We protect and respect your personal data

You are currently on the website of the AcadeMYO, the digital version of the renowned Summer School of Myology, managed by the Association Institute of Myology (AIM): https://academyo.fr. When you browse or register for the Summer School of Myology, we collect and use some of your personal data. Their protection and security are at the center of our concerns. In this section, you will find more details on the type of data collected and how we process it.

 

1. AIM AND PERSONAL DATA PROTECTION

The General Data Protection Regulation 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR) allows people to better understand and control the use that is made of their personal data. In that regard, the GDPR strengthens your rights and increases the responsibility of those collecting your data.

As data controller, AIM undertakes to comply with the obligations required by the GDPR as well as with the obligations set out by the French law “Informatique et Libertés” number 78-17 of January 6, 1978.

 

2. THE DELEGATE FOR DATA PROTECTION

In order to comply with the rules relating to the protection of personal data, AIM has appointed a Data Protection Officer (DPO). Its role is to ensure the proper implementation of the GDPR within the Association. She is the contact point between the French Supervisory Authority (the CNIL) and AIM, as well as yours for any questions you may have regarding the processing of your personal data.

 

3. WHY SHOULD YOU READ THIS POLICY?

 Because:

• You visited the AcadeMYO website (http://academyo.fr/);
• You have registered to AcadeMYO (formerly Summer School of Myology Paris).

If you do not fall into any of these categories, we guarantee you an unambiguous information (purpose, rights, legal basis for processing, type of data concerned, etc.) when your data is collected.

 

4. WHAT PERSONAL DATA IS COLLECTED AND WHAT FOR?

AIM contracted with the processor DUNE. They act on behalf of AIM.

DUNE collects the data you provide:

•  Through the “Register form” :
  • Data collected: Civility, First Name, Last Name, Country of Citizenship, Country of Residence, Email, Affiliation (Institution / Laboratory / Industry), Medical Specialty and / or PhD, Photograph, Curriculum Vitae, Biosketch, Invoice Identity, Invoice Address.
  • Purpose: To process your participation to AcadeMYO and to send you a personalized invoice
  • Lawfulness of the processing: the processing is necessary for the performance of a contract
• Payment infos :
  • Data Collected
  • Purpose: To collect the registration fees
  • Lawfulness of the processing: the processing is necessary for the performance of a contract

AIM also collects personal data relating to your browsing on our website. These are cookies. This is information stored on your terminal when you browse the AIM site. Only the issuer of a cookie can read or modify the information it contains.

For more information, you can consult our cookies policy.

 

 5. TO WHOM IS YOUR PERSONAL DATA TRANSMITTED?

1.  Public authorities or authorized third parties

Under a law, regulation, subpoena or court order, disclosure of your personal data may be requested by an authorized third party. In these specific cases, we will make sure that the requester understands the confidential nature of your data and treats it with the necessary degree of care. Please be aware that unlawful or harmful behavior by one of the users of the AIM website may cause us, as data controller, to cooperate with certain investigations targeting these visitors.

2. Providers

We use subcontractors as part of our services. They are subject to the same security and confidentiality obligations as AIM regarding your personal data.

For more information, you can visit the websites of our subcontractors:

• DUNE: this partner allows you to register to the event and pay the subscription fees.
  • https://www.dune-i.com/

6. WHAT IS THE PERIOD OF CONSERVATION OF YOUR PERSONAL DATA?

When processing your personal data, AIM undertakes to keep this data only for the time strictly necessary for the fulfillment of the intended purpose.

We keep your data for one (1) year.

We will keep as long as necessary, your name and contact information (email address) in order to contact you for future events in relation with AcadeMYO, notably for anniversaries of the Summer School.

 

8. OBLIGATIONS OF THE SUB PROCESSOR

DUNE guarantees the confidentiality of the personal data processed.

DUNE only acts according to the documented instructions from AIM and for the sole purposes established in section 4.

DUNE provides sufficient guarantees and implements appropriate technical and organizational measures to ensure that they meet the requirements of this GDPR and the protection of the rights of the data subject.

DUNE shall not engage another processor without prior specific or general written authorization of AIM.

DUNE does not transfer any personal data outside of the UE and would not do so without the prior authorization of AIM.

At the end of the services, DUNE will delete or return all personal data to AIM and will delete existing copies.

In the event that a data subject makes a request to exercise his or her rights, DUNE will make every effort to assist AIM in responding to the request within one month. In the event that a request for the exercise of rights is made directly to DUNE, DUNE undertakes to forward this request upon receipt to dpo@institut-myologie.org.

In case of breach of data, after taking the necessary steps to stop the breach and minimize its effects, DUNE shall notify AIM of any personal data breach within a maximum of 24 hours of becoming aware of it, in order to allow AIM to make a declaration to the CNIL within 72 hours.

 

7. HOW CAN YOU EXERCISE YOUR RIGHTS?

The GDPR has strengthened the rights of data subjects to allow a better control. To exercise your rights, all you need to do is contact the DPO of AIM or DUNE.

AIM :

•  By email: dpo@institut-myologie.org
•  By mail:
  • Data Protection Officer
    Association Institute of Myology
    47-83 boulevard de l’Hôpital,
    75651 Paris Cedex 13

DUNE :

• By email : s.veniel@dune-i.com

 

You have the following rights:

1.  The right of access

This right allows you to have access to the data processed concerning you. You will receive them in an understandable format.

1.  The right to rectification

In case of inaccurate data about you, you can ask for it to be modified and updated.

1.  The right to object

You can object to the processing of your personal data for reasons relating to your particular situation. Please note that this will not lead to the deletion of your data. This right is used in particular in the context of opposition to commercial prospecting. For the latter you do not need any particular reason. In other cases, your request must be justified.

1.  The right to erasure

You can request the erasure of your personal data in the following cases:

• The processing of your data is no longer necessary for the purpose for which it was collected;
• You decide to withdraw your consent (only if the processing is based on it);
• In the event of opposition to the processing, you can also request the deletion of your data;
• The processing you are subject to is unlawful;
• The erasure of your data is part of a legal obligation;
• The data was collected from minors as part of the information society service offering.

1.  5. The right to portability

This right allows you to reuse your data for personal use. You can request the transmission of your data in a structured, commonly used and machine-readable format. Please note this right only exists if the processing is based on your consent and if it is carried out automatically.

1.  6. The right to limitation

This right allows you to freeze the use of your data in the following cases:

• The accuracy of the personal data is contested,
• The processing is unlawful,
• AIM no longer needs your personal data, but they are still necessary for the establishment, exercise or defense of legal claims.

If you have difficulty exercising your rights, you can file a complaint with the French Supervisory Authority (CNIL).

 

8. TRANSFER OF PERSONAL DATA OUTSIDE THE EUROPEAN UNION (EU)

AIM does not transfer your personal data outside of the European Union. If such was the case, AIM will implement the appropriate measures to guarantee your personal data a level of protection equivalent to that of the European Union.

In case of questions relating to data transfers outside the EU, you can contact the DPO of AIM (dpo@institut-myologie.org).

 

9. SECURITY OF YOUR DATA

As data controller, AIM ensures a high level of security for your data through structural, organizational and technical measures.

 

10. EXTERNAL LINKS

The site www.academyo.fr contains external links to websites that have their own personal data privacy policy. Consequently, AIM cannot be held responsible for their content and their practice in terms of protection of personal data. We advise you to read carefully the privacy and personal data protection policies of the third-party sites in question.

This section only applies to data collected on the AIM website: www.academyo.fr

 

 11. UPDATE

AIM reserves the right to update this page relating to the protection of your personal data at any time in the event of changes in the law and / or our practices in this matter.

Please check this page regularly.

Last modification: 18/06/2021

 

12. GDPR GLOSSARY:

Data controller:
The natural or legal person who determines the purposes and means of the processing.

 Subcontractor:
The natural or legal person who processes personal data on behalf of the controller.

 Data processing:
Examples: collection, recording, organization, structuring, conservation, modification, extraction, consultation…

 Personal data or personal data:
Any information relating to an identified or identifiable natural person.
Examples: identifier, name, identification number, location data, online identifier, one or more specific elements.

 As a reminder, you can find all these definitions in Article 4 of the General Data Protection Regulation