Personal data and security management policy

Data management and use

In order to meet the requirements of our users and our partners, we agree to:

  • implement the security standards needed to ensure the security of the services provided;
  • process the data of our users solely for the proper performance of our services;
  • never use the profile data of our users for commercial purposes.

The data of your user profile are stored directly on your browser so that they are preserved as close to you as possible.

The FACIL'iti profiles do not process any sensitive or medical data. Your user profile only records a set of technical display settings to be applied to the pages of our clients' sites (e.g. Arial font, minimum font size, dark interface mode, etc). The purpose of the names of pathologies included in the profiles with one click is to guide you more effectively towards your adaptation need. They may be modified at any time.

You maintain control over this data stored as cookies (localStorage) and you can delete them at any time:

  • either by using the deletion features available on our settings interface;
  • or by directly using the functional features offered by your browser.

We do not use any data or any of the cookies needed to run our service for advertising purposes or as route tracers.
No user information is published, transferred, assigned or sold to third parties.

Our cookies are strictly necessary in order to provide the service and make it work properly, given that the use of the FACIL'iti solution follows from the user's intentional act in creating their profile. For these reasons, an explicit consent is not required for them to be collected.

CNIL information ​https://www.cnil.fr/fr/cookies-traceurs-que-dit-la-loi

Summary of cookies used by the solution
Cookie name
and storage
Purpose of the associated processing Retention period
FACIL_ITI_LS
on the ws.facil-iti.com domain
User profile management in your own browser As long as the user does not delete their profile using the application or their browser settings
FACIL_ITI_REFRESH
on the ws.facil-iti.com domain
User profile management in your own browser As long as the user does not delete their profile using the application or their browser settings
PHPSESSID
on the ws.facil-iti.com domain
Technical functional data Duration of the user's visit to the profile configuration interface (session duration)
FACIL-ITI_CSS
on the domain of the partner site
Cached technical data to speed up processing Duration of the user visit to the client site (session duration)

Detailed description of our services

User profile configuration interface

The technical options for displaying your user profile (e.g. Arial font, minimum font size, dark interface mode, etc) only pass through our servers while the expected service is being provided: adjusting the page of the site being visited in order to improve the viewing comfort.

Summary table: user profile creation
Purpose of processing user profile management
Data concerned user profile: set of display customisation options selected by the user
Type of storage technical cookie encrypted in the localStorage of the browser or standard cookie encrypted for compatibility reasons with old browsers
Retention period – the service usage time
– the user retains full control of this data and can erase it using the options available on their browser or the options of our configuration interface
Summary table: user profile migration
Purpose of processing So that the user can move their user profile to another browser or work station
Data concerned - user profile: set of display customisation options selected by the user
- user's email address (optional)
Type of storage - for the user profile: temporary and encrypted in a database on our servers
- for the e-mail address: no storage, immediate use for sending an e-mail notification
Retention period - for the user profile: automatic deletion of our servers 48 hours after registration

Web service linked to our clients' sites

The web service represents the technical part linking the website of client companies and partners to the FACIL'iti solution.

This service does not use any personal data from the sites on which it is installed; it uses the preferences of the user profile to redesign and adapt the display of the site according to the options chosen by the user when they create their profile.

None of the addresses of the pages that you consult on the sites of our partners is stored, even temporarily, on our servers.

Summary table
Purpose of processing Adaptation of the client's site pages to meet the web user's accessibility needs
Data concerned - user profile: set of display customisation options selected by the user
- technical code cache to speed up processing
Type of storage - for the user profile: temporary transient feed by our servers for use
- for the technical code: temporary cookie saved in the sessionStorage of the browser
Retention period for the technical cache: the time of the web user's visit to the site

Statistics on the use of our services

In order to regularly improve our services, we carry out statistical analyses on their uses. These statistics are based on digital fingerprints of the data in order to guarantee that they are completely anonymised.

We do not use any third party services hosted outside of our servers; the tools employed are configured to meet the conditions for measuring visits without obtaining consent published by the CNIL .

These statistical data are intentionally very generic and relate only to the global use which is made of our solutions.

No processing involving grouping by pathology or user preference is carried out and no processing that can lead to the classification or categorisation of our users is implemented.

This information is neither tracked, calculated or collected and is therefore never passed on to a client company, subcontractor company or partner company.
The aggregated statistical information corresponds to the use which is made of the solution on the sites on which it is installed. No data is combined with other sources of information or other sites in order to follow the users' path.

Summary
Purpose of processing General statistics on the use of the solution
Data concerned – anonymised digital fingerprint of your IP address
– digital fingerprint of personalisation options
Type of storage anonymised in the application database
Retention period - unlimited when stored in the form of an anonymised digital fingerprint

Security

Technical work has been undertaken on the ws.facil-iti.com platform to offer you all the guarantees in terms of data security and confidentiality.

All the information and data feeds used by the ws.facil-iti.com application are encrypted to prevent any attempted misappropriation.

IT audit of the solution

A security audit and penetration tests were carried out by a company specialising in IT security in February 2020.

Auditing company: AlgoSecure
Head office: 57 Boulevard Vivier Merle, 69003 Lyon, France
Website: www.algosecure.fr

Hosting infrastructure

In accordance with the restrictions on web hosts, log files containing information that include the IP address of web users are recorded on the hosting servers of the solution; these files are kept for 60 days and are then automatically deleted after this period.

Summary
Purpose of processing Availability: use of a FACIL'iti solution service
Data concerned your IP address
Type of storage unencrypted in the system logs of the web servers
Retention period 60 days in the server logs with automated deletion
Deactivate FACIL'iti
Do you really want to deactivate FACIL'iti?
Activate FACIL'iti