Thank you for visiting our Website. The protection and security of our users’ personal data is a fundamental concern for Généthon. This Personal Data Protection Policy explains which data will be collected when you visit our Website and how it is processed.
A. About us
Généthon is the research laboratory of AFM Téléthon, specialising in gene therapy.
In order to ensure compliance with these rules, Généthon has appointed a Data Protection Officer or DPO. This person is the main interlocutor for the National Data Protection Commission [Commission nationale de l’informatique et des libertés, CNIL] and the contact person in the organisation regarding personal data protection matters.
Relevant information regarding your personal data and its processing will also be provided to you at the time it is collected for each type of processing, when you fill out our forms.
B. How you are impacted by this policy
- You are a regular visitor to the Généthon site (www.genethon.fr);
- You have a question and have contacted Généthon through one of our contact forms (ex: form from the DNA Learning Centre);
- You are a candidate through Talent Soft;
If your situation does not match one of the above profiles (you are affected by the disease, in contact with our support services, you are a volunteer, scientist, etc.), the procedures for and purposes of the processing of your personal data are also described at the time your personal data is collected. You can also contact your normal points of contact or send your questions to the Data Protection Officer (firstname.lastname@example.org).
C. The personal data that we collect
Généthon collects the following data:
- (a) Data collected when you visit our website: cookies. For more information, please visit our cookies management policy.
- (b) Data collected when you fill out a contact form or contact forms on our website: your name and email address (mandatory fields to complete) are collected in order to respond to you. We collect the date, method of contact (website) and the reason for your request in order to transfer you to the internal department concerned to obtain the most relevant answer to your question. Your request may be sent to AFM-Téléthon when the request falls under its competencies (Contact Form/DNA Learning Centre).
D. Why we collect your data
Depending on the type of inquiry, we may collect your data for various reasons (purposes):
- (a) To better respond to your inquiries: according to your questions (inquiries, partnerships, participation in a clinical trial, training, internship, etc.), your inquiries may be re-routed to AFM Téléthon or members of its group;
- (b) For job applications: in order to respond to your application, we collect a certain amount of personal data through the Talent Soft recruitment software in order to best address your applications for the selected position (when we receive your CV and cover letter);
- (c) To manage the Généthon website: cookies;
- (d) To process your requests regarding the DNA Learning Centre (Ecole ADN [EADN]).
E. Who has access to your data
We collect two types of data:
- 1. Data in the contact formsFor data collected via the contact forms, Généthon may send certain data to group partners (AFM-Téléthon, I-Stem, CECS, AIM, CECS). Depending on the request, the data from the contact forms in question may be sent to the partners in question, but will not be stored by Généthon. Généthon may send data to the following parties:
- (a) Entities in the Group (Partner)
– AFM Téléthon;
– I-Stem: research centre on stem cells for genetic diseases;
– Myology Institute: European centre of reference on muscles;
– Genosafe: our service provider for the evaluation of product quality and safety ;
- (b) Our academic and institutional partners: INSERM (Institut national de la santé et de la recherche médicale [French National Institute of Health and Medical Research]), the CNRS (Centre national de la recherche scientifique [French National Centre for Scientific Research]), and universities (UEVE [University of Evry – Val d’Essonne]);
- (c) Public authorities: in some cases, we may need to disclose your personal data in response to a court order, a summons, a law or regulation. We plan to collaborate with such requests, while taking the necessary measures to ensure that the person or entity making the request understands the confidential nature of the personal data entrusted to him/her/it. We also reserve the right to cooperate with public authorities as part of investigations and prosecutions of website visitors who violate our rules or exhibit harmful or unlawful behaviour to other visitors or the personal data for which we are responsible.
- (a) Entities in the Group (Partner)
- 2. Data for other servicesFor the use of our services, we may employ service providers who are contractually obliged to the same confidentiality and security obligations as Généthon. Service providers implement measures to ensure the optimal protection of data.
F. How long your data is stored
In general, Généthon only stores your personal data for the time required to achieve the purpose for which it was collected.
Your data is thus stored:
- (a) Up to one year for data required for the site’s management: i.e., visitor identities and log-in details;
- (b) Up to 13 months, maximum, for cookies;
- (c) Up to one year for the data that you provided us through the contact form on the Généthon site;
- (d) Up to five years for training data from the DNA Learning Centre;
- (e) Up to two years for job application data gathered via the Talent Soft site.
For data sent to the Group members, this data is stored and used for the period corresponding to current legislation.
G. How to exercise your rights
In accordance with the “Data Protection Act” of 6 January 1978, you have the right of access, rectification, objection and restriction, and since the entry into force of the General Data Protection Regulation (GDPR) on 25 May 2018, the right to the erasure of your personal data and to its portability.
- (1) You may ask to obtain a copy of your Personal Data, as well as information on the methods of processing the personal data and their legal basis;
- (2) You may request that your Personal Data be rectified if it is inaccurate (including the right to complete the Personal Data if it is incomplete);
- (3) You may request the erasure of your Personal Data (in some cases, this right may not apply when the data is no longer necessary to perform the purposes for which it was collected or processed);
- (4) You may request the restriction of the processing of your Personal Data when: (a) the accuracy of the personal data is disputed; (b) the processing is unlawful; (c) Généthon no longer needs your Personal Data but it is still necessary for finding, exercising, or defending a legal claim;
- (5) You may object to the processing of your personal data;
- (6) You may request to withdraw your consent for the processing of Personal Data;
- (7) You may request to obtain or consult a copy of the appropriate measures taken to transfer your Personal Data to a third-party country or to an international organisation.
To exercise these rights, please contact us at the following email address: email@example.com. Please note that we reserve the right not to respond to requests that are manifestly unfounded or excessive.
In addition to the aforementioned rights, you also have the right to file a complaint with the National Data Protection Commission (CNIL) at the following address: 3 Place of Fontenoy, 75007 PARIS, France or by email at www.cnil.fr.
H. Transfers outside the European Union (UE)
In the event that your data is transferred outside the European Union, Généthon shall take the appropriate measures to ensure that your Personal Data benefit from the same level of protection as if it had remained in the EU, including by establishing data transfer agreements, based on the Standard Contractual Clauses approved by the European Commission, as updated or revised.
You have the right to obtain information about the mechanism by which your Personal Data is transferred outside of the EU, and on the country to which this transfer is carried out, by contacting firstname.lastname@example.org.
Généthon will also respond to information requests if so obliged by law or if such a disclosure is necessary to protect our rights and/or to bring us into compliance with a judicial procedure or court order.
I. Security measures
We implement all technical, structural and organisational requirements to ensure a high level of protection that is appropriate and relevant to the use of your data. However, we would like to inform you that no data storage system is infallible. If we collect sensitive data, we will ask for your explicit consent. If there are problems with respect to the management of your personal data, you can get in touch and submit your questions to the Data Protection Officer at the following email address: email@example.com or at the following mailing address:
Data Protection Officer
1, rue de l’Internationale,
J. External links
The Website may contain links to third-party sites. Généthon does not monitor these sites. Therefore, Généthon may not be held liable for their data protection practices. We encourage you to check the data protection policies of these third-party sites. This policy applies only to Personal Data collected by our websites or in the context of our activities.
K. Cookies management policy
A cookie is a small file that can be placed on the hard drive of your device or on the Website. We collect cookies to make it easier to access our services. You are not obliged to accept a cookie and you can choose which cookies to accept by modifying your browser settings so that it does not accept cookies. To modify these settings, go to the ‘Options’ or ‘Preferences’ menu on your browser.
For more information on how to use, manage and erase cookies, for any type of browser, please visit the following link: https://www.cnil.fr/fr/cookies-les-outils-pour-les-maitriser
We collect several types of cookies:
- (a) HTTP cookies: cookies defined by the Website that are displayed in the browser window—they are identified via the domain name shown in the address bar of the browser window;
- (b) Session cookies: cookies that expire at the end of the browsing session, between the moment you open your browser window to when you leave;
- (c) Permanent Cookies: cookies that are saved on the device at the end of a browsing session and thus allow the site to remember your preferences or actions when you return to our website.
In accordance with current regulations, this data cannot be stored more than the maximum period of 13 months.
Below is a list of cookies present on the Généthon site:
|Wpml browser redirect test||Session||Redirect in the user’s language|
|_gat_gtag_UA_123348660_1||24 heures||Google Analytics|
|_gid||24 heures||Users distinction|
|_icl_visitor_lang_js||24 heures||Redirect in the user’s language|
|Idrxvr||1 an||Xiti Statistics|
|_ga||2 ans (cookie de google)||Users distinction|
Last modified: 18 December 2019
You are currently logged on to the site www.genethon.fr, operated by Généthon (hereinafter “Généthon”). It is an association registered under SIRET (Système d’identification du répertoire des établissements [Business Registry Identification System]) No. 40218752000018, located at 1bis, rue de l’Internationale, 91002 EVRY CEDEX (reported to the prefecture of Evry), which is the controller of the personal data likely to be collected from you on the website for the purposes described below.