Privacy Policy
What is the purpose of our Confidentiality Policy?
Ummon HealthTech SAS, which manages the website www.ummon.health , attaches great importance to the protection and confidentiality of your personal data, which we consider to be a guarantee of reliability and trust
In this respect, our Privacy Policy is a clear demonstration of our desire to ensure that Ummon HealthTech SAS complies with the rules applicable to the protection of personal data and, more specifically, those of the General Data Protection Regulation ("GDPR").
In particular, our Privacy Policy aims to inform you about how and why we process your personal data in connection with the services we provide to you.
Who is our Privacy Policy intended for?
Our Privacy Policy applies to you, regardless of where you live, as long as you are at least 15 years old, whether you are one of our customers or simply a visitor to the website www.ummon.health .
If you are under the legal age detailed above, you are not authorised to use our services without the prior and explicit consent of one of your parents or the holder of parental authority, which must be sent to us by email to dpo@ummon.health.
If you believe that we are holding personal data about your children without your consent, please contact us at the dedicated address detailed above.
Does our Privacy Policy apply to candidates for a position with us?
If you are a candidate for a position within Ummon HealthTech SAS, you should consult our "candidate" policy, which can be accessed at any time on our dedicated page at www.ummon.health and which details the processing carried out as part of our recruitment process.
Why do we process your personal data and on what basis?
We process your personal data mainly for the following purposes:
- browse our website, benefit from our services and so that we can respond to your requests (e.g. requests for information, complaints, etc.) on the basis of our general terms of use and our legitimate interest in providing you with the best possible service.
- follow us and comment on our publications on social networks on the basis of our legitimate interest in having a dedicated page on social networks.
- allow documents to be downloaded on the basis of our general conditions of use.
How did we obtain your personal data?
Your data is collected directly from you when you are a customer of our services or a "simple" visitor to our website www.ummon.health and we undertake to process your data only for the purposes described above.
Your personal data may also be processed indirectly in connection with trade fairs or social networks (e.g. LinkedIn).
On the other hand, when you voluntarily publish content on the pages that we publish on social networks, you acknowledge that you are entirely responsible for any personal information that you may transmit, whatever the nature and origin of the information provided.
What personal data do we process and for how long?
We have summarised the categories of personal data and their respective retention periods below:
- Professional identification data (e.g. surname, first name, position, company, etc.) and contact details (e.g. e-mail address and business telephone number, etc.) kept for the entire duration of the service, plus the statutory limitation periods, which are generally 5 years.
- When there is confusion between the name of your organisation and your personal name (e.g. auto-entrepreneur, VSE, etc.), economic and financial data (e.g. bank account number, verification code, etc.) kept for the time required for the transaction and for managing invoicing and payments, plus the statutory limitation periods, which are generally 5 to 10 years.
- Connection data (e.g. logs, IP address, etc.) retained for 1 year.
- Cookies are generally kept for a maximum of 13 months. For more details on how we use your cookies, you can consult our cookies policy, which can be accessed at any time on our website.
Once the applicable retention periods have expired, the deletion of your personal data is irreversible and we will no longer be able to communicate it to you. At the most, we may only keep anonymous data for statistical purposes.
Please also note that in the event of a dispute, we are obliged to keep all your personal data for as long as the case is being processed, even after the retention periods described above have expired.
What rights do you have to control the use of your personal data?
The applicable data protection regulations give you specific rights which you can exercise, at any time and free of charge, to control the use we make of your data.
- The right to access and copy your personal data, provided that this request does not conflict with business secrecy, confidentiality or the confidentiality of correspondence.
- The right to rectify any personal data that is incorrect, obsolete or incomplete.
- The right to object to the processing of your personal data for commercial prospecting purposes.
- The right to request the deletion ("right to be forgotten") of your personal data that is not essential for the proper functioning of our services.
- The right to limit your personal data, which allows you to photograph the use of your data in the event of a dispute over the legitimacy of processing.
- The right to data portability, which allows you to recover part of your personal data so that it can be easily stored or transmitted from one information system to another.
- The right to give instructions on what should happen to your data in the event of your death, either through you or through a trusted third party or beneficiary.
For a request to be taken into account, it must be sent directly by you to dpo@ummon.health. Any request that is not made in this way cannot be processed.
Requests cannot come from anyone other than you. We may therefore ask you to provide proof of identity if there is any doubt about the identity of the person making the request.
We will respond to your request as quickly as possible, subject to a maximum of three months from receipt if the request is technically complex or if we receive many requests at the same time.
Please note that we can always refuse to respond to any excessive or unfounded request, particularly if it is repetitive.
Who can access your personal data?
Your personal data is processed by our teams and by our technical service providers for the sole purpose of operating our service.
We would like to point out that we check all our technical service providers before recruiting them to ensure that they scrupulously comply with the applicable rules on the protection of personal data.
WE GUARANTEE THAT WE WILL NEVER TRANSFER OR SELL YOUR DATA TO THIRD PARTIES OR COMMERCIAL PARTNERS.
Can your personal data be transferred outside the European Union?
The personal data processed by our website is exclusively hosted on servers located within the European Union.
Furthermore, we do our utmost to use only technical tools whose servers are also located within the European Union. If this is not the case, we scrupulously ensure that they implement the appropriate guarantees required to ensure the confidentiality and protection of your personal data.
How do we protect your personal data?
We implement all the technical and organisational means required to guarantee the security of your personal data on a day-to-day basis and, in particular, to combat any risk of destruction, loss, alteration or disclosure.
Do we use cookies when you browse our website?
Please note that we use cookies when you browse our website. For more information, please consult our cookies policy.
Who can you contact to obtain more information about the use of your personal data?
To guarantee the protection and integrity of your data, we have officially appointed an independent Data Protection Officer ("DPO") to our supervisory authority.
You can contact our DPO free of charge at any time at dpo@ummon.health to obtain more information or details on how we process your data.
How can you contact the CNIL?
You may at any time contact the "Commission nationale de l'informatique et des libertés" or "CNIL" at the following address: CNIL Complaints Department, 3 place de Fontenoy - TSA 80751, 75334 Paris Cedex 07 or by telephone on 01.53.73.22.22.
Can the Confidentiality Policy be modified?
We may amend our Privacy Policy at any time to adapt it to new legal requirements and to new processing operations that we may implement in the future.
Certified by Dipeeo ®.