Privacy Policy for the Orion Service

This charter sets out the conditions under which, within the context of the performance of the contract concluded between ESII and the customer, we can collect and possibly use information about you.

Identity and contact details of the controller : Michael Schlicht, the Data Protection Officer
Processing purposes : the processing carried out by ESII, a publisher of reception management solutions, aims to improve the quality of our services and the detection of inaccurate or falsified documents.
This processing is carried out within the legal framework in force on the date of the update of this Charter
The information in question : information given via the Orion Service : When you create your account, you enter personal information. This information is stored by our hosting provider. We can also use your email address to communicate with you about our services.
Retention period : Personal information may not be retained for more than 12 months. The personal data that are no longer needed for the use of our services are deleted every day. However, anonymised data are kept for statistical purposes in order to improve the quality of the service. This period is set at 12 months with the possibility that this time can be reduced or increased depending on the customers.
Cookies : When you access the Orion Service, we may place one or more cookies on your computer or other device. We use cookies to improve the quality of our Services, including to store user preferences, the trends followed by the user, and other useful information.
Data relating to the device used : When you access the Services via a browser or another client, our servers automatically record certain information. This may be a unique identifier of the device, information about the mobile network, the model or the version of the operating system.
Geolocation data : When you access the Services, we may locate you if this feature is enabled on your mobile or your tablet. You can disable this feature.
Customer content and information : When you upload content or information (in particular photos, attachments, administrative documents or information entered into the forms of the Services), we may retain those communications in order to process your requests, respond to them and improve our services or develop new services.
Territory : Our hosting provider locates the storage and processing of information on servers in France or in the European Union.
Choice : Most browsers are initially configured to accept cookies, but you can reconfigure your browser to refuse all cookies or to indicate when a cookie is sent. However, some features and services may not function properly if cookies are disabled.
Sharing of information : ESII will not share the personal information with other companies or individuals, except our subsidiaries.
Security of the information : ESII, in the light of its responsibilities, puts in place appropriate security measures to protect it against any unauthorised access or unauthorised alteration, disclosure or destruction of the data. Our services are encrypted using SHA-2 technology. The data are systematically encrypted when they are stored. We limit access to personal information to the employees of each user account who need access to this information to process it on our behalf and to our technical support to resolve the problems linked to each user. These persons are bound by the non-disclosure obligations and may be disciplined, which my go as far as dismissal if they do not meet these obligations.
The customer’s rights : When you use Orion, we give you access, in accordance with the French Data Protection Act, to your personal information in order to be able to update or correct these data if they are incorrect or delete them on your request, and you benefit from a querying and opposition right. You also benefit as of 30.04.2018 from a portability right. We may refuse to deal with: Requests that are unreasonably repetitive or systematic, requiring a disproportionate technical eff ort, requests compromising the privacy of others, or those which it would be difficult to fulfil (for example, requests for information on backup tapes), or for which access is not necessary. In all cases where we provide access to information and correction, we perform this service free of charge, unless this requires a disproportionate eff ort. Due to the way in which we maintain certain services, after removal of your information, residual copies may take some time before they are deleted from our active servers and they may remain in our backup systems.
Compliance : This is regularly reviewed, in particular, in the light of applicable legal changes, and is updated. When we receive formal written complaints, it is our policy to contact the user making the complaint about his or her concerns. Regarding your right to complain to the Authority concerned, we cooperate with the appropriate regulatory authorities, including local data protection authorities (such as, but not limited to the French CNIL), to resolve any dispute relating to the transfer of personal data that cannot be resolved directly by ESII.
Use of data : We only process the data necessary for the proper functioning of our service. The personal data collected is used to contact the user to guarantee and ensure the processing of your requests. For example, we use information such as email or phone number to send the necessary reminders when booking an appointment online and send the practical information by mail to facilitate the connection with the required service.

During this period, we implement all available means to ensure the confidentiality and security of your personal data, so as to prevent damage, erasure or access by unauthorized third parties.

Access to your personal data is strictly limited to our hotliners technicians who are subject to an obligation of confidentiality. Except as provided above, we will not sell, rent, assign, or give access to third parties to your data without your prior consent, unless we are compelled to do so for law, fight against fraud or abuse, exercise of the rights of the defense, etc.)

In accordance with the law «Informatique et Libertés» of 6 January 1978 as amended and the European Regulation n ° 2016/679 / EU of 27 April 2016 (applicable from 25 May 2018), you have the right of access, rectification, portability and erasure of your data or limiting treatment. You can also, for legitimate reasons, oppose the processing of your data. You may, subject to the production of a valid credential, exercise your rights by contacting our technical support.

We will make available dated versions of this Privacy Policy that you will be able to access.