages viewed, the duration of the visit, the operating systems used and the user’s origin. This data is associated with the user’s device. No association with a user ID is made.
Furthermore, Google Analytics enables us to record, amongst other things, your mouse movements, scrolling and clicks. Google Analytics also uses various modelling approaches to supplement the collected data sets and applies machine learning technologies for data analysis.
Google Analytics uses technologies that enable the user to be recognised for the purpose of analysing their behaviour (e.g. cookies or device fingerprinting) . The information collected by Google regarding the use of this website is generally transferred to a Google server in the United States and stored there.
The use of this service is based on your consent in accordance with Article 6(1)(a) of the GDPR and Article 25(1) of the TDDG. Consent may be withdrawn at any time.
The transfer of data to the United States is based on the European Commission’s standard contractual clauses. For further details, see: https://privacy.google.com/businesses/controllerterms/mccs/.
The company is certified under the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the United States aimed at ensuring compliance with European data protection standards when processing data in the United States. Any company certified under the DPF undertakes to comply with these data protection standards. For further information, please see the following link: https://www.dataprivacyframework.gov/participant/5780.
IP address anonymisation
IP address anonymisation is enabled in Google Analytics. This means that your IP address is truncated by Google within the Member States of the European Union or in other states party to the Agreement on the European Economic Area before being transferred to the United States. In exceptional cases, the full IP address is transferred to a Google server in the United States and truncated there. On behalf of the operator of this website, Google uses this information to evaluate your use of the website, compile reports on website activity and provide other services relating to website and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not combined with other data held by Google.
Browser extension
You can prevent the collection and processing of your data by Google by downloading and installing the browser extension available via the following link: https://tools.google.com/dlpage/gaoptout?hl=fr.
For further information on the processing of user data in Google Analytics, please refer to Google’s privacy policy: https://support.google.com/analytics/answer/6004245? hl=fr.
Google Ads
The website operator uses Google Ads. Google Ads is an online advertising programme provided by Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display adverts in the Google search engine or on third-party websites when a user enters certain keywords into Google (keyword targeting). Targeted adverts may also be displayed based on user data available to Google (e.g. location data and interests) (audience targeting). As website operators, we can analyse this data quantitatively, for example to understand which keywords led to our adverts being displayed and how many adverts generated corresponding clicks.
The use of this service is based on your consent in accordance with Article 6(1)(a) of the GDPR and Article 25(1) of the TDDG. Consent may be withdrawn at any time.
The transfer of data to the United States is based on the European Commission’s standard contractual clauses. For further details, please see: https://policies.google.com/privacy/frameworks and https://business.safety.google/controllerterms/.
The company is certified under the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards when data is processed in the United States. Any company certified under the DPF undertakes to comply with these data protection standards. For further information, please visit the following link: https://www.dataprivacyframework.gov/participant/5780.
Google Conversion Tracking
This website uses Google Conversion Tracking. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Conversion Tracking enables Google and us to determine whether a user has carried out certain actions. For example, we can assess which buttons have been clicked on our website and which products have been viewed or purchased most frequently. This information is used to generate conversion statistics. We know the total number of users who have clicked on our adverts and the actions they have taken. We do not receive any information that personally identifies the user. Google uses cookies or similar recognition technologies for identification purposes.
The use of this service is based on your consent in accordance with Article 6(1)(a) of the GDPR and Section 25(1) of the TDDG. Consent may be withdrawn at any time.
For further information on Google Conversion Tracking, please refer to Google’s privacy policy: https://policies.google.com/privacy?hl=fr.
The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards when processing data in the United States. Any company certified under the DPF undertakes to comply with these privacy standards. For further information, please visit the following link: https://www.dataprivacyframework.gov/participant/5780.
6. Plugins and tools
Font Awesome
This website uses Font Awesome to display fonts and icons consistently. The provider is Fonticons, Inc., 6 Porter Road Apartment 3R, Cambridge, Massachusetts, USA.
When a page is accessed, your browser loads the necessary fonts into the browser cache to display text, fonts and icons correctly. To this end, the browser must establish a connection with Font Awesome’s servers. This enables Font Awesome to recognise that this website has been accessed via your IP address. The use of Font Awesome is based on Article 6(1)(f) of the GDPR. We have a legitimate interest in displaying text consistently on our website. Where consent has been sought, processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR and Article 25(1) of the TDDG, insofar as the consent relates to the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) in accordance with the TDDG. Consent may be withdrawn at any time.
If your browser does not support Font Awesome, a standard font from your computer will be used.
For further information on Font Awesome, please refer to Font Awesome’s privacy policy: https://fontawesome.com/privacy.
Google Maps
This website uses the Google Maps mapping service. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. This service enables us to embed maps on our website.
To use the features of Google Maps, your IP address must be recorded. This information is generally transmitted to a Google server in the United States and stored there. The provider of this website has no influence over this data transfer. When Google Maps is enabled, Google may use Google Fonts to display fonts consistently. When Google Maps is accessed, your browser loads the necessary web fonts into the browser cache in order to display text and fonts correctly.
The use of Google Maps serves to present our online offerings in an attractive manner and to enable users to easily locate the places we indicate on the website. This constitutes a legitimate interest within the meaning of Article 6(1)(f) of the GDPR. Where consent has been sought, processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR and Article 25, (1) of the TDDG, insofar as the consent covers the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) within the meaning of the TDDG. Consent may be withdrawn at any time.
Data transfers to the United States are based on the European Commission’s standard contractual clauses. You can view the details here: https://privacy. google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.
For further information on the handling of user data, please refer to Google’s privacy policy: https://policies.google.com/privacy?hl=fr.
The company is certified under the “EU-US Data Privacy Framework” (DPF) . The DPF is an agreement between the European Union and the United States designed to ensure that European data protection standards are upheld when data is processed in the United States. Any company certified under the DPF undertakes to comply with these standards. For further information, please see the following link: https://www.dataprivacyframework.gov/participant/5780.
Google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
reCAPTCHA is used to verify whether data entry on this website (for example, in a contact form) is carried out by a human or an automated programme. To this end, reCAPTCHA analyses the website visitor’s behaviour based on various criteria. This analysis begins automatically as soon as the visitor accesses the website. For the analysis, reCAPTCHA evaluates various pieces of information (e.g. the IP address, the time spent on the website or the user’s mouse movements). The data collected during the analysis is transmitted to Google.
reCAPTCHA analyses take place entirely in the background. Website visitors are not informed that the analysis is taking place.
The storage and analysis of data are carried out on the basis of Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in protecting its web services against abusive automated crawling and against spam. If consent has been requested, processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR and Section 25(1) of the TDDG, insofar as the consent covers the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) within the meaning of the TDDG. Consent may be withdrawn at any time.
For further information on Google reCAPTCHA, please refer to Google’s Privacy Policy and Terms of Service at the following links: https://policies.google.com/privacy?hl=fr and https://policies.google.com/terms?hl=fr.
The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the United States designed to ensure that European data protection standards are upheld when data is processed in the United States. Any company certified under the DPF undertakes to comply with these standards. For further information, please see the following link: https://www.dataprivacyframework.gov/participant/5780.
Cloudflare Turnstile
We use Cloudflare Turnstile (hereinafter ‘Turnstile’) on this website. The provider is Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA (hereinafter ‘Cloudflare’) .
Turnstile is used to verify whether data entered on this website (e.g. in a contact form) is being entered by a human or by an automated programme. To do this, Turnstile analyses the website visitor’s behaviour based on various characteristics.
This analysis begins automatically as soon as a website visitor accesses a website where Turnstile is enabled. For the purposes of the analysis, Turnstile evaluates various pieces of information (e.g. IP address, the length of time the visitor spends on the website, or the mouse movements made by the user). The data collected during the analysis is forwarded to Cloudflare.
The storage and analysis of the data are carried out on the basis of Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in protecting its web services from malicious automated surveillance and from spam. Where consent has been sought, processing is carried out exclusively on the basis of Article 6( 1(a) of the GDPR and Section 25(1) of the TDDDG, insofar as the consent covers the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent may be withdrawn at any time.
Data processing is based on standard contractual clauses, which can be found here: https://www.cloudflare.com/cloudflare-customer-scc/.
Further information on Cloudflare Turnstile can be found in the privacy policy at https://www.cloudflare.com/cloudflare-customer-dpa/ .
The company is certified under the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the US designed to ensure compliance with European data protection standards when data is processed in the US. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this is available from the provider via the following link: https://www.dataprivacyframework.gov/participant/5666.
Cloudflare Turnstile
We use Cloudflare Turnstile (hereinafter referred to as “Turnstile”) on this website. The provider is Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA (hereinafter referred to as “Cloudflare”).
Turnstile is designed to verify whether data entry on this website (for example, in a contact form) is being carried out by a human or by an automated programme. To do this, Turnstile analyses the website visitor’s behaviour using various characteristics.
This analysis begins automatically as soon as the website visitor accesses a website where Turnstile is enabled. For the analysis, Turnstile evaluates various pieces of information (for example, the IP address, the time spent by the visitor on the website, or the user’s mouse movements). The data collected during the analysis is transmitted to Cloudflare.
The storage and analysis of data are carried out on the basis of Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in protecting its web offerings against abusive automated spying and against spam. Where the relevant consent has been obtained, processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR and Article 25(1) of the TDDDG, insofar as the consent covers the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent may be withdrawn at any time.
Data processing is based on standard contractual clauses, which you can find here: https://www.cloudflare.com/cloudflare-customer-scc/ .
For further information on Cloudflare Turnstile, please refer to the privacy policy at https://www.cloudflare.com/cloudflare-customer-dpa/.
The company is certified under the “EU-US Data Privacy Framework” (DPF) . The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards when data is processed in the United States. Any company certified under the DPF undertakes to comply with these data protection standards. You can obtain further information on this subject from the provider by clicking on the following link: https://www.dataprivacyframework.gov/participant/5666.
FR
ES
EN