The editor undertakes to take the necessary technical and organizational measures to ensure a level of security adapted to the IT risk.
– Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 concerning the protection of individuals with regard to the processing of personal data and the free movement of such data (GDPR)
Identification of the person responsible for the processing of personal data
The person responsible for processing personal data collected via the Website or the mobile application is Yelloo SAS (i.e. the publisher).
Address: 46, rue de Buzenval, 75020 Paris, France.
Email: [email protected]
Personal Data Registry
In accordance with the provisions of the RGPD and the Andorran law on the protection of personal data, please be informed that the personal data collected by the publisher through the forms on the web or in the mobile app will be incorporated and processed in our files to be able to facilitate, streamline and comply with the commitments established between the Owner of the Site and the User or the maintenance of the relationship established in the forms that he fills out, or to respond to a request from him. Likewise, in accordance with the provisions of the RGPD and the Andorran law, unless the exception provided for in Article 30.5 of the RGPD is applicable, a register of processing activities is kept that specifies, according to its purposes, the processing activities carried out and the other circumstances established in the RGPD Regulation.
Applicable policies for the processing of personal data
The processing of the User’s personal data will be subject, depending on the User’s place of residence, to the following principles set forth in Article 5 of the GDPR or to the principles set forth in the qualified Andorran Personal Data Protection Act:
– Principle of legality, fairness and transparency: the User’s consent will be required at all times, with fully transparent information on the purposes for which personal data are collected.
– Purpose limitation principle: personal data will be collected for specific, explicit and legitimate purposes.
– Principle of data minimization: the personal data collected will only be those strictly necessary for the purposes for which they are processed.
– Accuracy principle: personal data must be accurate and up-to-date.
– Principle of limitation of storage time: personal data will only be stored in such a way as to allow the identification of the User for the time necessary for the purposes of processing.
– Principle of integrity and confidentiality: personal data will be treated in such a way as to guarantee their security and confidentiality.
– Principle of proactive responsibility: the data controller will be responsible for ensuring that the above principles are duly respected.
Categories of personal data
The categories of personal data processed on the Website and the mobile application are only identifying data. In no case will special categories of personal data be processed within the meaning of Article 9 of the GDPR.
Legal basis for processing personal data
The legal basis for processing personal data is consent. The Publisher undertakes to obtain the express and verifiable consent of the User for the processing of his/her personal data for one or more specific purposes.
The User has the right to withdraw his consent at any time. It will be as easy to withdraw consent as to provide it. Withdrawal of consent will not generally affect the use of the Website or the mobile app.
In cases where the User must or may provide his/her data through forms to request information or for reasons related to the content of the Website, the User will be informed of the mandatory nature of providing such personal data.
Purposes of the processing for which the personal data are intended
Personal data are collected and managed by the Owner of the Website and the mobile application in order to facilitate, streamline and fulfill the commitments established between the Website and the User or to maintain the relationship established in the forms that the User fills out or to respond to a request or query.
Likewise, the data may be used for commercial purposes of personalization, exploitation and statistics, and activities corresponding to the social objective of the Owner of the Website, as well as for extraction, data storage and marketing studies to adapt the Content and Services offered to the User, as well as to improve the quality, operation and navigation of the Website.
At the time the personal data is obtained, the User will be informed of the specific purpose(s) of the processing for which the personal data will be used; that is, the use or uses that will be given to the information collected.
Retention periods for personal data
Personal data will be kept only for the minimum time necessary for the purposes of their processing and, in any case, until the User requests their removal.
At the time of obtaining the personal data, the User will be informed of the duration of the retention of the personal data or, when this is not possible, of the criteria used to determine this duration.
Recipients of personal data
The User’s personal data will not be shared with third parties.
In any case, at the time of obtaining the personal data, the User will be informed of the recipients or categories of recipients of the personal data.
Privacy and security of personal data
The publisher undertakes to take the necessary technical and organizational measures, according to the level of security appropriate to the risk of the data collected, in order to guarantee the security of the personal data and to prevent the accidental or unlawful destruction, loss or alteration of the personal data transmitted, stored or otherwise processed, or the unauthorized disclosure of or access to such data.
The Website has an SSL (Secure Socket Layer) certificate which guarantees that personal data is transmitted securely and confidentially and fully encrypted.
However, because the Publisher cannot guarantee the total absence of hackers or other persons fraudulently accessing personal data, the Controller undertakes to notify the User, if necessary, without undue delay, of a breach of security of personal data that may pose a high risk to the rights and freedoms of individuals. In accordance with the provisions of Article 4 of the GDPR, a breach of security of personal data is defined as a breach of security that results in the accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or processed, or in the unauthorized disclosure of or access to such data.
Personal data will be treated confidentially by the Data Controller, who undertakes to inform and guarantee by legal or contractual obligation that said confidentiality is respected by its employees, associates and any person who has access to the information.
Rights derived from the processing of personal data
The User, depending on his place of residence, may exercise the following rights before the Data Controller recognized in the RGPD or those set forth in the qualified Andorran Personal Data Protection Act:
– Right of access: the right of the User to obtain confirmation as to whether or not the Publisher is processing his/her personal data and, if so, to obtain information on his/her specific personal data and the processing that the Publisher has carried out or is carrying out, as well as, among other things, the information available on the origin of said data and the recipients of the communications carried out or envisaged.
– Right of rectification: right of the User to modify personal data that may be inaccurate or, given the purposes of the processing, incomplete.
– Right of deletion: the User’s right, as long as current legislation does not provide otherwise, to obtain the deletion of his personal data when they are no longer necessary for the purposes for which they were collected or processed and in particular in the following cases: the User has withdrawn his consent to the processing; the User objects to the processing and there is no other legitimate reason to continue it; the personal data have been processed unlawfully; or the personal data must be deleted in accordance with a legal obligation.
– Right to the limitation of processing: right of the User to limit the processing of his/her personal data. The User has the right to obtain the limitation of the processing in the following cases: when he/she disputes the accuracy of his/her personal data; the processing is unlawful; the controller no longer needs the personal data, but the User needs it to make claims; and when the User has objected to the processing.
– Right to data portability: in the event that the processing is carried out by automated means, the User will have the right to receive from the Data Manager his/her personal data in a structured format, of common use and machine readable, and to transmit them to another person in charge of the processing. Whenever technically possible, the controller will transfer the data directly to the other controller.
– Right to object: the User’s right not to have his or her personal data processed or to have the processing of his or her data by the Publisher stopped.
– Right not to be subject to a decision based solely on automated processing, including profiling: the right of the User not to be subject to an individualized decision based solely on the automated processing of his/her personal data, including profiling, unless otherwise provided for by the applicable law.
Therefore, the User may exercise his/her rights by means of a written communication addressed to the Data Controller specifying:
– Name and surname of the User and a photocopy of his/her identity card. In cases where legal representation is required, a photocopy of the identity card of the legal representative is also required, as well as the document proving said representation. The photocopy of the identity document can be replaced by any other legal means to prove the identity of the User
– Specific reasons for the request.
– Address for notification purposes.
– Date and signature of applicant.
– Any document proving the request made.
This application and any attached documents may be sent to the following address and/or email:
Address: Yelloo, 46 rue de Buzenval, 75020 Paris, France
Email: [email protected]
Links to third party sites
The Website or mobile app may include hyperlinks or links to third party web pages. The owners of these websites will have their own data protection policies, being responsible for their own files and privacy practices.
Complaints to the supervisory authority
In the event that the User believes that there is a problem or violation of the laws and regulations in force in the processing of his/her personal data, he/she will have the right to effective judicial protection and the right to file a complaint with a supervisory authority in the State where he/she has his/her habitual residence, place of work or the place of the alleged violation. In the case of France is the CNIL.
Information collected via cookies may include the date and time of visits to the Website, the pages viewed, the time spent on the Website and the sites visited immediately before and after. However, no cookie allows it to contact the User’s phone number or any other personal means of contact. No cookie can extract information from the user’s hard drive or steal personal information. The only way the User’s private information becomes part of the cookie is if the User personally gives that information to the server.
These are cookies that are sent to the user’s computer or device and are managed exclusively by the publisher for the better functioning of the Website. The information collected is used to improve the quality of the Website and its Content and Service and the User experience. These cookies allow the User to be recognized as a repeat visitor to the Website and to tailor the content to suit the User’s preferences.
These are cookies used and managed by external entities that provide the Website Owner with the services that the latter has requested to improve the Website and the User’s experience when browsing the Website. The main purposes for which third-party cookies are used are to obtain access statistics and to analyze navigational information, i.e. how the User interacts with the Website.
The information obtained includes, for example, the number of pages visited, the language, the IP address from which the User accesses, the number of users accessing, the frequency and recurrence of the visit, the time of the visit, the browser they use, the operator or type of device from which the visit is made, etc. This information is used to improve the Website and identify new needs in order to provide Users with optimal Content and/or Service. In all cases, information is collected anonymously and reports on Web Site trends are compiled without identifying individual users.
The entities in charge of providing cookies may transfer this information to third parties, when required by law or when a third party processes this information for such entities.
Social network cookies
The Website incorporates social network “plug-ins” that allow access via the Website. For this reason, cookies from social networks may be stored in the User’s browser. The owners of these social networks have their own data protection policies and cookies, being responsible for their own files and their own privacy practices. The User must refer to it in order to be informed of these cookies and, if applicable, of the processing of his/her personal data.
Disable, reject and delete cookies
Web Link Policy
It is noted that the Website provides or may provide Users with links (such as, but not limited to, links, banners, buttons), directories and search engines that allow Users to access Websites owned and/or operated by third parties.
The provision of these links, directories and search engines on the Website is intended to facilitate research and access to information available on the Internet, without being considered a suggestion, recommendation or invitation to such a visit.
The publisher does not offer or market the products and/or services available on these linked sites by itself or through third parties.
Likewise, it does not guarantee the technical availability, accuracy, truthfulness, validity or legality of third-party websites.
The Web Owner does not in any way review or control the content of other web sites, nor does it endorse, review or take ownership of the products and services, content, archives and other materials existing on the linked sites.
The Web Owner does not assume any responsibility for damages that may be caused by the access, use, quality or legality of the contents, communications, opinions, products and services of websites not managed by it and that are linked to the Web Site.
The User or a third party who creates a hyperlink from a web page other than the Website should be aware that:
– Reproduction – in whole or in part – of any of the Content and/or Services of this Web Site is not permitted without the express permission of the Web Site Owner.
– No false, inaccurate or incorrect statements about the Website, its Content and/or Services are permitted.
– Except for the hyperlink, the third party website in which the hyperlink is established will not contain any element of the Website protected as intellectual property by the Andorran legal system, unless expressly authorized by the owner of the Website.
– The establishment of a hyperlink does not imply the existence of any relationship between Yelloo SAS and the owner of the website from which it is created, nor does it imply knowledge and acceptance by Yello SAS of the content, services and/or activities offered on the said website, and vice versa.
Intellectual and industrial property
Users acknowledge that the Content and Services are made available through software designed, developed and owned by the Website Owner. This software includes but is not limited to source code, object code and user interface.
Therefore, Users agree to the granting of a license to use this software in their favor by browsing and accessing the Content and Services. The price of this license is included in the amount paid by the User to have access to the ordered content and giving rise to an invoice.
The publisher is the owner of all the intellectual and industrial property rights made available on the Website and are protected by the Andorran legal system and the International Treaties on the subject.
All rights reserved: the reproduction, distribution and public communication, including the way in which it is made available, of all or part of the content made available on the Website for commercial purposes is expressly prohibited, in any medium and by any technical means, without the authorization of the Owner of the Website.
In the event that the User or a third party considers that any Content and/or Service made available on the Website constitutes an infringement of its intellectual property rights, it must immediately inform the publisher.
Applicable legislation and competent jurisdiction
The Publisher reserves the right to initiate any civil or criminal action it deems necessary arising from misuse of the Website and the Content and/or Services, or generated by the violation of these Terms.
The relationship between the User and the Publisher shall be governed by French law. In the event of a dispute concerning the interpretation and/or application of these Terms, the parties shall submit their disputes to the jurisdiction of the Commercial Court of Paris.