PRIVACY POLICY

ITYSS, a simplified joint stock company with capital of €345,672.00, having its registered office at 59, allée Jean Jaurès CS21531, 31015 Toulouse Cedex 6 – France, registered with the Toulouse Trade and Companies Register under number 803 444 603, attaches great importance to the protection of your personal data. ITYSS carefully ensures compliance with the protective provisions relating to privacy and the processing of personal data, in accordance with the General Data Protection Regulation and Law No. 78-17 of 6 January 1978 relating to information technology, files and freedoms. The purpose of this Privacy Policy is to inform Data Subjects of the existence of the Processing Operations implemented by ITYSS in its capacity as Data Controller and the methods used to implement them.

DEFINITIONS

Subscriber: refers to any natural person of legal age registered on the Website and/or contracting with ITYSS to use the TAMPLO service (within the meaning of the GTCU accessible by clicking here);

Intermediate Storage: refers to the transfer of Personal Data that is still of administrative interest to ITYSS (such as in the event of a dispute) and/or in the event of a legal obligation, to a separate database, logically or physically separated and to which access is restricted in any event. This archive is an intermediate step before the deletion or anonymisation of the Personal Data concerned.

GTCU: refers to the General Terms and Conditions of Sale and Use, which can be accessed by clicking here;

Account: refers to the personal account created by any Subscriber on the Website (within the meaning of the GTCU, which can be accessed by clicking here);

Personal Data: refers to the personal data of the Data Subject, within the meaning of the Personal Data Regulations, collected and processed by ITYSS in connection with the use of the Website;

Specific Rights: refers to the rights granted by Personal Data Regulations to Data Subjects concerning the Processing of their Personal Data;

ITYSS: refers to the company, acting as Data Controller, referred to in the legal notices accessible by clicking here;

Data Subject: refers to the natural person (Subscriber as defined in the GTCU and User as defined in this Privacy Policy) whose Personal Data is processed by ITYSS. refers to this privacy and personal data protection policy for Data Subjects implemented by ITYSS, which forms an integral part of the GTCU.

Privacy Policy: refers to this privacy and personal data protection policy for Data Subjects implemented by ITYSS, which forms an integral part of the GTCU.

Personal Data Regulations: refers to Law No. 78-17 of 6 January 1978 on information technology, files and civil liberties, pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation).

Data controller: refers to the natural or legal person who determines the purposes of Processing and the means of implementing it;

Website: refers to the website accessible at the URL: https://www.tamplo.com, on which this Privacy Policy is hosted

Processing: refers to any operation or set of operations carried out by ITYSS in its capacity as Data Controller based on the Personal Data collected from the Website.

Terminal(s): refers to the hardware equipment (computer, tablet, smartphone, telephone, etc.) used by the Data Subject to consult or view the Website and/or any other digital media published by a third party.

Users: refers to all users and visitors to the Website, including Subscribers (as defined in the GTCU, which can be accessed by clicking here).

2. PROCESSING OF YOUR PERSONAL DATA

We use your Personal Data to enable you to access the Website, use it and improve it, and to enable ITYSS to:

  • Create and manage the Account: this Processing is based on the legitimate interest of ITYSS, for which Personal Data is kept for a period of 2 years from the last contact with the Data Subject;
  • Carry out operations relating to its commercial relationship with the Data Subject, concerning invoices and accounting: this Processing is based on the contractual performance of the GTCSU, for which Personal Data is kept for the duration of the financial year and then archived for a period of 10 years from the end of the financial year;
  • Carry out commercial communication operations, in particular by sending newsletters to Users: this Processing is based on the consent of the Data Subjects, for which Personal Data is kept for a period of 3 years from the last contact with the Data Subject;
  • Maintaining the relationship with the Subscriber, which includes managing complaints: this Processing is based on the contractual performance of the GTCSU, for which Personal Data is retained for the duration of the subscription;
  • Using the Website: this Processing is based on ITYSS’s legitimate interest in allowing Users to browse the Website, for which Personal Data is retained for the duration of browsing on the Website;
  • Receiving a demonstration of the Tamplo service: this Processing is based on ITYSS’s legitimate interest in allowing Users to try out the Tamplo service, for which Personal Data is retained for a period of three years from the last contact with the data subject;
  • Compiling commercial statistics, analyses and marketing tools (including classification, scoring, etc.): this Processing is based on the consent of the Data Subjects, for which Personal Data is retained for a period of thirteen months;
  • Management of requests to exercise Specific Rights under the conditions set out in Article 8 – Specific Rights: this Processing is based on a legal obligation incumbent on ITYSS, for which Personal Data is kept in an active database for the duration of the request processing, then in intermediate storage for a period of 5 years;
  • Management of unpaid debts and disputes: this processing is based on the legitimate interest of ITYSS, for which personal data is retained for a period of five years.
  • Combating fraud: this processing is based on a legal obligation incumbent on ITYSS, for which personal data is retained for a period of six years.

This processing is carried out in accordance with the Personal Data Regulations. Each User is invited to read this Privacy Policy:

  • Generally, when browsing the Website;
  • When creating an Account on the Website.

3. COLLECTION OF YOUR PERSONAL DATA

ITYSS collects your Personal Data when you browse the Website, when you create an Account and then when you complete it over time, the following categories of Personal Data that the Data Subject provides or communicates when browsing:

  • Identification data: surname, first name, postal address, email address, telephone number;
  • Economic and financial information: bank details, billing data;
  • Connection data (username used on the Website, date, time, IP address, pages viewed) of the Data Subject when browsing the Website;

4. STORAGE OF PERSONAL DATA

The Website is hosted by the company whose contact details are available by clicking here ‘Hyperlink to legal notices’. Every precaution has been taken to store the Personal Data of Data Subjects in a secure environment and to prevent it from being distorted, damaged or accessed by unauthorised third parties. The information provided by the Data Subject will never be passed on to third parties for commercial purposes, nor will it be sold or exchanged.

5. RECIPIENTS OR CATEGORIES OF RECIPIENTS

As part of our business, we may use subcontractors to provide certain services on our behalf. As a result, some of your Personal Data may be transferred. However, our subcontractors may not use your Personal Data for any purpose other than those requested. The information collected in this way is reserved for the exclusive use of ITYSS and the following subcontractors:

  • responsible for secure online payment,
  • responsible for processing Subscriber invoices,
  • responsible for hosting the Website,
  • responsible for technical support,
  • provision of a CRM database to ITYSS.

As Data Controller, ITYSS undertakes not to transfer Personal Data outside the European Union. In the event that the data is transferred, ITYSS undertakes to put in place appropriate safeguards, in accordance with the European General Data Protection Regulation (GDPR), and in particular to implement standard contractual clauses adopted by the European Commission in their current version.

Recipient of Personal Data Nature of data transferred Purpose of the proposed transfer Location of data Level of protection offered by the country or exception provided for by Personal Data Regulations
Lyra Network Economic and financial information Secure online payment France N/A
PWA SARL Identification data and economic and financial information Invoice processing France N/A
OVH All Personal Data processed from the Website Website Hosting France N/A
Zoho All Personal Data processed from the Website Management of commercial relations using a dedicated tool Europe N/A

6. HYPERTEXT LINKS

On the Website, Users can access social networks (Facebook, LinkedIn, YouTube) via hypertext links. If the User decides to access them from the Website, they leave the Website. ITYSS invites Users to consult the privacy policy of the social network concerned in order to understand how their data is shared and used in this context.

7. RESPECT FOR DATA SECURITY AND CONFIDENTIALITY

In accordance with Personal Data Regulations, ITYSS implements all appropriate technical, physical and organisational measures, given the nature of the data and the risks involved in processing it, to preserve the security and confidentiality of Users’ personal data, in particular to prevent it from being distorted, damaged or accessed by unauthorised third parties.

8. SPECIFIC RIGHTS

In accordance with the Personal Data Regulations, the Data Subject may, at any time, exercise the following Specific Rights:

  • Access. You may ask the data controller to confirm whether they are processing your data and, if so, to inform you of the characteristics of the processing, allow you to access it and obtain a copy of it.
  • Rectification. You may ask the data controller to rectify or complete your data if it is incorrect or incomplete.
  • Objection. You may object to the processing of your personal data if the processing is based on legitimate interest or on consent for the sending of the newsletter.
  • Erasure. You may ask the data controller to erase your data in the following cases: when it is no longer necessary for the purposes for which it was collected; following the exercise of your right to object; your data has been unlawfully processed; or to comply with a legal obligation.
  • Restriction. You may ask the data controller to restrict the processing of your data (i.e. to store it without using it) when: its accuracy is disputed; its processing is unlawful but you do not want it to be deleted; it is still necessary for the establishment, exercise or defence of legal claims; the data controller is verifying whether there are compelling grounds for processing the data in relation to your right to object. The data controller may continue to use your data following a request for restriction: with your consent; for the establishment, exercise or defence of legal claims; or to protect the rights of any other natural or legal person.
  • Portability. You may request that the data controller provide you with your data in a structured, commonly used and machine-readable format, or you may request that it be transmitted directly to another data controller, provided that the processing is based on the performance of a contract concluded with you and that the processing is automated.
  • Post-mortem instructions. You have the option of providing ITYSS with instructions regarding the storage, deletion and disclosure of your Personal Data after your death, which instructions may also be registered with a ‘certified digital trustee’. These instructions, or a kind of ‘digital will’, may designate a person responsible for their execution; failing that, your heirs will be designated. In any event, you may inform ITYSS at any time that you do not wish your Personal Data to be communicated to a third party in the event of your death.

9. EXERCISING SPECIFIC RIGHTS

These rights may be exercised at any time by contacting ITYSS:

  • By email to the following address: info@tamplo.com
  • By post to the following address: ITYSS, 59 allée Jean Jaurès CS21531, 31015 Toulouse Cedex 6 – France.

In order to exercise their rights under the above conditions, and in the event that ITYSS has doubts about the identity of the person making the request, ITYSS may ask them to prove their identity by providing their surname, first name and email address, and to accompany their request with a copy of a valid identity document. A response will be sent to the Data Subject within a maximum of one (1) month from the date of receipt of the request. If necessary, this period may be extended by two (2) months by ITYSS, which will notify the Data Subject, taking into account the complexity and/or number of requests. In the event of a request by the Data Subject to delete their Personal Data and/or in the event of the exercise of their right to request the erasure of their Personal Data, ITYSS may nevertheless retain them in the form of Intermediate Archiving for the period necessary to fulfil its legal obligations, or for evidentiary purposes during the applicable limitation period. The Data Subject may also lodge a complaint with the competent supervisory authority (the CNIL).

10. PASSWORD SECURITY

ITYSS takes all necessary precautions to ensure the secure storage of the Data Subject’s password. However, the security of this password also depends on its design. Therefore, the Data Subject is reminded that, in order to be valid, their password must consist of at least 8 characters, including at least 3 of the following 4 types: upper-case letters, lower-case letters, numbers, special characters Mnemonic devices can be used to create complex passwords, such as:

  • Keeping only the first letters of the words in a sentence; for example, the sentence ‘A Password is easy to remember!’ corresponds to the password 1mdp@sr!
  • Capitalising the first letter of each word if it is a noun (e.g. word)
  • Keeping punctuation marks (e.g. !)
  • Expressing numbers using the digits 0 to 9 (e.g. One ->1)

Version effective as of: 10/11/2022

tamplo
Copyright © 2026 | TAMPLO
tamplo
Copyright © 2026 | TAMPLO
tamplo
Copyright © 2026 | TAMPLO