The Website and the mobile application are held, exploited and edited by SKIPTAX, a simplified joint stock company with a share capital of 6.158 euros, with its principal place of business being sis 76 rue de la pompe, 75016 Paris and registered in the Paris trade and Companies’ Register (Registre du commerce et des sociétés de Paris) under the number 843 174 921.
As respect for the privacy and personal data of users is a priority for SKIPTAX, SKIPTAX undertakes to process the data collected with the utmost respect in compliance with the EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the Data Protection Act of 6 January 1978 as amended.
Article 1. Definitions
Customer: refers to the person benefiting from the services offered by SKIPTAX, whether it is a company or a person using the services of SKIPTAX.
Login details: refers to the data entered allowing a User to validate his registration on the Website and to use the services provided by SKIPTAX.
Internet user: refers to any person browsing the Website.
Controller: refers to the entity that determines the means and purposes of processing personal data
Services: refers to all the services offered by SKIPTAX and available via its Website or mobile application.
Processor: refers to the person processing personal data on behalf of the Controller, who acts under the authority of the Controller and on the instructions of the Controller.
User: refers to any person who accesses and browses the Website either as a simple Internet user or as a Customer.
Article 2. Identity of the Controller
Personal data is collected and processed by SKIPTAX, a simplified joint-stock company with a capital of 6,158 euros, whose registered office is located at 76 rue de la pompe, 75016 Paris and registered with the Paris Trade and Company Register under number 843 174 921.
SKIPTAX is considered to be responsible for the processing of personal data implemented in the context of the operation of the Website.
Article 3. Contact details of the Data Protection Officer (DPO)
For any question related to the management and the use made of the personal data collected, it is possible to contact the DPO of SKIPTAX:
– Either by email: firstname.lastname@example.org
– Either by mail: DPO, SKIPTAX, 76 rue de la pompe, 75016 Paris.
Article 4. Nature of the collected data
When Users browse the Website or the mobile application and wish to benefit from the services available therein, SKIPTAX may collect certain personal data relating to Users.
These data are processed in accordance with the purposes provided for at the time of collection.
– Identity data (surname, first name, email, telephone number, identity document);
– Financial data (for the management of transactions relating to the recovery of VAT);
– Data relating to the management and security of login data (login details : username and password);
– Connection data (IP address, connection logs).
Article 5. Methods of collection of data
SKIPTAX may collect personal data during the:
– Registration on the Website or via the mobile application;
– The execution of the contractual relationship between SKIPTAX and the User.
Regardless of the method of collection, the User will be informed of the purposes of the processing for which their data are collected by SKIPTAX via the various paper data collection forms or online on the Website or via the mobile application.
SKIPTAX undertakes to inform Users of the purposes of the processing, the mandatory or optional nature of the answers to be provided, the possible consequences of a failure to respond, the recipients of the data, the existence and methods of exercising its rights of access to said data, rectification and opposition to the processing of its data.
The User providing personal data concerning them, undertakes to communicate accurate information and not prejudicial to the interests or rights of third parties.
Article 6. Consent
All data concerning Users are collected directly from them, during registrations, login and various exchanges (online requests, letters, telephone calls, etc.).
When registering on the Website or via the mobile application, the User fills in various forms and communicates various personal data concerning them in order to benefit from all the services offered by SKIPTAX.
When necessary, SKIPTAX undertakes, as the case may be, to obtain their consent and/or to allow them to oppose the use of their data for certain purposes.
Article 7. Purpose of processing
The purpose of the processing corresponds to the purpose pursued by the use of the User’s data.
SKIPTAX ensures that it only collects data that is strictly necessary for the purposes pursued.
In the event that SKIPTAX wishes to use personal data for purposes other than those for which the User’s data was initially collected, SKIPTAX undertakes to inform the User in advance and to obtain their consent when necessary for any new purpose.
The User’s personal data may be collected by SKIPTAX for explicit, legitimate and determined purposes in order to ensure :
– The management of the contractual relationship with the User;
– The management and collection of the VAT that the user wishes to recover;
– Accounting management and the realization of associated operations;
– The management and recovery of unpaid sums;
– Litigation management;
– Improving navigation on the Website and mobile application;
– The management of requests for rights resulting from the GDPR and the amended IEL law (particularly rights of access, rectification and opposition, erasure, limitation, portability, right to lodge a complaint with the CNIL, etc.).
The mandatory or optional nature of the personal data collected and the possible consequences of a failure to respond are indicated during their collection on the associated forms and indicated by the presence of asterisks.
Article 8. Recipients of the data
Within the limits of their respective attributions and for the aforementioned purposes, the main persons likely to have access to the personal data collected are the following:
– Skiptax’s authorized staff (i.e. all employees working in the communication, administrative, logistics and IT departments, responsible in particular for facilitating and managing the relationship with the User);
– State services, in particular Customs, in connection with Value Added Tax (VAT).
Users’ personal data are not communicated, exchanged, sold or rented without the prior express consent of Users in accordance with the applicable legal and regulatory provisions.
Article 9. Transfer outside the European Union
SKIPTAX undertakes not to transfer Users’ data outside the European Union. In the event that SKIPTAX considers doing so, it will inform users by indicating the measures taken to control this transfer and ensure compliance with the confidentiality of their data.
Article 10. Data retention period
SKIPTAX undertakes to ensure that the data collected is kept in a form that allows the identification of the data at hand for a period that does not exceed the necessary period for the purposes for which these data are collected and processed.
Data processing is possible for proof of a right or contract. This data may be kept by SKIPTAX for the purpose of complying with a legal obligation or kept in files in accordance with applicable regulations and laws.
The User’s identification data is kept by SKIPTAX for a period of 10 from the last contact with the User.
Article 11. Login data
For the proper functioning of the Website and the mobile application, SKIPTAX makes use of login data to identify Users, to memorize consultations and to benefit from audience’ measures and statistics, in particular relating to the pages consulted.
After this period, the raw traffic data associated with an identifier is either deleted or anonymized.
Article 12. Exercise of rights
In accordance with the Data Protection Act of January 6 1978 as amended and Articles 15 et seq. of Regulation (EU) 2016/679 on the protection of personal data, the person concerned by the personal data collected has the following rights over the data concerning him/her:
– Right to access, rectify, update, complete the data;
– Right to block or erase personal data when they are inaccurate, incomplete, equivocal, outdated or the collection, use, communication or storage of which is prohibited;
– Right to withdraw consent at any time;
– Right to restriction of data processing;
– Right to object to the processing of their data;
– Right to the portability of the data provided when the data is subject to automated processing based on consent or contract;
– Right to lodge a complaint with the CNIL;
– Right to define the fate of the data after death and to choose whether or not SKIPTAX communicates this data to a previously designated third party. In the event of death and in the absence of instructions from the User, SKIPTAX undertakes to destroy this data, unless their retention is necessary for evidentiary purposes or to meet a legal obligation.
These rights can be exercised by simple request:
– Either by email: email@example.com
– Either by mail: DPO, SKIPTAX, 76 rue de la pompe, 75016 Paris.
To exercise these rights, Users must indicate their contact details (surname, first name, address and a copy of a signed identity document) and a legitimate reason when this is required by law (in particular in case of opposition to the processing).
In case of communication of a copy of the identity document to prove their identity, SKIPTAX will keep it for a period that may vary from one year to three years when this communication is made in the context of the exercise of a right of opposition.
In the event of a breach of the aforementioned provisions, it is possible to lodge a complaint with the competent supervisory authority (in France, the CNIL : www.cnil.fr).
Article 13. Sécurité
SKIPTAX complies with the IEL law and the GDPR regarding the security and confidentiality of personal data.
SKIPTAX implements all the necessary technical and organizational measures to ensure the security of the processing of personal data and the confidentiality of the data collected.
As such, SKIPTAX takes all the necessary precautions, with regard to the nature of the data and the risks presented by the processing operations to maintain their security and, in particular, to prevent the data from being lost, misappropriated, distorted, damaged, consulted, modified or disclosed by an unauthorized third party (firewall, physical protection of premises, authentication processes for persons accessing the data with personal and secure access via identifiers and words of confidential passes, secure https protocol, logging and traceability of connections, encryption of certain data, etc.).
Thus, access to personal data is strictly limited to SKIPTAX’s expressly authorized personnel and its Processors, acting themselves according to our instructions and in accordance with our contractual provisions and applicable legislation.
SKIPTAX ensures that the most recent version is published on the Website.