Privacy Policy
What is the purpose of our Privacy Policy?
DiamPark SAS, which manages the site diampark.io, places great importance on the protection and confidentiality of your personal data, which for us is a sign of seriousness and trust.
As such, our Privacy Policy for personal data clearly reflects our commitment to ensuring that DiamPark SAS complies with applicable rules on personal data protection, particularly those of the General Data Protection Regulation ('GDPR').
In particular, our Privacy Policy aims to inform you about how and why we process your personal data in the context of the services we provide to you.
Who is our Privacy Policy for?
Our Privacy Policy is addressed to you, regardless of your place of residence, as long as you are at least 15 years old, whether you are a customer, a job applicant at DiamPark SAS, or a visitor to the site diampark.io.
If you are under the legal age detailed above, you are not authorized to use our services without the prior explicit consent of one of your parents or the holder of parental authority, which must be sent to us by email at rgpd@diampark.io.
If you believe that we hold personal data about your children without your consent, we invite you to contact us at the dedicated address detailed above.
Why do we process your personal data and on what basis?
We process your personal data mainly for the following reasons:
- To navigate our website, benefit from our services, and allow us to respond to your requests (e.g., information requests, complaints, etc.) based on our terms of use and our legitimate interest in providing you with the best possible service.
- To contact us via our contact form based on our legitimate interest in providing you with the best possible service.
- To follow and comment on our publications on social networks based on our legitimate interest in having a dedicated page on social networks.
- To ensure and enhance the security and quality of our services daily (e.g., statistics, data security, etc.) based on our legal obligations, our terms of use, and our legitimate interest in ensuring the proper functioning of our services.
How did we obtain your personal data?
Your data is collected directly from you as soon as you are a customer of our services or a 'simple' visitor to our site diampark.io, and we commit to processing your data only for the reasons described above.
However, as soon as you voluntarily post content on the pages we manage on social networks, you acknowledge being fully responsible for any personal information you may provide, regardless of the nature and origin of the provided information.
What personal data do we process and for how long?
We have summarized below the categories of personal data and their respective retention periods:
- Personal identification data (e.g., name, first name, etc.) and contact details (email address) are kept for the entire duration of the service provision, plus the legal prescription periods, which are generally 5 years.
- Email address within the framework of our email marketing campaigns is kept for a maximum duration of 3 years from the last contact we had with you.
- Connection data (e.g., logs, IP address, etc.) is kept for a duration of 1 year.
- Cookies are generally kept for a maximum duration of 13 months. For more details on how we use your cookies, you can consult our cookie policy, accessible at any time on our website.
Upon the expiration of the applicable retention periods, the deletion of your personal data is irreversible, and we will no longer be able to communicate them to you after this period. At most, we may only retain anonymized data for statistical purposes.
Please also note that in the event of a dispute, we are obligated to retain all your personal data for the entire duration of the case processing, even after the expiration of their described retention periods.
What rights do you have to control the use of your personal data?
The applicable data protection regulations grant you specific rights that you can exercise at any time and free of charge to control the use of your data.
- Right of access and copy of your personal data as long as this request does not conflict with trade secrets, confidentiality, or the secrecy of correspondence.
- Right to rectify personal data that is incorrect, outdated, or incomplete.
- Right to object to the processing of your personal data for commercial prospecting purposes.
- Right to request the erasure ('right to be forgotten') of your personal data that is not essential for the proper functioning of our services.
- Right to restrict the processing of your personal data, which allows you to freeze the use of your data in case of a dispute over the legitimacy of processing.
- Right to data portability, which allows you to recover some of your personal data to store or transfer them easily from one information system to another.
- Right to give instructions on the fate of your data in the event of death either through you or through a trusted third party or an heir.
For a request to be considered, it must be made directly by you to the address rgpd@diampark.io. Any request that is not made in this way cannot be processed.
Requests cannot come from anyone other than you. Therefore, we may ask you to provide proof of identity if there is any doubt about the identity of the requester.
We will respond to your request as soon as possible, but no later than three months from its receipt in case the request is technically complex or if we receive many requests at the same time.
Please note that we may always refuse to respond to any excessive or unfounded requests, particularly considering their repetitive nature.
Who can access your personal data?
Your personal data is processed by our teams and our technical service providers solely to operate our service.
We ensure that we check all our technical service providers before recruiting them to ensure they strictly comply with the applicable personal data protection rules.
MOREOVER, WE GUARANTEE THAT WE DO NOT TRANSFER OR SELL YOUR DATA TO THIRD PARTIES OR COMMERCIAL PARTNERS.
Can your personal data be transferred outside the European Union?
The personal data processed by our website is exclusively hosted on servers located within the European Union.
Furthermore, we do our best to use only technical tools whose servers are also located within the European Union. However, if this is not the case, we ensure that they implement the appropriate guarantees required to ensure the confidentiality and protection of your personal data.
How do we protect your personal data?
We implement all the necessary technical and organizational measures to guarantee the security of your personal data daily and, in particular, to combat any risk of destruction, loss, alteration, or disclosure.
Do we use cookies when you browse our website?
We inform you that we use cookies when you browse our website. For more information, we invite you to consult our Cookie Policy.
Who can you contact for more information on the use of your personal data?
To best ensure the protection and integrity of your data, we have officially appointed an independent Data Protection Officer ('DPO') with our supervisory authority.
You can contact our DPO at any time and free of charge at the address rgpd@diampark.io to obtain more information or details on how we process your data.
How can you contact the CNIL?
You can contact the 'Commission nationale de l'informatique et des libertés' or 'CNIL' at any time using the following contact details: CNIL Complaints Service, 3 Place de Fontenoy – TSA 80751, 75334 Paris Cedex 07 or by phone at 01.53.73.22.22.
Can the Privacy Policy be changed?
We may change our Privacy Policy at any time to adapt it to new legal requirements and new processing operations that we may implement in the future.