Personal data protection policy
Personal data protection policy
1. INTRODUCTION
This personal data protection policy, as
well as any document referred to therein, details the conditions under which
SYSTID, a limited liability company with a capital of 2,000,000 CFA francs, registered
in the trade and Crédit Mobilier de Lomé, under number TG-LOM-2016B 1812
(hereinafter “ We ” or “ SYSTID ”) proceeds, as data controller,
to the processing described below and relating to the personal data of any user
and/or customer of the website https://nzara.net (hereinafter the “ Site
”) and any user of the Site being hereinafter referred to as “ you ”.
We are committed to a policy of adopting
and respecting demanding standards in terms of professional conduct and ethics
in customer relations, and in particular the protection of personal data.
As such, We process your personal data
in compliance with the principles set by the regulations applicable to the
protection of personal data, and in particular the law 2019-014 relating to the
protection of personal data in Togo of October 29, 2019 (ci -after the “ Personal
Data Regulation ”).
In accordance with the Personal Data
Regulations, the term " personal data " means, in the context
of this policy, any information concerning you and allowing you to be
identified directly or indirectly as a natural person.
This personal data protection policy may
change depending on the applicable legal and regulatory context or the
evolution of our activity, and in particular the products or services that We
offer you.
2. THE PRINCIPLES APPLICABLE TO THE PROCESSING OF YOUR PERSONAL DATA
In the context of the
collection and processing of your personal data, We are committed to respecting
the following principles:
1.
Lawfulness : your personal data
is collected for specified, explicit and legitimate purposes, and on the basis
of an appropriate legal basis;
2.
Transparency : you are informed of
each processing that We implement and the characteristics of this processing by
means of information notices, no processing of your personal data being
implemented without your knowledge;
3. Minimization : We undertake to
collect and process only the personal data concerning you which is strictly
necessary for the objective that We pursue and to update them regularly;
4. Data protection by
design and by default : when developing, designing,
configuring and using applications, services and products that rely on the
processing of personal data, We take into account your right to the protection
of personal data and We ensure with our partners that they meet the legal
requirements and make it possible to effectively ensure the protection of the
personal data which will be processed;
5. Security of personal
data : We have implemented technical and organizational measures, adapted
according to the degree of sensitivity of the personal data collected, in order
to ensure the integrity and confidentiality of your personal data and to
protect them against any intrusion. misuse, loss, alteration or disclosure to
unauthorized third parties. In particular, We use encryption and/or
pseudonymization techniques for your personal data whenever possible, useful or
necessary;
6. Commitments of our
service providers and partners : We choose our subcontractors, service
providers and partners with care and require them: (a) to ensure a level of
protection of your personal data equivalent to ours, (b) to use your personal
data only to the extent necessary for the provision of the services that We
have entrusted to them, (c) to comply with the Personal Data Regulations.
3. THE PROCESSING OF YOUR PERSONAL DATA
3.1 Persons concerned
The people concerned by the processing
that We carry out are:
- any user of the Site;
- any customer of
the Site..
3.2 Collection of
personal data
We collect personal data about you
directly from you.
In addition, We indirectly collect
personal data about you from the following sources:
- management ;
- partners of
SYSTID and Sellers;
- third parties,
such as fraud prevention organizations or personal data providers;
- CinetPay and
PayPal payment institutions .
3.3 Cookies
We use cookies and other tracers to
collect personal data about you for the purpose of pursuing some of the
processing purposes described in article 3.4 of this policy.
You can configure these cookies and
tracers by clicking on this LINK EN . All the information
about them in the cookie policy can be accessed HERE .
3.4 Purposes of processing, legal bases
and retention periods
We implement various processing
operations relating to your personal data, the purposes of which are detailed
below and the legal bases of which are as follows: your consent, the
performance of a contract concluded with you, our legitimate interest, or our
obligations. legal and regulatory.
In accordance with the Personal Data
Regulations, the personal data that We collect will be used for the fulfillment
of the purposes for which they were collected and this for the period detailed
in the table below, it being specified that a user and/or customer of the Site
is considered "active" when he connects or modifies his personal
space on the Site, makes an online purchase using his personal account, and/or makes
an offline purchase or another interaction with We by identifying ourselves;
At the end of the
storage periods described below, your personal data will be deleted or, for
those that We are legally required to keep or which are necessary to safeguard
our rights, placed in an archive and kept for an additional period.
corresponding to the duration detailed in the table below. At the end of this
period, your personal data will be deleted.
The legal bases and retention periods
associated with each purpose of processing your personal data are described
below:
|
USE OF THE WEBSITE |
|||
|
Purpose |
Description of the treatment |
Legal basis |
The duration of the conversation |
|
Access |
Provision of the Site, the products and services offered on the Site. |
pre-contractual measures taken at your request and/or execution of the
contract |
Personal data relating to your activity on the Site is kept for 3 years
from your last activity on the Site. |
|
Communications |
Management of the communications that you send to Us from the Site and
follow-up of our exchanges with you. |
pre-contractual measures taken at your request and/or execution of the
contract |
The personal data relating to your communications are kept for 3 years
from each communication. |
|
Recognition of the user of the Site |
Use of your personal data as a user of the Site in order to be recognized
as such with other services offered by the Sellers. |
Legitimate interest |
The personal data allowing the Sellers to recognize you on the Site are
kept for 3 years from your last activity on the Site. |
|
Cookies |
Deposit and reading of cookies not subject to obtaining your consent. |
Legitimate interest |
Tracers/cookies and the data collected by them are kept for 13 months
from their deposit. |
|
Security |
Retention of computer traces in order to prevent and detect security
incidents and to secure the personal data of users of the Site as well as the
information systems under our control from which their personal data is
processed. |
Legitimate interest |
Connection logs are kept for a period of 1 month from the date of the
activity. |
|
CUSTOMER RELATIONSHIP MANAGEMENT |
|||
|
Purpose |
Description of the treatment |
Legal basis |
The duration of the conversation |
|
Personal account |
Creation of a personal account allowing you to place orders online. |
pre-contractual measures taken at your request and/or execution of the
contract |
Personal data relating to your personal account on the Site is kept as
long as you have an active personal account without ever exceeding 3 years
from your last activity. |
|
Orders |
Confirmation, validation, collection of payment, tracking and shipping of
the order, management of withdrawals. |
Execution of pre-contractual measures taken at your request and/or
execution of the contract |
Each personal online or offline purchase data is kept for 3 years from
the date of your purchase. Your personal bank details may be kept for proof purposes and depending
on your method of payment by our payment provider for up to 15 months from
the date of your purchase. |
|
Customer service |
Management of your requests, questions and complaints. |
Execution of pre-contractual measures taken at your request and/or
execution of the contract |
Personal data relating to your requests, questions and complaints are
kept for 3 years from each request, question and complaint. |
|
Consumer service |
Management of your requests, questions and complaints. |
Execution of pre-contractual measures taken at your request and/or
execution of the contract |
Personal data relating to your requests, questions and complaints are
kept for 5 years from each request, question and complaint. |
|
Satisfaction surveys and collection of opinions |
Gathering opinions and carrying out surveys and round tables on our
products and services. |
Legitimate interest |
Personal data is kept for 3 years from the date of the opinion, survey or
round tables on our products or services. |
|
Customer recognition |
Use of your personal data as a customer in order to be recognized as such
with other services offered by other Sellers |
Legitimate interest |
The personal data allowing you to be recognized as a customer are kept
for 3 years from your last activity. |
|
Product recall |
Provision of information relating to the recall of products marketed on
the Site and in our stores |
Compliance with our legal and regulatory obligations |
Personal data relating to the product recall is kept for 5 years from the
date of the product recall. |
|
MARKETING AND ADVERTISING |
|||
|
Purpose |
Description of the treatment |
Legal basis |
The duration of the conversation |
|
Profiling for the purpose of improving customer knowledge by SYSTID
(KYC). |
Building your profile, combining shopping and informational data We have
collected online and offline, enriching your profile based on your
interactions with our partners (using technology provided by third parties),
segmentation, fulfillment studies and analyzes to better understand your
expectations in terms of services, products or offers. |
Legitimate interest |
Personal data from online and offline purchases used for this purpose are
kept for 24 months from the date of your purchase. The other personal data used for this purpose is kept as long as you have
a customer account or a loyalty account without ever exceeding 24 months from
your last activity. |
|
Profiling by SYSTID in order to send you personalized advertisements. |
Building your profile, combining shopping and informational data We have
collected online and offline, enriching your profile based on your
interactions with our partners (using technology provided by third parties),
segmentation, fulfillment studies and analyzes to identify your consumption
habits, in order to allow Us to send you personalized advertisements and to
measure their effectiveness. The measurement of the effectiveness of our advertisements
on Facebook is carried out by SYSTID and Facebook as joint controllers. To
view how Facebook handles your data in the context of this processing, click here . |
Legitimate interest |
Personal data from online and offline purchases used for this purpose are
kept for 24 months from the date of your purchase. The other personal data used for this purpose is kept as long as you have
a customer account or a loyalty account without ever exceeding 24 months. |
|
Provision of your profiling data to our partners for the purpose of
improving customer knowledge and to send you personalized advertisements. |
Establishment and enrichment of your profile by our partners (through
technologies provided by third parties) on the basis of pseudonymous data
that We transmit to them; segmentation, carrying out studies and analyzes by
our partners allowing them to identify your consumption habits, in order to
allow them to know you better and, if necessary, to allow them to send you
personalized advertisements. |
Legitimate interest |
Your personal data will be made available to our partners (in
pseudonymized form ) for a maximum period of 24 months from their
transmission and then deleted by our partner after this period. |
|
Distribution of personalized advertisements or not |
Sending commercial communications (promotions, special offers),
personalized or not, on all media such as Sellers' websites or mobile
applications or third-party websites or applications that you consult,
including the measurement of the advertising effectiveness of these
communications . |
Consent |
Trackers/advertising cookies and the data collected by them are kept for
13 months from the date your consent is obtained. The retention period of your choices (consent or refusal of cookies) is
six months from the date of collection of your consent. |
|
Audience measurement |
Analysis of the performance of the content you consult on our sites, and
exploitation of market studies in order to generate audience data |
Consent |
Trackers/advertising cookies and the data collected by them are kept for
13 months from the date your consent is obtained. The retention period of your choices (consent or refusal of cookies) is 6
months from the date of collection of your consent. |
|
Commercial prospecting by electronic means |
Sending of promotions and offers, personalized or not, by electronic
means (sms, emails, call machines). |
Consent |
Your personal data necessary for the pursuit of this purpose are kept for
3 years from your last activity. |
|
Quizzes |
Participation in all contests, lotteries, jackpots. |
Consent |
Personal data collected in the context of contests are kept for 3 years
from the closing date of the contest concerned. |
|
Commercial prospecting by post and telephone or electronic prospecting
for similar products and services. |
Sending promotions and offers, personalized or not, by post or telephone
or electronically for products and services similar to those you have
purchased or subscribed to. |
Legitimate interest |
Your personal data necessary for the pursuit of this purpose are kept for
3 years from your last activity. |
|
Statistics |
Production of statistics relating to your use of our products and
services, the Site and the Programme. |
Legitimate interest |
The data used for statistical purposes are kept for 3 years from their
collection. |
|
COMPLIANCE WITH OUR LEGAL AND REGULATORY OBLIGATIONS, DEFENDING OUR
RIGHTS, SAFEGUARDING OUR INTERESTS AND FIGHTING FRAUD |
|||
|
Purpose |
Description of the treatment |
Legal basis |
The duration of the conversation |
|
Accounting and taxation |
Retention of invoices and other mandatory documents as part of the
management of our general accounting and our tax obligations |
Compliance with our legal and regulatory obligations |
The personal data processed as part of the management of our accounting
and our tax obligations are kept for a period corresponding to the duration
of the current financial year, increased by 10 years from the end of the
financial year. |
|
Exercise of your rights |
Management of requests to exercise your rights (registration,
communications with you, extracts of required information) |
Compliance with our legal and regulatory obligations |
Personal data relating to your requests to exercise rights are kept for 1
or 6 years from your request, depending on the right exercised. When the
collection of a proof of identity has been necessary, it is deleted as soon
as the verification has been carried out. |
|
Defense of our rights and fight against fraud |
Establishment and retention of the means of proof necessary to
defend our rights in the context of actions and claims brought against us by
you and to fight against fraud. |
Legitimate interest |
The personal data necessary for the establishment and conservation of the
means of proof necessary for the defense of our rights are kept for the
duration of the applicable legal requirements or for the duration of the
dispute if one should arise. |
|
Public and judicial authorities |
Management of requests from public or judicial authorities and
communications with the authorities |
Legitimate interest |
Personal data relating to the management of requests from authorities is
kept for the duration of the procedure before the authority concerned. |
If We are led to
process your personal data for purposes other than those listed in the table
above, you will be informed beforehand and We will take any additional steps
that may be necessary to ensure the legal compliance of all the processing
carried out.
3.5 Recipients of your personal data
To achieve the purposes described above
and only to the extent necessary for the pursuit of these purposes, the
personal data that We collect may be transmitted to all or part of the
following recipients:
- within SYSTID :
1.
entities in charge of awarding, managing
and executing contracts and orders;
2.
the SYSTID entities in charge of
marketing (in particular the advertising agency and the media agency), customer
relations, complaints, prospecting, administrative services, IT services;
3. the SYSTID entities in
charge of the centralized management of our customers' databases;
4. any other SYSTID
entity whose intervention would be necessary for the execution of the
processing implemented in accordance with this policy
- outside of SYSTID:
1.
our service providers involved in all or
part of the identified processing (in particular IT service providers
responsible for maintaining the Site, technical intermediaries in the field of
advertising and personalized communications, those responsible for the routing
and delivery of products);
2.
our partners who sell products or
services directly from our Site;
3. our partners involved
in the production and sending of commercial prospecting campaigns;
Furthermore, when you
connect to your customer account using a Google account or a social network, or
when you interact with links or advertisements accessible on our Site and
referring to other sites or applications, it is possible, the third parties
operating these sites, services or advertisements proceed, as separate data
controllers, to process your personal data, under their own responsibility. We
invite you to read their policies relating to the protection of personal data
in order to know the conditions and methods applicable to the processing of your
personal data that these actors implement.
4. YOUR RIGHTS AND HOW TO EXERCISE THEM
4.1 The content of
your rights
With regard to your personal data, you
have a right of access, rectification, erasure, opposition, limitation of
processing, portability of your personal data and the right to give
instructions relating to the fate of your personal data after your death.
You can also withdraw your consent at
any time, in cases where it has been requested.
1.
Permission to access
You can request access
to your personal data that We collect and process.
If you make an access request, We will
provide you with a copy of your personal data in our possession as well as all
legally required information.
2.
Right of objection
You can object at any
time, for reasons relating to your particular situation, to the processing of
your personal data when it is based on our legitimate interest, unless our
legitimate interest prevails over your own interests and your rights and
freedoms, or that the processing is necessary for the establishment, exercise
or defense of legal claims.
You can also, at any time, oppose the
processing of your personal data by us when this processing is carried out for
commercial prospecting purposes by electronic or postal means, including when
the processing concerned constitutes profiling.
3. Right of rectification
You can at any time
ask us to rectify any personal data concerning you that is inaccurate or
incomplete.
4. Right to erasure
You can request the
erasure of your personal data under the conditions provided for by the Personal
Data Regulations, unless they must be kept to enable us to comply with legal
obligations, or to enable us to exercise or defend our rights or again, when
they are necessary for the execution of the contract which binds us.
5. Right to restriction
of processing
You can request the
limitation of the processing of your personal data under the conditions
provided for by the Personal Data Regulations.
6. Right to portability
You have the right to
the portability of the personal data that you have provided to us and that We
process by automated means, when the processing that We implement is based on
your consent or on the performance of a contract or measures -contractual , provided
that the exercise of this right does not infringe the rights and freedoms of
third parties. Right to define directives relating to the fate of your data
after your death
You have the possibility of defining
general or specific directives concerning the way in which you intend to
exercise, after your death, the rights which are guaranteed to you by the
applicable regulations.
The general directives concern all the
personal data concerning you, and you can revoke them at any time. They can be
registered with a digital trusted third party certified by the National
Commission for Computing and Liberties.
The specific directives concern the
processing operations mentioned by these directives and are registered with Us:
they are the subject of specific consent on your part and you can revoke them
at any time.
4.2 Exercising your rights
In order to exercise your rights, you
can:
- Complete this online form https://www.nzara. net /contact-us/data/form ;
- Or failing that,
send us an e-mail or postal mail to the addresses below, specifying the
right you wish to exercise, your personal data concerned by your request
and indicating your surname and first name as well as the email address.
-email associated with your customer or loyalty account (if applicable):
- Email: droitsdespersonnes@serviceclients-nzara.
net
- Postal mail: “: SYSTID
Customer Service - Right to Personal Data , 05 BP 727, Lomé 05.
4.3 Submitting a
complaint
If you believe, after having contacted Us
in this regard, that your rights relating to your personal data are not
respected, you can submit a complaint to the Personal Data Protection Authority
(IPDCP) (Av. Abdoulaye FADIGA, Opposite BCEAO,
Lomé, Togo 01 BP 3679).
Subscribe to our newsletter for regular updates about Offers, Coupons & more
Follow Us
Mobile Apps
