Article 1: Preamble This privacy policy applies to the website: kitae.us

The purpose of this privacy policy is to inform users of the website about: How their personal data is collected and processed. Personal data refers to any data that could identify a user. This includes, but is not limited to, first and last name, age, postal address, email address, user location, or IP address;

What rights users have regarding this data;

Who is responsible for processing the collected and processed personal data;

To whom this data is transmitted;

Possibly, the site’s policy regarding « cookies » files.

This privacy policy complements the legal notices and the General Terms of Use that users can consult at the following address: www.kitae.us/politique-de-confidentialite.

Article 2: General principles regarding the collection and processing of data In accordance with the provisions of Article 5 of the European Regulation 2016/679, the collection and processing of user data on the site comply with the following principles:

Lawfulness, fairness, and transparency: Data can only be collected and processed with the consent of the user who owns the data. Whenever personal data is collected, the user will be informed that their data is being collected and for what reasons it is being collected;

Limited purposes: Data collection and processing are carried out to meet one or more specific objectives outlined in the terms of use;

Minimization of data collection and processing: Only data necessary for the proper execution of the objectives pursued by the site are collected;

Limited data retention: Data is kept for a limited period, as informed to the user. If the retention period cannot be communicated to the user;

Integrity and confidentiality of collected and processed data: The data controller undertakes to ensure the integrity and confidentiality of the collected data.

In order to be lawful, and in accordance with the requirements of Article 6 of European Regulation 2016/679, the collection and processing of personal data may only occur if they meet at least one of the following conditions: The user has expressly consented to the processing;

Processing is necessary for the performance of a contract;

Processing complies with a legal obligation;

Processing is necessary to protect the vital interests of the data subject or another natural person;

Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority;

Processing and collection of personal data are necessary for the purposes of the legitimate interests pursued by the data controller or by a third party.

Article 3: Personal data collected and processed during website browsing DATA COLLECTED AND PROCESSED AND MODE OF COLLECTION

The personal data collected on the website « kitae.us » are as follows:

First name, last name, email address, data related to IP address, device, or browser.

This data is collected when the user performs one of the following operations on the site: https://kitae.us/

Sending an email via the form, subscribing to the newsletter, or browsing the website (Analytics)

The data controller will keep all collected data in its computer systems of the site and under reasonable security conditions for a duration of: 2 years.

The collection and processing of data serve the following purposes: Data concerning first name, last name, and email address are kept for information and commercial prospecting.

Data related to IP address, device, or browser, and activities performed on the site are collected to measure user interactions on the website and generate reports on these statistics.

TRANSMISSION OF DATA TO THIRD PARTIES

The personal data collected by the site are not transmitted to any third parties and are processed only by the site’s publisher.

DATA HOSTING

The website « www.kitae.us » is hosted by:

HOST:

Ex2, headquartered at: CP 20031 BP Pharmacie Brunet, Chicoutimi, Quebec G7H 7S2, Canada.

Article 4: Data controller and data protection officer DATA CONTROLLER

The data controller for personal data is: Alexandre OLIVAUD. He can be contacted as follows: contact@greenimpulse.fr

The data controller is responsible for determining the purposes and means of processing personal data.

RESPONSIBILITIES OF THE DATA CONTROLLER

The data controller undertakes to protect the personal data collected, not to transmit it to third parties without informing the user, and to respect the purposes for which this data was collected.

The site has an SSL certificate to ensure that information and data transfer through the site are secure.

An SSL certificate (« Secure Socket Layer » Certificate) is intended to secure data exchanged between the user and the site.

In addition, the data controller undertakes to notify the user in case of rectification or deletion of data, unless this would entail disproportionate formalities, costs, and procedures for him.

In case the integrity, confidentiality, or security of the user’s personal data is compromised, the data controller undertakes to inform the user by any means.

DATA PROTECTION OFFICER

Furthermore, the user is informed that the following person has been appointed Data Protection Officer: Alexandre OLIVAUD.

The role of the Data Protection Officer is to ensure the proper implementation of national and supranational provisions regarding the collection and processing of personal data. It is sometimes referred to as DPO (Data Protection Officer). The Data Protection Officer can be contacted as follows: contact@greenimpulse.fr

Article 5: User Rights In accordance with the regulations regarding the processing of personal data, the user has the following rights.

For the data controller to fulfill his request, the user must provide: his first name, last name, and email address.

The data controller is obliged to respond to the user within a maximum period of 30 (thirty) days.

PRESENTATION OF USER RIGHTS REGARDING THE COLLECTION AND PROCESSING OF DATA

Right of access, rectification, and erasure: The user can access, update, modify, or request the deletion of data concerning him, by following the procedure below: For any unsubscribe from the newsletter or modification of your personal data, please send an email to contact@greenimpulse.fr

Right to data portability:

The user has the right to request the portability of his personal data, held by the site, to another site, by following the procedure below: Any request for portability of your information must be made to the following address: contact@greenimpulse.fr

Right to restriction and objection to data processing:

The user has the right to request restriction or objection to the processing of his data by the site, without the site being able to refuse, except to demonstrate compelling legitimate grounds, which override the interests, rights, and freedoms of the user. To request restriction of data processing or to object to data processing, the user must follow the following procedure: Any request to restrict the processing of your information or to object to its processing must be made to the following address: contact@greenimpulse.fr

Right not to be subject to a decision based solely on automated processing.

In accordance with the provisions of Regulation 2016/679, the user has the right not to be subject to a decision based solely on automated processing if the decision produces legal effects concerning him or significantly affects him in a similar way.

Right to determine the fate of data after death. The user is reminded that he can determine the fate of his collected and processed data upon his death, in accordance with Law No. 2016-1321 of October 7, 2016. Right to appeal to the competent supervisory authority

In case the data controller decides not to