Bientôt disponible surDoctolib

Privacy policy

What is the usefulness of this policy?

Diabet’, which manages the diabet.fr site, places great importance on the protection and confidentiality of your personal data, which for us is a guarantee of seriousness and trust.

The data privacy policy clearly demonstrates our commitment to adhering to the applicable data protection rules within Diabet’, and more specifically, those of the General Data Protection Regulation (“GDPR”).

Specifically, the privacy policy aims to inform you about how and why we process your data in the context of the services we provide.

Who is this policy for?

This policy applies to you, regardless of your place of residence, as long as you are at least 15 years old, whether you are a patient, a job applicant at Diabet’, or a visitor to the diabet.fr website.

This policy only applies to the treatments that we carry out ourselves and not to the treatments that could be performed with the help of our service features by our patients. If you wish to obtain information about the data processed by our partners using these features, we invite you to contact them directly.

If you are a candidate for a position at Diabet’, you can consult the “candidate” policy which is accessible at any time on our dedicated page on diabet.fr.

If you are under the age of 15, you are not allowed to use our services without the prior and explicit consent of one of your parents, which must be sent in writing to the address [email protected]. If you believe we may hold information about one of your children under the age of 15 without their consent, we invite you to contact us.

Why do we process your data?

As part of the services offered, we are necessarily required to process your personal data for:

  • Navigating our website, benefiting from our services (e.g. specialized sleep consultation) and so that we can respond to your requests (e.g. information requests, complaints, etc.) based on our general terms of use and our legitimate interest in providing you with the best possible service.
  • Follow and comment on our posts on social media based on our legitimate interest in having a dedicated page on social networks.
  • Applying for a position at Diabet’ based on the discussions we have with you during the recruitment process and our legitimate interest in recruiting and selecting candidates.
  • Operating the videos on our site based on our legitimate interest in offering you content in video format.
  • Schedule an appointment automatically with our teams based on the general terms and conditions of its editor and our legitimate interest in providing you with a simple and effective appointment scheduling tool.
  • Compile statistics based on our legitimate interest in order to provide you with the best possible service.
  • Receive our satisfaction surveys based on your prior consent.
  • Ensuring your safety and that of our teams within our premises by using video surveillance cameras based on our legitimate interest.

Your data is collected directly from you when you use our website and we commit to only process your data for the reasons previously described.

However, as soon as you voluntarily publish content on the pages we edit on social networks, you acknowledge that you are fully responsible for any personal information you might transmit, regardless of the nature and origin of the provided information.

For cookies, please consult our dedicated cookie policy available on our website.

What data do we process and for how long?

We have summarized the categories of personal data that we collect and their respective retention periods.

If you wish to obtain even more details about the retention periods applicable to your data, you can contact us at the following address: [email protected].

  • For individuals, personal identification data (e.g., name, first name, date of birth, etc.) and contact details (e.g., email address, phone number, etc.) retained for the entire duration of the service provision, to which are added the legal prescription periods which are generally 5 years.
  • For professionals, personal identification data (e.g.: name, first name, position, company, department, etc.) and contact details (e.g.: professional email address, professional phone number, etc.) are retained for the duration of the business relationship, in addition to the legal prescription periods, which are generally 5 years.
  • When there is confusion between the name of your structure and your personal name (e.g. : sole proprietor, micro-business, etc.), economic and financial data (e.g. : bank account number, verification code, etc.) are kept for the necessary duration of the transaction and for the management of billing and payments, to which are added the legal prescription periods which are generally 5 to 10 years.
  • Health data (e.g. illness, disability, etc.) kept for the duration of the service in addition to the legal prescription periods which are generally 20 years.
  • Surveillance video images collected using our surveillance cameras and kept for a maximum period of one month.
  • Data stated in the CV and cover letter kept for the duration of the recruitment process and then for 2 years from your application.
  • Statistical data related to the viewing of our videos which are anonymized and stored indefinitely.
  • Connection data (e.g., logs, IP address, etc.) kept for a period of 1 year.
  • Cookies that are generally kept for a maximum period of 13 months. For more details on how we use your cookies, you can consult our cookie policy available at any time on our website.

Upon the expiry of the retention periods described above, the deletion of your personal data is irreversible and we will no longer be able to communicate them to you after this period. At most, we can only retain anonymous data for statistical purposes.

Please also note that in case of a dispute, we are obliged to keep all the data concerning you for the entire duration of the file processing even after the expiration of their storage periods previously described.

What rights do you have to control the use of your data?

The applicable data protection regulations grant you specific rights that you can exercise, at any time and free of charge, to control how we use your data.

  • Right to access and copy your personal data as long as this request does not conflict with business secrecy, confidentiality, or correspondence secrecy.
  • Right to rectification of personal data that may be incorrect, outdated or incomplete.
  • Right to object to the processing of your personal data for commercial prospecting purposes.
  • Right to request erasure (“right to be forgotten”) of your personal data that are not essential for the proper functioning of our services.
  • Right to the limitation of your personal data which allows to record the use of your data in case of dispute over the legitimacy of a processing.
  • Right to portability of your data which allows you to retrieve some of your personal data in order to store or easily transmit it from one information system to another.
  • Right to give directives on the fate of your data in the event of death either through you, through a trusted third party or a beneficiary.

In order for a request to be considered, it is imperative that it is made directly by you at the [email protected] address. Any request that is not made in this way cannot be processed.

Requests cannot come from anyone other than you. Therefore, we may ask you for proof of identity if there is doubt about the identity of the requester.

We will respond to your request within the shortest possible time, up to a limit of one month from its receipt unless the request is complex or repeated. In this case, the response time can be up to a maximum of three months.

Please note that we can always refuse to respond to any excessive or unwarranted request, especially in regards to its repetitive nature.

Who can access your data?

WE NEVER TRANSFER OR SELL YOUR DATA TO THIRD PARTIES OR COMMERCIAL PARTNERS. ALL OF YOUR PERSONAL DATA IS EXCLUSIVELY USED BY OUR TEAMS OR OUR IT SERVICE PROVIDERS.

More specifically, we only share your data with people duly authorized to use them in order to provide you with our service such as our IT service.

Your personal data is also transferred to our IT providers for the sole purpose of technically operating our service (e.g.: data host).

We specify that we screen all our IT providers before hiring them to ensure they strictly comply with the applicable rules regarding personal data protection.

How do we protect your data?

We implement all the technical means and required organizational measures to ensure the security of your data on a daily basis, and, in particular, to fight against any risk of destruction, loss, alteration, or unauthorized disclosure of your data (e.g., training, access control, passwords, antivirus, “https,” etc.).

Can your data be transferred outside of the European Union?

As part of our services, we may transfer some of your data.

Of course, we assure you that we are scrupulously ensuring all the appropriate and legal guarantees necessary to ensure the confidentiality and protection of your personal data during the duration of treatments requiring a transfer of personal data outside of the European Union.

Who can you contact for more information?

You can contact our webmaster at any time and for free at the address [email protected] to get more information or details about how we process your data.

How can you contact the CNIL?

You can contact the “National Commission for Informatics and Liberties” or “CNIL” at any time at the following address: CNIL Complaints Service, 3 place de Fontenoy – TSA 80751, 75334 Paris Cedex 07 or by phone at 01.53.73.22.22.

Can the policy be modified?

We are likely to change our privacy policy at any time to adapt it to new legal requirements as well as to new treatments that we might implement in the future.