The data controller responsible for processing the collected data is SOTIC®, a company registered with the Aubenas Trade and Companies Register under number 533 358 321, whose registered office is located at:

ZI 1 Rue des Lônes
07250 Le Pouzin
France

You may contact SOTIC® by phone at +33 (0)4 75 85 90 79 or by email (see Section 7 below) for any questions relating to data protection.

SOTIC® collects the information entered into the website contact form for specific, explicit, and legitimate purposes:

• Responding to contact requests:
  The information you provide (identity, contact details, message content, etc.) is used to contact you and respond appropriately to your inquiry or request. 
• Commercial prospecting:
  Your contact details (particularly your email address and telephone number) may also be used to send you news from SOTIC®, or offers for services and products that may interest you, only if you have given your consent. 

SOTIC® undertakes not to use this data in any manner incompatible with these original purposes.

The processing of data collected through the contact form is based on your freely given and informed consent (Article 6(1)(a) of the GDPR).

By submitting the form, you expressly consent to SOTIC® processing your data for the purposes described above. This consent is confirmed through the mandatory checkbox provided for this purpose.

You may withdraw your consent at any time. However, withdrawal of consent does not affect the lawfulness of processing carried out prior to such withdrawal.

The collected data is intended solely for authorized SOTIC® personnel who require access to it as part of their duties (for example, sales or technical departments responsible for handling requests).

In addition, SOTIC® works with service providers for the technical management of the website. In this context, IDETOP (a development and communication agency based in Lyon, France) acts as a data processor for website development and content management purposes.

As part of these services, IDETOP may access contact form data strictly for technical purposes (maintenance, hosting, website improvement) and acts on behalf of SOTIC®, undertaking to respect the confidentiality and security of your data.

SOTIC® ensures that its data processors provide sufficient guarantees regarding the protection of personal data and that a data processing agreement compliant with Article 28 of the GDPR is in place.

Your data will not be sold, exchanged, or shared with unauthorized third parties. Apart from IDETOP and any legal obligations, no other third party has access to your information without your prior consent.

SOTIC® retains your personal data only for as long as necessary for the purposes for which it was collected.

Regarding data collected through the contact form:

• If you are not yet a SOTIC® customer:
  Your data will be retained for 3 years from the date of your last interaction with us (for example, your latest request for information or your last click on a communication sent by us). Beyond this period, and without any further interaction from you, the data will be deleted or securely archived. 
• If you become a SOTIC® customer:
  Your data may be retained for a longer period, for the duration of the commercial relationship and subsequently archived in accordance with applicable legal obligations, as specified where applicable in contractual documents.

In all cases, personal data collected through the website will be deleted or anonymized once the retention periods expire, unless a longer retention period is required by law (for example, accounting obligations or ongoing litigation).

In accordance with the GDPR, you have the following rights regarding your personal data:

• Right of access:
  You may obtain confirmation as to whether your personal data is being processed by SOTIC® and receive a comprehensible copy of such data, along with information concerning the purposes of processing. 
• Right to rectification:
  You may request correction of inaccurate or incomplete data concerning you in order to ensure that your information is up to date. 
• Right to erasure (“right to be forgotten”):
  You may request deletion of your personal data in the cases provided for by applicable regulations (for example, where the data is no longer necessary or where you withdraw your consent and no other legal basis applies). 
• Right to restriction of processing:
  You may request that the use of your data be temporarily suspended (meaning SOTIC® stores the data without using it) in certain situations provided for by law. 
• Right to object:
  You may object at any time, on grounds relating to your particular situation, to processing based on legitimate interest. You may also object to the use of your data for commercial prospecting purposes; in such cases, SOTIC® will cease using your data for such communications. 
• Right to data portability:
  In cases provided for under the GDPR (automated processing based on your consent or a contract), you have the right to receive your personal data in a structured, commonly used, and machine-readable format, or to request that SOTIC® transfer it to another data controller where technically feasible. 
• Right to withdraw consent:
  For processing operations based on your consent, you may withdraw your consent at any time. (Please note that withdrawal of consent only applies going forward and does not affect the lawfulness of prior processing.)

SOTIC® guarantees the effective exercise of all these rights under the conditions provided by applicable regulations.

There will be no negative consequences resulting from the exercise of your rights. However, certain rights may be limited in specific circumstances (for example, SOTIC® may retain certain data where required by law, even if you request its deletion).

To exercise your rights or for any questions regarding the processing of your personal data, you may contact us:
By email at: privacy@sotic.com
By post at: SOTIC – Personal Data Department ZI 1 Rue des Lônes 07250 Le Pouzin France

Please specify the right you wish to exercise and provide a copy of an identity document where necessary to enable us to verify your identity, in accordance with applicable regulations.

We undertake to respond as soon as possible and, in any event, within the one-month period provided by the GDPR, which may be extended by an additional two months where necessary depending on the complexity of the request.

If, after contacting us, you believe that your “Data Protection and Freedoms” rights have not been respected, you may file a complaint with the French supervisory authority, the CNIL (Commission Nationale de l’Informatique et des Libertés).

You may submit a complaint online via the CNIL website or by post at:
CNIL 3 Place de Fontenoy TSA 80715 75334 Paris Cedex 07 France.

SOTIC® implements appropriate technical and organizational security measures to ensure the confidentiality, integrity, and availability of your personal data.

The information systems of SOTIC® and its data processors are protected in accordance with current security standards in order to prevent unauthorized access, loss, alteration, or unwanted disclosure of your information.

Employees and service providers with access to your data are bound by confidentiality obligations.

In the event of a personal data breach likely to result in a high risk to your rights and freedoms, you will be informed in accordance with applicable legal requirements.

By checking the consent box on the contact form and submitting your information, you confirm that you have read and accepted this Privacy Policy.

SOTIC® may update this policy from time to time, particularly to comply with legal or regulatory developments. In such cases, the updated version will be made available on our website and, where the changes are significant, you may be notified accordingly.

We therefore encourage you to consult this Privacy Policy regularly to stay informed about how your data is protected.