Introduction
This privacy policy explains how Génoa, Shared E-learning Solutions, collects, uses, and shares your personal information when you use our website and services.
1. Who is responsible for data processing?
The data controller for your personal data is:
Génoa, Shared E-learning Solutions
13 rue Jean-Marie Pedel
29470 Plougastel-Daoulas, France
Phone: +33 7 68 62 62 69
Email: gn.edtech@gmail.com
2. How can your data be collected?
We may collect your personal data in various ways:
• Contact form: When you fill out our contact form, we collect your first name, last name, and email address.
• Support: When you contact us for assistance, we may collect your first name, last name, and email address.
• Online Learning Platform (LMS): When you register and use our LMS platform, we collect your first name, last name, and email address.
• Contract: As part of concluding and executing a contract, we may collect your phone number and billing information.
3. How may your data be used?
We use your personal data for the following purposes:
• To fulfill our contractual obligations to you.
• To comply with any agreement you have entered into with us.
• To protect your information and prevent unauthorized access.
• To ensure the proper functioning and security of our IT systems.
• To process any questions, issues, or complaints you have reported to us.
• To notify you of any changes to our terms and conditions.
• To inform you of relevant updates regarding the provision of our services.
• For payment verification or debt collection purposes.
• When required by law.
4. Who has access to your data?
Collected data is:
• Secured on our platform’s servers.
• Accessible only to individuals working for Génoa with the appropriate access rights necessary to perform their duties.
5. How long is the data retained?
Your personal data is stored for as long as you request.
However, we reserve the right to periodically purge inactive accounts from our platforms to ensure service efficiency.
If your contract is terminated, all your data will be permanently deleted and cannot be recovered. A notification will be sent to inform you before the deletion takes place.
6. What are your rights as a user?
In accordance with the General Data Protection Regulation (GDPR), you have the following rights:
• Right of access: You have the right to know whether we are processing your personal data and to obtain a copy of it.
• Right to rectification: You may request correction of your personal data if it is inaccurate or incomplete.
• Right to erasure (“right to be forgotten”): You may request the deletion of your data in certain circumstances.
• Right to restrict processing: You may request restriction of your data processing under certain conditions.
• Right to data portability: You may receive the personal data you have provided in a structured, commonly used, machine-readable format, and transmit it to another data controller.
• Right to object: You may object to the processing of your personal data under certain conditions.
• Right not to be subject to automated decision-making, including profiling, that produces legal effects or similarly significant effects on you.
• Right to withdraw your consent at any time when processing is based on your consent.
• Right to lodge a complaint with a supervisory authority (see section 10).
7. How to exercise your rights?
To exercise your rights, please contact us via email at: gn.edtech@gmail.com
8. What security measures are in place?
We implement appropriate technical and organizational security measures to protect your personal data against destruction, loss, alteration, unauthorized disclosure, or access. These measures include:
• Servers located in France.
• Dedicated cloud infrastructure provided by OVH.
• Our MOODLE/IOMAD platform server is protected by its own firewall and Intrusion Detection System (IDS), which automatically quarantines suspicious traffic to prevent unwanted activity.
• A daily backup system storing platform data on a separate server. Backups are retained for 30 days.
9. In case of data transfer outside the EU
Team members working outside the European Union use a secure password database with two-factor authentication (2FA) to access server and site account details. This ensures information security even during remote access.
10. What are your rights regarding complaints to the CNIL or other authorities?
If you believe we have not upheld our data protection obligations, you have the right to lodge a complaint with the competent supervisory authority.
In France, this authority is the Commission Nationale de l’Informatique et des Libertés (CNIL).
Website: https://www.cnil.fr
11. Updates to this policy
Génoa reserves the right to update this privacy policy at any time. Any changes will take effect upon publication on our website. We encourage you to review this page regularly to stay informed of any updates.