ARTICLE 3: CONFIDENTIALITY
Article 3.1: PROCESSING OF PERSONAL DATA
In accordance with the provisions of Article 383 of Law No. 2017-20 of April 20, 2018, relating to the digital code in the Republic of Benin, as amended by Law No. 2020-35 of January 6, 2021, user data is :
1- traitées légitimement ;
2- collected, recorded, processed, stored, and transmitted in a lawful, fair, transparent, and non-fraudulent manner;
3- collected for specific, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes, taking into account all relevant factors, including the reasonable expectations of the data subject and applicable legal and regulatory provisions;
4- adequate, relevant, and not excessive in relation to the purposes for which they are collected and processed;
5- accurate and, if necessary, kept up to date. All reasonable measures should be taken to ensure that inaccurate or incomplete data, considering the purposes for which they are collected or subsequently processed, are erased or rectified.
6- retained in a form that allows the identification of the individuals for a period not exceeding the time necessary for the purposes for which they are collected or processed. Personal data may be retained for longer periods to the extent that they will be processed solely for archiving purposes in the public interest, for scientific or historical research purposes, or for statistical purposes in accordance with Article 396 of the law n°2017-20 of April 20, 2018, on the digital code in the Republic of Benin, as amended by the law n° 2020-35 of January 6, 2021, provided that appropriate technical and organizational measures required by the provisions of this code are implemented to ensure the rights and freedoms of the data subject.
7- processed in a manner that ensures appropriate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.
It is the responsibility of the data controller to ensure compliance with the first paragraph.
The collection and processing of user data on the website comply with the principles set out in Articles 384 and following of Law No. 2017-20 of April 20, 2018, on the digital code in the Republic of Benin, as amended by Law No. 2020-35 of January 6, 2021.
The personal data collected on the Zekin website are as follows:
- User's first and last name or company name.
- User's address(es).
Ces données sont collectées lorsque l’utilisateur s’inscrit sur le site ou
décide de contacter l’éditeur via le site.
The data controller will keep all the data in their computer systems, located on the website, under reasonable security conditions for a minimum period of one (01) year, unless the user requests its deletion before the expiration of this period.
The data controller will keep all the data in their computer systems on the website, under reasonable security conditions, for a minimum period of one (1) year, unless the user requests their deletion before the expiration of this period.
The collection and processing of data serve the following purposes:
The identification data is used to generate invoices for customers.
- Location data is used to contact the customer for service proposals.
Article 3.2: DATA HOSTING
As mentioned above, the Zekin website is hosted by PlanetHoster, with its headquarters located in Quebec, Canada.
The hosting provider can be contacted at the following phone number or address:
The data collected and processed by the website are transferred to the hosting provider's headquarters.
Article 3.3: THE DATA PROCESSING CONTROLLER
The publisher designates a data processing controller within its organization. They can be contacted at the following address: email@example.com.
Article 3.4: DATA PROTECTION OFFICER
The publisher appoints a Data Protection Officer (DPO) within its organization
The Data Protection Officer can be reached at the following address: firstname.lastname@example.org.
Article 3.5: USER RIGHTS AND PROCEDURES FOR IMPLEMENTING USER RIGHTS
In accordance with the regulations regarding the processing of personal data, the user has the following rights.
In order for the data controller to process their request, the user is required to provide the following information: their first and last name, email address, and if relevant, their account number, personal space, or subscriber number.
The data controller is required to respond to the user within a maximum period of thirty (30) days.
Article 3.5.1: Right of Access, Rectification, and Right to be Forgotten
The user has the right to access, update, modify, or request the deletion of their personal data by sending an email to the data controller.
If the user has a personal space, they have the right to request the deletion of their personal space by sending an email to the data controller.
Article 3.5.2: Right to Data Portability
The concerned user has the right to receive the personal data concerning them that they have provided to the data controller, in a structured, commonly used, and machine-readable format, and has the right to transmit this data to another data controller without hindrance from the data controller to which the personal data were provided, under the following conditions:
- The processing is based on consent or a contract, and:
- The processing is carried out by automated means.
When the user exercises their right to data portability, they may request that the personal data be transferred directly from one data controller to another, where technically feasible.
Article 3.5.3: Right to Object to Data Processing
The user has the right to object, at any time and for legitimate reasons, to the processing of personal data concerning them.
Article 3.5.4: Right to lodge a complaint with the competent supervisory authority
Without prejudice to any other administrative or judicial remedy, the data subject has the right to lodge a complaint with the Authority if they consider that the processing of personal data concerning them constitutes a violation of their rights
The Authority shall inform the author of the complaint about the progress and outcome of the complaint, including the possibility of a judicial remedy under Article 449 of Law No. 2017-20 of April 20, 2018, on the digital code in the Republic of Benin, as amended by Law No. 2020-35 of January 6, 2021, regarding the processing of personal data
Article 3.6 : RESPONSIBLE FOR DATA PROCESSING OBLIGATIONS
The data controller undertakes to protect the collected personal data, not to transmit them to third parties without the user's prior knowledge, and to respect the purposes for which the data was collected.
The website has an SSL certificate to ensure that the information and data transferred through the site are secure.
Furthermore, the data controller may notify the user in case of rectification or deletion of data.
In the event that the integrity, confidentiality, or security of the user's personal data is compromised, the data controller undertakes to inform the user through any means available.