Privacy Policy
Table of Contents
1. Purpose and Scope of the Policy
2. Data Controller
3. What Personal Data Do We Collect and How?
4. Why Do We Collect Your Personal Data and How?
5. Do We Share Your Personal Data?
6. Are Your Personal Data Transferred to Third Countries?
7. How Long Do We Keep Your Personal Data?
8. How Do We Ensure the Security of Your Personal Data?
9. What Are Your Rights?
10. Information on Cookie Management
11. Updating This Policy
1. Purpose and Scope of the Policy
Diazinteregio places the highest importance on protecting privacy and personal
data, as well as complying with applicable legislation.
Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons
regarding the processing of personal data and the free movement of such data
(the "GDPR") states that personal data must be processed lawfully, fairly, and
transparently. This privacy policy (the "Policy") aims to provide you with
clear, simple information about how your personal data is processed during
your use of the Amorce platform.
2. Data Controller
As part of your activity on the site https://www.amorce.eu/, we collect and
use personal data relating to you, natural persons (the "Data Subject").
For all processing, Diazinteregio, the association of Diaz users,
headquartered at 2 AVENUE GEORGES CLEMENCEAU 29200 BREST, determines the means
and purposes of the processing. We act as the Data Controller under applicable
data protection legislation, including Regulation (EU) 2016/679.
3. What Personal Data Do We Collect and How?
By using our Amorce platform, you provide us with certain information that may identify you ("Personal Data"). This occurs when you browse the site, create a user account, or complete online forms.
The type and nature of personal data collected depend on your relationship with Diazinteregio, including:
- Identification Data: e.g., title, first and last name, email address, postal address, and sometimes phone number.
-
Login Data: e.g., password and other authentication
information.
Technical data such as:- IP address
- Login date and time
- Browser characteristics
- Operating system
- Requests made
- Server response codes and context information for maintenance
- Documents of various types: PDFs, Office files, images, videos, including titles, content, folder names, comments, dates, etc.
- Browsing information: interactions with our website, such as pages visited and features used.
4. Why Do We Collect Your Personal Data and How?
We collect your personal data for specific purposes and based on different legal grounds.
Based on public interest, your data is processed for:
- Management and indexing of audiovisual archives of territories
Based on your consent, your data is processed for:
- Managing newsletters
- Managing access to the Amorce platform
Based on our legitimate interest, your data is processed for:
- Implementing measures to ensure IT system security and proper operation
Based on legal obligations, your data is processed for:
- Handling personal data breaches
- Managing individuals’ rights
5. Do We Share Your Personal Data?
Your data is shared with authorized Diazinteregio staff for access management and legal obligations.
It may also be shared with:
- Service providers and subcontractors performing tasks on our behalf
- Authorized public authorities (judicial, regulatory)
- Regulated professions (lawyers, bailiffs, etc.) for enforcement or litigation purposes
We require third parties to use data only for the intended purposes and take all measures to ensure confidentiality and security. Only necessary data is shared, and transmission is secure. We do not sell your data.
6. Are Your Personal Data Transferred to Third Countries?
All data collected on our site is exclusively hosted in France on secure servers provided by OVH, in compliance with GDPR. No personal data is transferred outside the EU.
7. How Long Do We Keep Your Personal Data?
We retain personal data only as long as necessary for the intended purpose or legal obligations. Retention periods vary depending on activity, contracts, legal obligations, and regulatory guidance.
| Purpose | Retention Period |
| Handling data breaches | 5 years after CNIL notification |
| Managing individuals’ rights | ID documents retained for 1 year for access/rectification; 3 years for opposition |
| IT system security measures | Variable, max 12 months |
| Archival management | Unlimited, anonymized/pseudonymized if requested |
| Platform access management | Access kept while active; deleted after 15 months inactivity |
| Newsletter management | Active subscribers: indefinite; inactive: 3 years from last interaction; immediate deletion if unsubscribed |
8. How Do We Ensure the Security of Your Personal Data?
We implement technical and organizational measures appropriate to the data and associated risks, including restricted access, pseudonymization, and encryption. Security policies are regularly reviewed and updated.
9. What Are Your Rights?
Under GDPR, Data Subjects have the following rights:
- Right to information
- Right of access
- Right to rectification
- Right to erasure ("right to be forgotten")
- Right to object
- Right to withdraw consent
- Right to restrict processing
- Right to data portability
- Right not to be subject to automated decisions
- Right to post-mortem directives
To exercise your rights, contact: DIAZ INTEREGIO, 2 AVENUE GEORGES CLEMENCEAU 29200 BREST or contact@diazinteregio.org. You may also contact CNIL for complaints.
10. Information on Cookie Management
We use Matomo Analytics for web analytics, fully GDPR-compliant and CNIL-approved. Matomo is configured to benefit from consent exemption. Data is collected anonymously for statistical purposes only.
Data is securely stored within the EU and not transferred to third countries.
11. Updating This Policy
This Policy may be updated regularly to reflect changes in data protection
regulations.
Last updated: 18/07/2025.
