Privacy Policy

1. Data Controller

The data controller responsible for your personal information on Gironde.org is:

2. Data We Collect

We collect and process the following types of personal data when you use our website:

2.1 Automatically Collected Data

• Technical Information: IP address, browser type and version, operating system, device type, screen resolution
• Usage Data: Pages visited, time spent on pages, links clicked, referral sources, date and time of visits
• Location Data: General geographic location based on IP address (country, region, city level only)

2.2 Cookies and Similar Technologies

We use cookies and similar tracking technologies to enhance your browsing experience. For detailed information, please see our Cookie Policy section below.

2.3 Voluntarily Provided Information

If you contact us via email or submit forms on our website, we may collect:

• Name and email address
• Subject matter and content of your inquiry
• Any other information you choose to provide

3. How We Use Your Data

We process your personal data for the following purposes and legal bases under GDPR:

3.1 Website Operation and Improvement (Legitimate Interest)

• To provide, maintain, and improve our website functionality
• To analyze website usage and visitor trends
• To optimize content and user experience
• To troubleshoot technical issues

3.2 Communication (Consent or Legitimate Interest)

• To respond to your inquiries and requests
• To provide information about the Gironde department that you request
• To send administrative notifications about the website

3.3 Security and Legal Compliance (Legal Obligation)

• To detect, prevent, and address fraud or security issues
• To comply with applicable laws and regulations
• To protect the rights and safety of our users and the public

4. Cookie Policy

Gironde.org uses cookies to enhance your browsing experience and understand how visitors use our website.

4.1 What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences and improve functionality.

4.2 Types of Cookies We Use

Essential Cookies (Required)

These cookies are necessary for the website to function properly and cannot be disabled:

• Session cookies to maintain your navigation state
• Security cookies to protect against fraudulent activity

Analytics Cookies (Optional)

These cookies help us understand how visitors interact with our website:

• Google Analytics (anonymized IP addresses)
• Page view tracking and user journey analysis
• Traffic source identification

Functional Cookies (Optional)

• Language and region preferences
• Map interaction preferences
• Font size and accessibility settings

4.3 Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to:

• View what cookies are stored and delete them individually
• Block third-party cookies
• Block all cookies from specific websites
• Block all cookies from being set
• Delete all cookies when you close your browser

Please note that blocking all cookies may impact your ability to use certain features of our website.

4.4 Third-Party Cookies

We use the following third-party services that may set cookies:

• Google Analytics: For website traffic analysis (with IP anonymization enabled)
• Google Fonts: For typography and design consistency
• Leaflet/OpenStreetMap: For interactive maps

These third parties have their own privacy policies. We recommend reviewing their policies for more information.

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal data. We may share your information only in the following limited circumstances:

5.1 Service Providers

We may share data with trusted third-party service providers who assist us in operating our website, such as:

• Web hosting providers
• Analytics services (e.g., Google Analytics)
• Content delivery networks (CDNs)

These providers are contractually obligated to process data only as instructed and to maintain appropriate security measures.

5.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, government agencies).

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity, subject to the same privacy protections.

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law:

• Analytics Data: Retained for 26 months, then anonymized or deleted
• Server Logs: Retained for 12 months for security purposes
• Email Correspondence: Retained for 3 years or until you request deletion
• Cookie Data: Varies by cookie type (see Cookie Policy above)

After the retention period, we will securely delete or anonymize your personal data.

7. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights regarding your personal data:

7.1 Right to Access

You have the right to request a copy of the personal data we hold about you.

7.2 Right to Rectification

You have the right to request correction of inaccurate or incomplete personal data.

7.3 Right to Erasure ("Right to Be Forgotten")

You have the right to request deletion of your personal data under certain circumstances, such as when:

• The data is no longer necessary for the purposes it was collected
• You withdraw consent and there is no other legal basis for processing
• You object to processing and there are no overriding legitimate grounds
• The data has been unlawfully processed

7.4 Right to Restriction of Processing

You have the right to request that we limit how we use your data under certain circumstances.

7.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transfer it to another data controller.

7.6 Right to Object

You have the right to object to processing of your personal data where we rely on legitimate interest as the legal basis.

7.7 Right to Withdraw Consent

Where we process your data based on consent, you have the right to withdraw that consent at any time.

7.8 Right to Lodge a Complaint

You have the right to lodge a complaint with the French data protection authority (CNIL) or your local supervisory authority if you believe we have not complied with data protection laws:

7.9 How to Exercise Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month. In some cases, we may extend this period by two additional months if necessary, in which case we will inform you.

8. International Data Transfers

Your personal data is primarily stored and processed within the European Union. If we transfer data outside the EU/EEA, we ensure adequate protection through:

• Standard Contractual Clauses approved by the European Commission
• Transfers to countries with adequacy decisions
• Other legally approved transfer mechanisms under GDPR

For example, Google Analytics data may be transferred to the United States under Google's compliance with EU-U.S. Data Privacy Framework and Standard Contractual Clauses.

9. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

• HTTPS encryption for all data transmitted between your browser and our servers
• Regular security audits and vulnerability assessments
• Access controls and authentication mechanisms
• Secure backup and disaster recovery procedures
• Employee training on data protection and security practices

While we strive to protect your personal data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

10. Children's Privacy

Gironde.org is a general information website and is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at [email protected], and we will delete such information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

• Update the "Last Updated" date at the top of this page
• Notify you of material changes through a prominent notice on our website
• Obtain your consent if required by applicable law

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

12. Contact Information