Privacy Policy

1-Introduction

The present Privacy Policy applies to the services of the website https://www.carloue.ma. Your use of the website and the Personal Data you choose to provide on the website are subject to the provisions of this Privacy Policy and the applicable Terms and Conditions of Use.

Recognizing that the collection and processing of personal data on the Internet must respect the fundamental rights of individuals, the company is committed to ensuring that any processing of personal data on the website complies with Law No. 78-17 of January 6, 1978, relating to information technology, files, and freedoms. CARLOUE.MA also undertakes to inform individuals from whom data is collected about their rights and to guarantee them the right of access and rectification of their personal data.

We only use your personal data in cases provided for by applicable regulations:

• Compliance with a legal obligation, and/or
• Your consent to the use of your data, and/or
• The existence of a legitimate interest in using your data. Legitimate interest refers to a set of business or commercial reasons that justify the use of your data by CARLOUE.MA.

2. What data do we collect about you and under what circumstances do we collect them?

During various interactions with you, you may be required to provide us with information about yourself. This information is collected, in particular, when submitting a form, creating an account, placing an order on our website https://www.carloue.ma, or accessing any other offer or service.

These data include, but are not limited to:

Names, first names, gender, date of birth;
• Mailing address, email address, landline and/or mobile phone number; ;
• Encrypted username and password used to identify you on our websites;
• Information related to your professional and financial situation;
• Encrypted information related to your payment methods (including credit card number);
• Choices regarding commercial prospecting;
• Any other information you wish to bring to our attention.

A cookie is a text file that is deposited when visiting a website, application, or online advertisement, and stored in a specific space on the hard drive of your computer or mobile device. Cookies are managed by your Internet browser, and only the issuer of a cookie can decide to read or modify the information contained within it.

A cookie has a limited validity period. Its placement and storage on your device are done in compliance with applicable legislation and subject to the choices you have expressed, which you can modify at any time, as specified in Article 8 below

A cookie does not personally identify you. It allows its issuer to recognize your device and collect certain information regarding the browsing activity performed from that device. Cookies have several functions, such as enabling efficient navigation on a website or application, remembering your choices, the goods and services you wish to purchase, and providing you with relevant advertising content based on your expressed interests during your browsing. You can find more information about cookies.

We may also use standard Internet technologies such as scripts, pixels, and redirects. Scripts (sometimes called tags), written in JavaScript language, are programs that run in your browser and perform various actions, such as sending information to our servers. Scripts are also capable of creating pixels. Pixels (sometimes referred to as transparent GIFs, clear GIFs, or web bugs) are lines of code that display a graphic image (typically invisible) on a web page or in an email. Redirects allow a web page to be available under multiple page addresses (URLs). When a browser opens a redirect URL, a page with a different URL is opened.

The purpose of these technologies is to enhance your experience on our sites. For example, when a user clicks on a share button for an article, a script creates a pixel that allows us to track the sharing activity. This way, we can determine the total number of shares for an article and establish a ranking of the most shared articles.

These technologies provide us access to the following information, among others:

• Information regarding your usage of our sites;
• Information regarding the presence of cookies on your device, the time and date of page visits, and a description of the page where the web tag is placed;
• Information about whether you have read the emails we send you and the clicks you make on the links within those emails.

Our websites and applications may also include third-party scripts, pixels, and redirects. These technologies allow third-party service providers to collect certain information such as your browser type and the web page that redirected you to our websites. These third-party service providers process the information they collect for auditing, research, and reporting purposes regarding our websites, applications, and the advertisements viewed on them. We do not share your personally identifiable information with these third parties for their use of these technologies.

We may establish assumptions about the content and services that can meet your needs or usage patterns by correlating the data we have about you with general and anonymous statistical information.

Our pages are not intended for children under 16 years of age, and we do not knowingly collect Personal Data from children. However, Weendeal's policy is to comply with the law when it requires the authorization of a parent or guardian before collecting, using, or disclosing Personal Data of children. If a parent or guardian becomes aware that their child has provided us with Personal Data without their consent, please contact us at info@carloue.ma. If we become aware that a child has provided us with Personal Data, we will delete their information from our records. CARLOUE.MA acknowledges the need to combat the dissemination of illicit content (such as defamatory, racist, xenophobic, revisionist, or pedophilic content) and to ensure the protection of children. Accordingly, we commit to:-Assisting the relevant authorities in the fight against illicit content.-Allowing for the restriction of access to certain services.

The company CARLOUE.MA does not collect any sensitive data about you. Sensitive data includes racial or ethnic origin, political opinions, religious or philosophical beliefs, membership in a trade union, health data, or sexual orientation. If any such information were to be somehow communicated to CARLOUE.MA, it would be deleted.

3. The purposes of collecting personal data are as follows.

The processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures taken at the data subject's request. The individual, as a natural person, is informed that the collected information is subject to computer processing intended to carry out operations related to customer management, including:

• Orders;
• Contracts;
• Invoices;
• Accounting and customer account management;
• Sales prospecting;
• Customer relationship management;
• Handling requests for access, rectification, and deletion of data;
• Compilation of sales statistics;
• Measurement of website traffic and audience;
• Marketing, advertising, and promotional operations related to our products and services through postal mail, inserts, email, mobile notifications, social media, or any other medium;
• Transfer, rental, or exchange of customer and prospective customer files through commercial partnerships;
• Management of reviews.
CARLOUE.MA informs the user on the data collection form about the mandatory information necessary to provide its services by using the following symbol: "*". If the user does not provide the required information in the designated mandatory fields, they will not be able to register and benefit from the services provided by CARLOUE.MA.

How long do we keep your data?

The company CARLOUE.MA only retains personal data for the time necessary for the operations for which they were collected and in compliance with the current regulations.

The individual is also informed that the company CARLOUE.MA will retain the transmitted data according to the criteria and recommendations of the CNIL (National Commission for Information Technology and Civil Liberties) available in its reference standards.

The customer data is kept for the duration of the business relationship and may be kept for commercial prospecting purposes for a maximum of 3 years from the end of this business relationship.
• Prospect data is kept for a period of 3 years from their collection or the last contact from the prospect.
• Information stored on users' devices (cookies) or any other element used to identify users and enable user tracking is kept for 12 months.
• Credit card data is not stored.

CARLOUE.MA retains the email address until the individual unsubscribes (via the unsubscribe link included in the newsletters) and implements an automatic unsubscribe rule if there is no email open activity for a period of 3 years.

The individual is also informed that CARLOUE.MA will retain the transmitted data according to the criteria and recommendations of the CNIL (National Commission for Information Technology and Civil Liberties) available in its reference standard: simplified standard No. 16.

CARLOUE.MA conserves these data for 3 years.

The data retention period upon conclusion of a contract: The retention periods must allow for compliance with the limitation periods resulting, in particular, from the Insurance Code and the Civil Code.
• Data retention period in the absence of conclusion of a contract: The data may be retained for a period of 3 years from their collection by the data controller or from the last contact initiated by the prospect.

5. Who is likely to have access to the data we collect?

The following individuals are likely to have access to some of your data:
The individuals responsible for marketing, sales, customer relationship management, prospecting, administrative services, IT and technical services, as well as their hierarchical supervisors, may have access to your data. Access to your data is granted based on individual and limited authorization. Personnel with access to personal data are bound by a confidentiality obligation through a personal and nominal commitment to confidentiality.

Entities that may have access to some of your data:
Subcontractors of CARLOUE.MA: Access to your data by our subcontractors is based on signed contracts that specify their obligations regarding the protection, security, and confidentiality of data. Social media platforms: The use of social media to interact with our websites (including Facebook and Twitter "share" buttons) may involve the exchange of data between CARLOUE.MA and these social media platforms. We encourage you to review the privacy policies of these social media platforms to understand the data collection and processing they perform on your data. Authorized business partners involved in data processing, particularly in the context of multi-channel rental, data recording, contact information, statistical analysis, recognition, and data mining: They may promote products or services for their own account or on behalf of advertising clients. Please note that if you decide to subscribe to the products or services of our business partners and allow them access to some of your information, such as by logging into their websites or applications, their privacy policies and cookie policies will apply. We have no control over the collection or processing of your data carried out by our business partners on their own platforms. aw enforcement, judicial, or administrative authorities authorized by Moroccan law: When we have a legal obligation to do so or to protect the rights, property, and safety of CARLOUE.MA.

6. How is your data protected

As the data controller, we implement appropriate technical and organizational measures, in accordance with applicable legal provisions, to protect your personal data against accidental or unlawful alteration, loss, use, disclosure, or unauthorized access. These measures include, but are not limited to:
The appointment of a Data Protection Officer;
The establishment of a dedicated unit for information system security;
Raising awareness among our employees about the confidentiality requirements when accessing your personal data;
Securing access to our premises and computer platforms;
Implementing a comprehensive company-wide IT security policy;
Securing access, sharing, and transfer of data;
Maintaining a high level of data protection standards when selecting subcontractors and partners.

7. What are your rights?

You have the right to access your personal data and request that it be rectified, completed, or updated. You can also request the erasure of your data or object to its processing, provided you have a legitimate reason to do so.

You can request to exercise your right to data portability, which means the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format, and the right to transmit those data to another data controller.

Before responding to your request, we may need to verify your identity and/or ask you to provide additional information to fulfill your request. We will endeavor to address your request within a reasonable timeframe and, in any case, within the deadlines set by Moroccan law on the protection of personal data.