Privacy policy
This privacy policy describes how Ripaille collects, uses, and protects users' personal data, in accordance with Regulation (EU) 2016/679 (GDPR) and the amended French Law No. 78-17 of January 6, 1978 (Informatique et Libertés).
Data Controller
The data controller is Cilia Solutions, reachable by email at contact@ripaille.org. The website is accessible at https://ripaille.org.
Data Collected
In the context of using the service, the following data may be collected:
No banking data, no precise geolocation data, and no so-called "sensitive" data (health, opinions, etc.) is collected.
Purposes of Processing
Data is processed solely to enable the creation and management of events, the registration of guests, the organization of food contributions, and the technical operation of the service (password authentication, security, abuse prevention).
Legal Basis
Processing is based on the user's consent (Article 6.1.a of the GDPR), expressed by creating an event or voluntarily registering as a guest. You may withdraw your consent at any time by requesting the deletion of your data.
Retention Period
Data relating to an event and its guests is retained for the entire duration of the event, then automatically deleted 30 days after that date. Preferences stored locally in your browser are never transmitted to the server and can be erased at any time via your browser settings.
Recipients and Transfers
Your data is neither sold, nor rented, nor disclosed to third parties for commercial purposes. It is hosted on Google Cloud Platform (Google LLC) within the European Union. No transfer outside the EU is carried out.
Security
Exchanges between your browser and the service are encrypted via HTTPS. Event and guest passwords are stored securely and never transmitted in plain text. Reasonable technical and organizational measures are in place to protect your data against unauthorized access, alteration, or destruction.
Cookies and Trackers
Ripaille does not use any cookies or advertising or analytics trackers. Interface preferences (language, theme, color) are stored locally in your browser via localStorage: they are neither transmitted to the server nor shared with third parties.
Your Rights
In accordance with the GDPR, you have the following rights over your personal data:
Right of access: obtain confirmation that data concerning you is being processed and receive a copy of it.
Right to rectification: correct inaccurate or incomplete data.
Right to erasure: request the deletion of your data.
Right to restriction: temporarily suspend the processing of your data.
Right to portability: receive your data in a structured, machine-readable format.
Right to object: object to the processing of your data on legitimate grounds.
To exercise these rights, send your request to contact@ripaille.org specifying the identifier of the relevant event. A response will be provided within a maximum of one month.
If you believe that the processing of your data does not comply with the regulations, you have the right to lodge a complaint with the French Data Protection Authority (CNIL): www.cnil.fr.
Policy Changes
This policy may be amended to reflect changes to the service or applicable regulations. The date of the latest update appears at the top of this page.
Contact
For any question regarding this privacy policy or the processing of your personal data, you may contact the data controller at contact@ripaille.org.