Last updated on July 15, 2019
The Data Protection Policy is intended to inform you about the policy conducted by Topitto Blog regarding the protection of personal data and the rights related to the personal data you have. By using our Services, Sites, and/or Applications, you declare that you accept the terms of this Data Protection Policy. If you disagree with any of its terms, you are free to discontinue using our Services, Sites, and/or Applications.
Definitions and Scope
1.1. Definitions
"Application": refers to the online public communication services, published by companies of the Topitto Blog Group, accessible to a User via the interface previously downloaded from the Android Play Store® and/or the Apple App Store®. The Applications provide access to the Services.
"User Account": refers to a space reserved for the User accessible after registration on our Services via an identifier (email address) and a confidential password, allowing, among other things, (i) access to certain content on the Services and/or (ii) participation in contests and/or (iii) participation in a Club des Expertes test and/or (iv) enjoying other features reserved for registered users.
"Cookies" cover all non-executable text files, trackers, web beacons, and other technologies, such as transparent GIFs, clear GIFs, or web bugs, deposited on the browser of the device (computer, tablet, smartphone, etc.) by companies of the Topitto Blog Group, subcontractors, or by Partners, subject to the consent given by the User during continued navigation within the Services via the Sites and/or Applications. The information contained in this file can only be read and/or modified by its issuer.
"Navigation Data" means all data related to a device at a given time, even if we do not directly know which device you are using or who you are at a given time. Under the collected Navigation Data, the following data may be collected:
The identification and content of a cookie file stored by us/by our Partners on your device;
The IP address of the device connected to the Service(s);
The date and time and duration of connection of a device to an element of the Service(s);
The Internet address of the page of origin of the device accessing the Service(s);
The type of operating system of the device (e.g., Windows, MacOS, Linux, Unix, BeOS, etc.);
The type and version of the browsing software used by the device (Internet Explorer, Firefox, Safari, Chrome, Opera, etc.);
Possible download errors;
The language of use of the browsing software used by the device.
"Personal Data" means any information relating to an identified or identifiable natural person, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, an online identifier, etc. Regarding our Services, "Personal Data" means all data that relates to you alone at a given time, regardless of the device you are using.
"Topitto Blog" refers to the company GAIA MEDIAS and all companies, directly or indirectly controlled by GAIA MEDIAS, within the meaning of Article L233-3 of the Commercial Code.
"Partner(s)" refers to any company, other than a Subcontractor, selected by one of the companies of the Topitto Blog Group, with which it has contracted, in order to frame the provision and protection of Personal Data.
"Service(s)" refers to any online public communication service and/or content made available by the companies of the Topitto Blog Group.
"Sites" refers to the online public communication service(s), published by the companies of the Topitto Blog Group, accessible by a User via their connecting device and located at the URL(s) mentioned above and/or any other address that may be added or substituted. The Site(s) allow(s) access to the Service(s).
"Subcontractor(s)" refers to any company that may process Personal Data or Navigation Data on behalf of one of the companies of the Topitto Blog Group, in accordance with the instructions given by it/them.
"User" refers to any natural person sixteen (16) years of age or older, accessing the Services, Sites, and/or Applications, on a non-professional and non-commercial basis.
1.2. Scope
The Data Protection Policy applies to any User of the following Services:
Topitto Blog , accessible at the following URL: www.Topitto.com
The Data Protection Policy does not apply to the websites of our Partners, nor to the practices of third-party companies to the Topitto Blog Group on which the Topitto Blog Group has no control.
Identity and contact details of the data controller and the data protection officer
2.1. Identity and contact details of the data controller
GAIA MEDIAS, 250 Bd de Bordeaux, Casablanca
2.2. Contact details of the data protection officer
The data protection officer of the companies of the Topitto Blog Group can be reached at [email protected]
How do we collect your Personal Data?
We collect and process your Personal Data with your consent, to perform the contract concluded with you (acceptance of the General Terms of Use of our Services), and based on our legitimate interest. When creating a User Account or subscribing to certain services accessible on our Sites and/or Applications (such as a contest, a newsletter subscription, etc.), you are informed of the collection and processing of Personal Data concerning you through an information notice. Furthermore, you consent to the collection and processing of your Personal Data, as specified below, by accepting this Data Protection Policy, accessible on the form for collecting your Personal Data.
What information do we collect?
Personal Data collected directly from you:
Among the Personal Data collected directly from you, during registration or use of the Services, we may collect the following data:
Name, first name, gender, email address, postal code, age;
Usernames, pseudonyms, and passwords;
Information about the means of payment (such as credit card number) for the relevant Services;
Interests and preferences in commercial prospecting;
Date(s) of participation and response(s) provided as part of participation in a contest;
Comments, reviews of our Services, Sites, and/or Applications;
During your browsing on our Sites and/or Applications, we may collect, in accordance with applicable law and with your consent, Navigation Data. To collect this information, we use cookies. To learn more about this, we invite you to refer to our Cookie Policy.
Personal Data collected indirectly:
In addition, we may collect Personal Data, indirectly, from third parties, especially when you are offered to create a User Account by associating it with your Facebook account.
In the context of your connection request, using third-party social media credentials (Facebook), certain Personal Data that you have shared with these social networks may be transmitted to us by the publishers of these third-party services, in accordance with the terms of use of the respective social network. These Personal Data may include, but are not limited to, your name, first name, email address, postal code, "likes," etc. When connecting to your User Account, you are invited to review and set restrictions on the transmission of Personal Data concerning you.
We commit to respecting the privacy rules you have defined during your registration on third-party social networks, which you can modify at any time on those platforms. The Personal Data you provide to us through your third-party social media credentials (Facebook) in the creation of a User Account is not shared with the publishers of these third-party services.
For what purposes do we collect your Data?
The Personal Data we collect directly from you, especially during the creation of a User Account or the use of our Services, may be processed for the following purposes:
- Create and manage your User Account, allow you to access the content of the Sites and/or Applications, and benefit from the Services (subscription to a newsletter, participation in a contest, etc.) to which you have subscribed;
- Perform management operations regarding orders and the delivery of content, billing, and the follow-up of this customer relationship;
- Detect actions performed within the framework of our paid Services that have been reported as potentially fraudulent;
- Send you, in accordance with applicable legal provisions and with your consent when required by law:
- Marketing, advertising, and promotional messages about our Services, Sites, and/or Applications or those of our Partners to whom we may have communicated Personal Data about you;
- Information about the use, news, and developments of our Services, Sites, and/or Applications;
- Suggest and advise you on content, products, or services that may interest you through the establishment of User profiles.
The Navigation Data we collect when using our Services may be processed for the following purposes:
- Globally enable you to navigate and consult our Sites and/or Applications, adapt the content or display of our Services to your device to improve your navigation and optimize our Sites and/or Applications;
- Remember information about a form already filled out (e.g., your User Account) or about products, services, or information from our Services (e.g., viewed content, etc.);
- Personalize our content and advertisements based on your interests;
- Establish statistics and audience measurements on the attendance of our Sites and/or Applications;
- Enable you to share on social networks;
- Evaluate the effectiveness of the advertising messages we send;
- Ensure the security of our Services, Sites, and/or Applications by detecting/tracing any attempt at malicious activity, computer intrusion, or violation of the Terms of Use;
- Fulfill our legal obligations, respond to any requests from third parties authorized by law to ask us to disclose Navigation Data and/or Personal Data of Users of our Services.
How long are your Personal Data kept?
6.1. Except for the categories of Personal Data referred to in sections 6.2 to 6.5, your Personal Data is kept for the following periods:
- One (1) year after the closure of your User Account or the end of the contractual relationship, if applicable;
- Three (3) years after your last use of our Services, Sites, and/or Applications, if you have not closed your User Account (inactive account);
6.2. Payment card data is kept for the duration of the transaction, then archived for thirteen (13) months from the date of the debit or fifteen (15) months for deferred debit cards, for evidence purposes, in the event of a transaction dispute.
6.3. Identity documents that you provide to us in the exercise of your rights are kept for a period of one (1) year from the request.
6.4. Cookies deposited on your device are kept for thirteen (13) months from the first deposit on the device. For more information about managing cookies, please refer to our Cookie Policy.
6.5. Navigation Data is kept for a period of thirteen (13) months from the collection.
Who has access to your Personal Data?
The following entities may have access to your Personal Data:
- The editor of the Service, as the data controller for the Services; other entities of the Topitto Blog Group as data recipients; GAIA MEDIAS as joint controllers;
Within the companies of the Topitto Blog Group, only certain of our employees have access to your Personal Data, only when necessary, and they are subject to strict confidentiality obligations.
Subcontractors, whom we call upon for technical services, payment services, analytical solutions providers, etc.;
Partners: advertisers, advertising agencies, data brokers, and any other recipient who has entered into a contract with the relevant entity of the Topitto Blog Group governing the provision of data or a data protection agreement;
Third parties, in limited cases regulated by law, such as judicial and/or administrative authorities, your internet service provider.
Your choices regarding content customization, targeted advertising, and email prospecting
8.1. User's personalized experience
We inform you that your Personal Data may be subject to two types of processing operations:
A combination with Navigation Data or other relevant information in the possession of the Topitto Blog Group, strictly necessary for the achievement of the processing purposes concerning you;
Profiling, for the purpose of personalization/recommendation of content and targeted advertising. In this regard, we inform you that we analyze the data you provide to us or generate in the use of our various Services, in order to build profiles (segments) corresponding to your interests.
As a prerequisite for implementing the personalization/recommendation of content, all of these operations are necessary for the performance of the contract concluded with you, aiming to offer you a personalized experience. Furthermore, it is in our legitimate interest to carry out these operations, as they also allow us to broadcast advertisements to you based on your profile and identified interests. Targeted advertising is an important source of funding for all our free services.
When an advertiser tries to reach a specific target audience, we may create audience segments (profiles), such as a group of people with a particular age (e.g., 16-34 years old) or a group of people with a specific interest (e.g., chocolate enthusiasts). However, these segments are not shared with the advertiser in a way that allows individuals to be directly identified. We also inform our advertisers how many people within the target audience have seen their specific advertisements, and we can provide them with your IP address so they can verify that the number of views is correct. This allows advertisers to assess the effectiveness of their advertising. We may also share with some of our advertisers, who have entered into a data provision contract with us, your Pseudonymized Navigation Data and Personal Data to help them better target ads on our Services. "Pseudonymization" means that the relevant Personal Data is converted into a coded version so that it can no longer be attributed to a specific data subject without additional information. For example, we may create temporary advertiser IDs for our users that we share with advertisers so they can limit the number of times you see a particular ad. However, advertisers cannot directly identify you from these IDs. You can oppose, at any time, the profiling of your Personal Data for targeted advertising purposes by:
Visiting your User Account, "Edit My Personal Information" section, and checking the following box: "I no longer wish