Privacy Policy Mozaë
MOZAE is a solution that enables subscribers and their users to digitally manage their cattle farming operations from various devices (computer, smartphone, tablet) through connected devices attached to the animals. This solution facilitates the management of identification, reproduction, health, and dairy and meat performance of the subscribers’ herds.
In compliance with the General Data Protection Regulation No. 2016/679 (“GDPR”) and Law No. 78-17 on Information Technology, Data Files, and Civil Liberties dated January 6, 1978, in its latest version (“LIL”), this personal data protection policy aims to inform you, as a subscriber and/or employee, representative, agent, or manager of the subscriber, about the processing implemented by iOtee (further detailed below) within the framework of subscribing to and executing the SaaS software solution “MOZAE,” which it publishes and which is accessible via the website **mozae-app.fr** or by downloading the dedicated Android or iOS application (hereinafter referred to as “MOZAE”).
Data Controller: iOtee
iOtee, a simplified joint-stock company registered with the Laval Trade and Companies Register under number 832 733 877, located at 141 Boulevard des Loges, 53940 SAINT-BERTHEVIN, is responsible for the processing of personal data carried out to provide you, the subscriber, and your authorized users (employees, managers, agents, etc.) with the MOZAE solution in accordance with your subscription.
Introduction
What is personal data?
Personal data refers to information that can be used to identify you, either directly or indirectly. This includes, but is not limited to, your name, surname, phone number, postal and email addresses, or your IP address.
What are our practices regarding personal data?
We collect your personal data in a fair, lawful, and transparent manner. The personal data collected is proportional to the purposes of our processing. It enables us to provide you with a tailored service, allowing you to remotely manage your farm and handle your subscription.
We also ensure the protection of your personal data by implementing strict security measures, in compliance with applicable regulations.
Characteristics of our processing
Why do we collect your personal data, and how long do we retain it?
The table below provides a detailed description of how we process personal data:
Purposes | Legal Basis | Data Retention Periods | ||
Active Database | Intermediate Database | |||
Management of MOZAE Subscriptions | Management of Subscription and Execution of the MOZAE Solution Subscription Contract | • Execution of pre-contractual measures requested by the data subjects or legitimate interests (specifically, the execution of pre-contractual measures) when the request is made on behalf of a legal entity. • Execution of a contract or legitimate interests (specifically, the execution of the contract) when the contract is signed with a legal entity. | Durée nécessaire à la gestion de la demande de mesures précontractuelles et le cas échéant, durée de la relation contractuelle | If necessary, the data is archived for a maximum duration of 5 years. |
Bookkeeping or Accounting Management | • Compliance with a legal obligation | The data is retained for the duration of accounting operations. | Accounting documents are kept in intermediate archives for 10 years. | |
Customer relationship management: • Handling complaints • After-sales service (support requests, etc.) | • Performance of a contract or legitimate interests (i.e., executing the contract) when the contract is signed with a legal entity. | Duration of the contractual relationship | If necessary, the data is archived for a maximum of 5 years. | |
Specific Processing Operations for MOZAE | The creation and management of: • Subscriber accounts during subscription · • User accounts throughout the contract (with the “Account Sharing” feature) | • Performance of a contract or legitimate interests (i.e., executing the contract) when the contract is signed with a legal entity. | Duration of the contractual relationship or until the account is deleted in the case of user accounts. Note: It is common for users to stop using their accounts without formally deleting them. In such cases, we delete accounts after a continuous two-year period of inactivity. You will be notified beforehand, allowing you the opportunity to express your wish to keep your account active. | If necessary, the data is archived for a maximum duration of 5 years. |
Management of subscribed options & activation of all corresponding features | • Performance of a contract or legitimate interests (i.e., executing the contract) when the contract is signed with a legal entity. | Duration of the contractual relationship | If necessary, the data is archived for a maximum of 5 years. | |
Send the configured notifications in the Mozaë software solution | • Performance of a contract or legitimate interests (i.e., executing the contract) when the contract is signed with a legal entity. | The duration of notification operations | / | |
Logging of records to ensure traceability of access and actions by authorized users of Mozaë. | • Legitimate interests of iOtee, namely ensuring the security of Mozaë. | 6 months | If necessary, the data is archived for a maximum duration of 5 years. | |
Processing operations carried out in the context of cookie placement (For more information, see the section “Cookies used by iOtee on Mozaë”) | Optimal provision of the Mozaë solution and its features activated by users through the use of cookies | • Legitimate interests of iOtee, namely providing a compliant service | 13 months | / |
Perform website audience measurement statistics through the use of cookies | • Legitimate interests of iOtee, namely improving the functionalities of its website | 13 months | / | |
Other processing operations | Management of pre-litigation and litigation: • Handling pre-litigation • Preparation, execution, and follow-up of litigation | • Legitimate interests of iOtee, namely protecting its rights and interests | Data processed for managing pre-litigation is deleted upon the amicable resolution of the dispute or, failing that, once the corresponding statute of limitations for legal action has expired. Data processed for managing litigation is deleted when no further appeals are possible against the decision rendered or once the decision has been executed. | Decisions rendered may be retained as permanent archives due to historical interest. |
Management of rights requests (GDPR) | • Compliance with a legal obligation | The time strictly necessary to process the requests. | Data related to rights requests are archived for five years, except for data related to the right to object, which are retained for six years. | |
Who can access your personal data?
Your personal data is shared within our services only with individuals who need to know it and are authorized by their roles to process it, namely:
- Staff in the commercial department
- Staff in administrative and accounting departments
- Teams responsible for Mozaë support and maintenance
- Data protection personnel
- iOtee management
Your data may also be shared with our partners, service providers, and subcontractors, such as:
- IT providers: For instance, if you subscribe to certain options offered with Mozaë, your data may be transferred to some of our providers involved in delivering additional subscribed services.
- Legal officers and bailiffs
- Providers involved in advisory and support missions
- Entities involved in operations related to the life of the data controller (e.g., company transfers, mergers, acquisitions, or universal transfers of assets).
What categories of personal data do we collect, and how?
To pursue the purposes described above, we collect:
- Your first and last names
- Your postal address
- Your email address
- Your phone number
- Your preferred language
- Your profile (e.g., manager, employee, contractor)
- Your IP address
Your names, email addresses, and postal addresses are necessary for the execution and management of the Mozaë subscription contract, enabling us to:
- Grant access rights to Mozaë
- Send you notifications you have subscribed to via Mozaë
Additionally, some personal data (e.g., names, email addresses, profiles) are indirectly collected (from a non-public source) through the “Account Sharing” feature. This feature allows subscribers to create and manage Mozaë access for new users inside or outside their organization.
Your rights
What rights do you have regarding your personal data?
You have the following rights concerning your personal data:
You have the right to obtain confirmation of whether your personal data is being processed or not, and if it is, you have the right to obtain a copy of your data along with the following information:
- The purposes of the processing;
- The categories of personal data concerned;
- The recipients or categories of recipients to whom the personal data has been or will be disclosed, particularly recipients established in third countries or international organizations;
- Where possible, the envisaged period for which the personal data will be stored or, if not possible, the criteria used to determine that period;
- The existence of the right to request from the data controller the rectification or erasure of personal data, restriction of processing concerning the data subject, or the right to object to such processing;
- The right to lodge a complaint with a supervisory authority;
- Where personal data is not collected from the data subject, any available information as to its source;
- The existence of automated decision-making, including profiling, and, at least in such cases, meaningful information about the logic involved;
- Where personal data is transferred to a third country or an international organization, the right to be informed of the appropriate safeguards relating to the transfer.
One free copy of your personal data is provided; additional copies may incur a reasonable administrative fee.
You have the right to request at any time that your personal data be rectified and/or completed, as applicable.
Except in specific cases provided by law, you have the right to request the erasure of your personal data without undue delay if one of the following grounds applies:
- The personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
- You withdraw your consent, and there is no other legal basis for processing.
- You object to processing, and there are no overriding legitimate grounds for continuing the processing.
- The personal data has been unlawfully processed.
- The personal data must be erased to comply with a legal obligation.
- The personal data was collected in the context of providing information society services to minors.
- You have the right to request restriction of processing from the controller if one of the following applies:
- You contest the accuracy of the personal data (processing may be restricted while the accuracy is verified).
- The processing is unlawful, and you oppose erasure, requesting restriction of use instead.
- The controller no longer needs the data for processing purposes, but you need it to establish, exercise, or defend legal claims.
- You object to the processing, pending verification of whether the controller’s legitimate grounds override yours.
If you exercise this right, the controller may process your personal data only for storage purposes unless:
- You have given prior consent.
- It is necessary for establishing, exercising, or defending legal claims.
- It is necessary for protecting the rights of another person or entity.
- It is required for important public interest reasons in the EU or a member state.
In any case, you will be informed if the restriction is lifted.
You have the right to receive or transmit the personal data you have provided, in a structured, commonly used, and machine-readable format, to another data controller. Please note that this is not a general right. Not all personal data from all processing activities is portable, as this right applies only to automated processing and excludes manual or paper-based processing.
Furthermore, this right is limited to processing activities whose legal basis is either consent or a contract.
You have the right to withdraw your consent to processing at any time and without needing to justify your decision when consent serves as the legal basis for the processing.
You have the option to set specific instructions regarding the storage, erasure, and communication of your personal data after your death. These instructions will apply only to the scope of our processing.
General instructions concerning post-mortem data must be addressed to a third party designated by decree.
Who to Contact Regarding Data Protection Issues ?
To exercise your rights or for any other questions about the processing of your personal data, you can contact us via the following email address: contact@iotee-agri.fr
Your requests will be reviewed as promptly as possible and, in any case, within the timeframes required by the GDPR.
If you believe that your rights are not being respected regarding the protection of your data or that an action related to the processing of your personal data is incompatible with the provisions of this policy or applicable regulations, you may file a complaint directly with the CNIL.
Cookies Used by iOtee on Mozaë
As mentioned above, when you browse the Mozaë website or application, we may collect data about your navigation on the pages of the site through the use of cookies.
For your information, a cookie is a small computer file that can be placed and read on your device by an application or website you access. Cookies can serve various purposes, and their use generally requires your prior consent, except when they are strictly necessary to provide an online communication service requested by the user or have the sole purpose of enabling or facilitating electronic communication.
The cookies used on Mozaë are intended to ensure the optimal functionality of our services. Specifically, they enable your authentication on the site and facilitate your navigation. In accordance with CNIL recommendations, the use of these cookies does not require the user’s prior consent, as they are strictly necessary for providing an online communication service requested by the user and/or solely facilitate electronic communication.
Cookies may also be placed on your device to measure the audience on Mozaë. These audience measurement cookies fall within the scope of cookies exempted from consent under CNIL guidelines, as their use is strictly limited to tracking and measuring audience metrics. They do not involve cross-referencing data or transmitting data to third parties and only produce anonymous statistical data. As such, their placement does not require your prior consent.
Updates to This Privacy Policy
IOTEE reserves the right to modify this Privacy Policy at any time, in accordance with applicable GDPR and LIL provisions.
The last update was in September 2024.
