AM Transformation (hereinafter referred to as "the Company") is committed to protecting the personal data of its users, in accordance with the laws and regulations in force, in particular law no. 013/2006 of October 12, 2006 on the protection of personal data in the Democratic Republic of the Congo. This policy aims to clarify the methods of collecting, using and protecting personal information. By using our Site, you acknowledge that you have read this policy and accept its terms.
Legislative context
Legislation in the Democratic Republic of Congo has been put in place to protect the rights of individuals with regard to their personal data. As an entity operating within this legal framework, the Company has a responsibility not only to ensure compliance, but also to create a secure environment for its users. We strive to adopt practices that comply with international standards, while taking into account local cultural and regulatory specificities. This includes raising employee awareness of the importance of data protection and implementing rigorous internal procedures.
What is personal data?
Personal data includes any information that can be used to identify a natural person. This includes not only identification data, but also other information which, when combined, can reveal sensitive details.
Importance of data protection
The protection of personal data is crucial in a digital world where information circulates rapidly. Data breaches can have serious consequences for both individuals and companies. That's why the Company not only complies with the law, but also adopts ethical practices to protect the privacy of its users. We believe that every user deserves full transparency on how their information is collected, used and protected. By implementing robust security protocols, we are committed to preventing any misuse of your data.
Categories of personal data:
The data collected can be classified into several categories, in particular:
- Identification data: This includes your surname, first name, address, e-mail address and telephone number. This information is required to set up and manage your account on our Site. We only collect relevant information to guarantee the efficiency of our services.
- Connection data: This is collected automatically when you browse our Site, such as your IP address, browser type, operating system and pages visited. This data helps us to analyze traffic and improve the functionality of our Site, by enabling us to identify any technical problems.
- Behavioral data: This data helps us to better understand how you interact with our Site. We collect information about the products or services you consult, the time spent on each page and your interactions with our content, in order to optimize your experience.
- Transactional data: When you make a purchase, we collect information about your transactions, including payment details and purchase history. This data is necessary to process your orders and ensure quality customer service.
- Preference data: We collect information about your preferences, such as your interests and communication choices. This allows us to personalize our content and offers to better meet your needs.
Types of data collected:
Identification data: When you register or use our services, we collect essential identification data. This information is used not only to create your account, but also to ensure its security. For example, when you register, you must provide your full name, e-mail address and a strong password. We encourage you to choose a complex password and not to share it, to ensure the security of your account. If your login information is lost or stolen, you must notify us immediately.
Connection data: This data, collected automatically during your visit, includes information about your device and your location. For example, we use analytics tools to measure traffic, identify the most visited pages, and understand how users navigate our Site. This enables us to improve our services in line with our users' needs. The protection of this data is essential to ensure that personal information is not used for malicious purposes. We are committed to respecting the privacy of every user while optimizing the experience on our Site.
Transactional data: When you make a purchase, we collect essential transactional data to ensure that your orders run smoothly. This includes detailed information about your purchases, such as amounts, payment methods and order history. This information is processed with a high level of security to prevent any fraud or breach. We undertake to keep this data only for as long as is necessary, in accordance with legal requirements, to protect your rights and ensure transparency.
Preference data: We use analysis tools to collect information about your preferences and behavior. For example, we track the articles you consult and the services you use to improve our offer. This data enables us to personalize your experience, by recommending products and sending you targeted communications. We believe that this personalization is essential to meet your expectations and improve your satisfaction. We are committed to respecting your choices and giving you control over how your information is used.
1. Data Collection and Use
We collect several types of data, including:
- Identification data: Last name, first name, email address, telephone number. This information is essential to identify you and enable you to create an account on our platform. It also helps us to personalize our interactions with you.
- Transactional data: Information about your purchases, orders and payments. This includes details of the products you buy, the amounts and dates of transactions, as well as the payment methods used. This data enables us to process your orders efficiently, manage any returns and provide you with a complete history of your purchases.
- Connection data: IP address, browser type, pages visited on our site. We use this information to analyze site traffic, understand how users interact with our services, and improve the overall experience. This data helps us optimize our site so that it works better on different devices and browsers.
- Behavioral data: History of use of our services, preferences, user feedback. This information helps us to better understand your usage habits, enabling us to develop features that meet your needs. For example, we may use this data to recommend products similar to those you have already consulted.
- Demographic data: age, gender, geographical location, which helps us to better understand our audience. This information may also be used to segment our communications and offers, in order to provide you with promotions that match your profile.
We use your data for a variety of purposes, including :
- Account creation and management : To enable you to access our services and your personal information. This also includes recovering your password in case you forget it and personalizing your experience on our site.
- Communication: To keep you informed of updates, promotions and new features. We'd like to keep you informed of new features that may be of interest to you, by sending you relevant newsletters or notifications.
- Service improvement: To analyze usage trends and optimize our offering. We are committed to listening to your feedback and making changes based on your suggestions in order to continuously improve our services.
- Personalized user experience: To offer you recommendations and content tailored to your preferences. By using your data, we can personalize our interface and help you discover products that match your tastes.
- Marketing: To send you information about our products and services that may be of interest to you. We use your data to target you with special offers, discounts and new product information, ensuring that these communications are relevant to you.
We are committed to respecting your privacy and will only use your data for the purposes described above. You can manage your communication preferences at any time, and we encourage you to do so to take full advantage of our services.
2. Data retention
We undertake to keep your personal data only for as long as is necessary for the purposes for which it was collected. The length of retention depends on the type of data and the legal requirements in force.
Examples of shelf life :
- Identification data: This data is kept for as long as your account is active. If you decide to delete your account, we will keep your identification data for up to 5 years after closing it. This period allows us to respond to any questions or disputes that may arise after the end of your relationship with us.
- Transactional data: This data is kept for 10 years, in compliance with legal and tax requirements. This includes purchase details, invoices and payment documents, in order to comply with accounting traceability and transparency obligations.
- Connection data: This data is kept for 12 months, after which it is anonymized. This means that we delete personal information and retain only aggregate data for statistical analysis.
- Behavioral data: We keep this data for a period of 3 years, after which it is anonymized. This period allows us to analyze usage trends and improve our services without compromising your identity.
- Demographic data: This data may be kept indefinitely in aggregate form for the purposes of market analysis and understanding our audience, but it will not be associated with your identity.
At the end of the retention period, your data will be securely deleted. We use certified deletion methods to ensure that your information cannot be recovered. This includes the permanent erasure of digital files and the physical destruction of any paper documentation containing your personal data.
We ensure that these processes comply with the strictest security standards to protect your information throughout its life cycle. If necessary, you can request the early deletion of your data, subject to applicable legal conditions.
3. Data security
The security of your personal data is our top priority. We have implemented rigorous technical and organizational measures to protect your data against unauthorized access, loss or destruction. We understand the importance of the confidentiality of your information and are committed to protecting it appropriately.
We use advanced encryption technologies to protect your sensitive data during transmission and storage. All communications between your browser and our server are encrypted using the HTTPS protocol. Sensitive data stored in our database is also encrypted.
Only authorized employees have access to your data, and only within the scope of their duties. We apply unique user IDs and passwords and the principle of "least privilege".
We carry out regular audits of our security practices to identify and correct any vulnerabilities. These audits include internal assessments and third-party audits.
In the event of a data breach, we have a well-defined action plan, including rapid notification of the relevant authorities and users. A dedicated team manages incidents and analyzes the causes.
All our employees receive regular training in data security and privacy best practices. This includes detecting phishing attempts and managing confidential information.
We make regular backups of your data, stored in secure locations. These backups are tested to ensure their reliability.
Our IT systems are protected by firewalls, anti-virus software and intrusion detection systems. We constantly monitor our network for suspicious activity.
We carry out periodic penetration tests to assess the robustness of our security infrastructure, enabling us to identify vulnerabilities.
Access to our data centers is controlled by security systems, including access cards and surveillance cameras.
We are committed to continually reviewing and updating our security measures to keep pace with changing threats and technologies. Your trust is important to us, and we will do everything in our power to keep your data safe.
4. Users' rights
You have several rights concerning your personal data. These rights are designed to give you control over your information and guarantee its protection.
The right of access allows you to request information about the data we hold about you. You have the right to know what personal information is collected, how it is used, with whom it is shared, and for what purposes. You can also request a copy of the personal data we hold about you.
The right of rectification allows you to request the correction of inaccurate or incomplete data. If you find that some of your information is incorrect or no longer reflects your current situation, you can contact us to update it. We will deal with your request promptly to ensure the accuracy of your data.
The right to erasure, also known as the "right to be forgotten", allows you to request the deletion of your data in certain situations. This may include cases where you withdraw your consent to the processing of your data or where your data is no longer necessary for the purposes for which it was collected. We will consider each request and act in accordance with legal requirements. It is important to note that in some cases we may be required to retain certain data for legal or regulatory reasons.
The right to restrict processing allows you to request that we restrict the processing of your data in certain circumstances. This may apply, for example, when you dispute the accuracy of your data or object to its processing. During the limitation period, we will only process your data for storage purposes, without carrying out any other operations.
The right to portability gives you the opportunity to receive your data in a structured, commonly used and machine-readable format. This allows you to transfer your information to another service if you wish. We are committed to facilitating this transfer, wherever possible, in order to offer you maximum flexibility in managing your data.
The right to object allows you to object to certain uses of your data, including direct marketing. If you no longer wish to receive our marketing communications, you can unsubscribe at any time, and we will ensure that your preferences are respected. In addition, you may object to the processing of your data for reasons relating to your particular situation, where such processing is based on our legitimate interests.
To exercise these rights, please contact us at the address given at the end of this policy. We advise you to include specific information about your request in order to facilitate its processing. We undertake to respond to your request as quickly as possible, within the legal time limits. Your satisfaction and trust are important to us, and we strive to ensure that your rights are respected and that your data is managed in a transparent and responsible manner.
5. Changes to the Policy
We reserve the right to modify this data protection policy at any time. These changes may be necessary to reflect changes in our practices, changes in applicable law, or technological advances. We recognize the importance of keeping you informed of changes in the way we collect, use and protect your personal data.
In the event of significant changes to our policy, we undertake to inform you by email or by means of a notice visible on our website. This notification may include a summary of the changes made and an explanation of their impact on the way we process your data. We want you to be fully aware of how your information is used and of your rights.
It is important to note that minor changes, which do not substantially affect your rights, may be implemented without prior notification. However, we will always strive to proactively inform our users of adjustments that may affect their experience.
We encourage you to review this policy regularly to stay informed about our data protection practices. By checking our policy frequently, you will be aware of what information we collect, how we use it and under what conditions we process it. We want you to be well informed about your rights and how to exercise them.
Your continued use of our services following the posting of changes will be considered acceptance of those changes. If you do not agree with the changes made, we encourage you to stop using our services and to contact us with any questions or concerns you may have regarding your personal data.
We are committed to protecting your privacy and handling your data with the utmost care. Your trust is important to us, and we will do our utmost to keep you informed of any changes in the way your data is handled. Thank you for your attention and your commitment to our data protection policy.
6. Cookies and similar technologies
We use cookies and similar technologies to enhance your experience on our site. Cookies are small text files stored on your device when you visit our website. They help us to recognize you on subsequent visits and to personalize your experience according to your preferences.
Cookies perform several functions. Some cookies are essential for the proper operation of our site, while others help us to analyze site usage and improve our services. For example, we use session cookies to maintain your connection during browsing. These cookies are temporary and are deleted when you close your browser.
We also use analytical cookies to collect information about how users interact with our site. This includes data on pages visited, length of visits and links clicked. This information helps us understand usage trends and optimize our site to provide a better user experience.
Advertising cookies are used to show you relevant ads. With these cookies, we can show you ads that match your interests, improving the relevance of the marketing messages you receive. We work with advertising partners who may also use cookies to track the performance of their campaigns.
Functionality cookies are used to remember your preferences and improve your user experience. For example, these cookies may remember your preferred language or other settings you chose during your visit.
You can manage your cookie preferences via your browser settings. Most browsers allow you to block cookies or receive alerts when cookies are being sent. However, it is important to note that if you choose to disable cookies, this may affect your experience on our site and limit certain features.
We recommend that you consult the privacy policies of each third-party site you visit to understand how they use cookies and similar technologies. If you have any questions about our use of cookies or would like to know more about how we use them, please do not hesitate to contact us.
We are committed to ensuring transparency about how we use cookies and to offering you control over your data. Your trust is important to us, and we want to make sure that you are aware of the technologies we use to improve your experience.
7. Transfer of Data
If we need to transfer your personal data to third parties, we ensure that they comply with adequate data protection standards. The transfer of your information is a sensitive process, and we are committed to protecting your privacy at every stage.
We work with service providers who help us manage our operations. These service providers may have access to your data in the course of their duties, in particular to process payments, host our services or manage customer relations. We ensure that these third parties adhere to strict data protection practices and comply with applicable privacy laws.
In the context of commercial partnerships, we may also share data with trusted partners. This may occur in the context of special offers, joint promotions or other collaborations that may be of interest to you. Before any sharing takes place, we ensure that partners comply with high standards of data protection and use your information only for the agreed purposes.
With regard to international transfers, if your data is transferred outside the European Economic Area, we ensure that appropriate measures are in place to guarantee its protection. This may include the implementation of standard contractual clauses approved by regulatory authorities or the use of approved transfer mechanisms to ensure an adequate level of protection.
We are aware that the transfer of personal data can raise concerns, and we are committed to informing you about how your information is protected throughout this process. If you have any questions about data transfers or would like to know more about the measures we take to ensure the security of your information, please do not hesitate to contact us.
We remain transparent about how we handle your data, and want to reassure you that your privacy is always our priority. Your trust is important to us, and we do our utmost to ensure that your data is handled securely and responsibly.
8. Processing of Sensitive Data
We are committed to protecting sensitive data. Sensitive data includes information that reveals particular aspects of your identity, such as your racial or ethnic origin, your political opinions, your religious or philosophical beliefs, your trade union membership, as well as data concerning your health, your sex life or your sexual orientation. Because of the sensitive nature of this information, we take particular care in handling it.
We do not collect sensitive personal data unless it is absolutely necessary to provide our services. In such cases, we undertake to obtain your explicit consent before processing this information. This consent will be clear, informed and documented, enabling you to understand exactly why we are collecting this data and how it will be used.
Where we process sensitive data, we put in place additional measures to ensure its security. This includes the use of secure storage methods, encryption protocols during transmission and strict access controls to limit access to such data to only those employees or subcontractors who need it to carry out their tasks.
We are also committed to complying with all applicable data protection laws and regulations, including the General Data Protection Regulation (GDPR). This means that we implement processing practices that comply with legal requirements, ensuring that your rights are respected.
If you have any questions about our handling of sensitive data, or would like to know more about how we protect this information, please do not hesitate to contact us. Your privacy is our priority, and we want to make sure you feel safe sharing your information with us.
We remain committed to ensuring that all data, including sensitive data, is handled responsibly and securely. Your trust is essential, and we do our utmost to protect your personal information.
9. Notification of Data Breaches
In the event of a data breach, we undertake to comply with our legal notification obligations and to act promptly to protect your personal information. A data breach may include any incident likely to result in the destruction, loss, modification, unauthorized disclosure of or access to personal data, whether stored electronically or physically.
If we become aware of a data breach that is likely to present a risk to your rights and freedoms, we will notify the relevant authorities without delay. This notification will include details of the nature of the breach, the categories of data concerned, and the approximate number of people affected. We will also provide information on the potential consequences of the breach and the measures we have put in place to remedy the situation.
In addition, if the breach is likely to result in a high risk to your rights, we will inform you directly, without undue delay. In this communication, we will provide you with detailed information on the nature of the breach, the data involved, as well as practical advice on steps you can take to protect your personal information. This may include recommendations on changing your passwords, monitoring your accounts or being alert to suspicious activity.
We have rigorous protocols in place to respond rapidly to data breaches. This includes the establishment of a dedicated security incident management team, made up of professionals trained to assess the extent of the breach, determine its causes and implement corrective measures. This team also works closely with the legal department to ensure that all legal obligations are met.
In the event of a breach, we will also carry out an in-depth analysis of the incident to identify gaps in our security systems and improve our practices. This may include updating our security systems, revising our internal policies and providing our employees with ongoing training in data protection best practices. We firmly believe that every incident is a learning opportunity that can help us strengthen our security and better protect your information.
We are committed to ensuring transparency and maintaining the trust of our users. If you have any questions or concerns about our data breach notification practices, or would like information about how we protect your data, please do not hesitate to contact us. Your security is our priority, and we will do our utmost to protect your personal information and address any concerns you may have.
10. Data Retention Policy
We have a strict data retention policy which ensures that we only keep your data for as long as is necessary for the purposes for which it was collected, in compliance with applicable laws. This policy is designed to ensure the protection of your information while complying with legal and regulatory requirements.
We define specific retention periods for each type of data. For example, identification data, such as your surname, first name and e-mail address, is kept for as long as your account is active. Even after your account has been closed, we undertake to retain this data for a maximum period of five years for legal reasons and to facilitate any audits or compliance requests.
Transactional data, such as information relating to your purchases, orders and payments, is kept for a period of ten years. This retention period is necessary to comply with our legal and tax obligations, and to deal with any disputes or queries relating to these transactions.
Connection data, which includes your IP address, browser type and the pages visited on our site, is kept for a period of twelve months. After this period, this data will be anonymized to ensure that your identity can no longer be associated with this information.
At the end of these retention periods, your data will be securely deleted. We use certified deletion methods, ensuring that your information cannot be recovered by third parties. This deletion process is carried out in such a way as to protect your privacy and minimize the risk of data leakage.
11. Subcontractors and Partners
We work with subcontractors and partners who may have access to your personal data in the course of performing their services. We are aware of the responsibility that comes with sharing your information and are committed to ensuring that these parties adhere to strict data protection standards.
Before sharing your data with a subcontractor, we carry out a rigorous assessment of their data protection practices. We ensure that they have appropriate security measures in place to protect your information, and that they comply with all applicable privacy laws. This assessment includes verification of their internal policies, security procedures and ability to process your data securely.
Our subcontractors may include service providers such as payment processors, data hosts, marketing companies, or analytics providers. These partners help us to provide our services, improve our offering and interact with our users effectively. We ensure that contracts with these third parties include specific clauses on data protection, specifying their obligations in terms of security and confidentiality.
We are also committed to sharing your data only when necessary to achieve the purposes for which it was collected. For example, if you make a purchase, your payment information will be shared with our payment service provider in order to process your order. However, we ensure that only the information strictly necessary for this operation is transmitted.
As part of business partnerships, we may also share data with trusted partners for joint initiatives. We have agreements in place to ensure that these partners also adhere to high data protection standards. This includes partnerships for promotions, market research or collaborative events.
We will inform you in a transparent manner about the third parties with whom your data may be shared and the purposes of such sharing. If you have any concerns about our subcontractors or how your data is used by these partners, we encourage you to contact us. Your trust is essential, and we want you to feel secure in the knowledge that your information is being handled with care.
We are committed to regularly reviewing our data sharing practices to ensure that they remain compliant with legal requirements and reflect privacy best practices. We believe that a proactive and transparent approach to managing your data builds trust and fosters a strong relationship with our users.
12. Data Protection Impact Assessments
We may carry out data protection impact assessments where required by applicable legislation. These assessments are essential to identify and minimize the risks associated with the processing of your personal data. We understand that the protection of privacy is crucial and that any processing of data can potentially have consequences for your rights and freedoms.
A Data Protection Impact Assessment (DPIA) is a systematic process that enables us to analyze how a data processing operation could affect your privacy. This includes an assessment of the types of data we collect, the purposes for which it is processed, and the measures in place to ensure its security. We also examine the potential risks associated with the disclosure, loss or misuse of this data.
During this assessment, we take into account various factors, including the nature of the data processed, the purpose of the processing, the context in which the data is used, as well as the possible consequences for data subjects. If a SIFT reveals high risks that cannot be mitigated by appropriate security measures, we will consult the relevant regulatory authorities before proceeding with the processing.
We believe in involving all stakeholders in the evaluation process. This can include internal consultations with our legal, security and compliance teams, as well as exchanges with users or data protection experts. By integrating different perspectives, we are able to identify risks more effectively and implement appropriate solutions.
We are committed to regularly updating our impact assessments to reflect developments in our data processing practices and changes in regulations. This means that whenever we introduce a new service, new technology or a significant change in our processing methods, we carry out a new assessment to ensure that we continue to meet the highest standards of data protection.
If you have any questions about our data protection impact assessments or would like to know more about how we take privacy into account in our operations, please do not hesitate to contact us. We are committed to transparency and to ensuring that your data is handled securely and responsibly.
Your trust is paramount, and we strive to reassure you by ensuring that all our data processing practices comply with legal and ethical requirements. By taking a proactive approach to data protection management, we aim to reinforce our commitment to our users' privacy.
13. Responsibility and Compliance
We are committed to complying with all applicable data protection laws and regulations. This includes the General Data Protection Regulation (GDPR), which sets out clear principles regarding the collection, processing and retention of personal data. We take this responsibility very seriously and have rigorous measures in place to ensure that we act in compliance with these requirements.
To ensure our compliance, we have appointed a Data Protection Officer (DPO). This professional is responsible for overseeing our data protection practices and ensuring that all processing operations are carried out in compliance with current legislation. The DPO plays a key role in raising our staff's awareness of privacy and data protection issues, providing them with the training they need to understand their responsibilities.
We also carry out regular internal audits of our data protection practices. These audits enable us to assess the effectiveness of our security and compliance measures, identify any gaps and implement improvements. They are essential to ensure that we remain up to date with industry best practice and respond to regulatory developments.
If you have any questions or concerns about our compliance with data protection laws, we encourage our users to contact us directly. We strongly believe in transparency and open communication. If violations are identified, we take immediate corrective action to rectify the situation and prevent it from happening again in the future.
We are committed to being accountable not only to our users, but also to the relevant authorities. Where necessary, we work with these authorities to clarify our data processing practices and comply with their recommendations. This reflects our commitment to maintaining high standards of data protection accountability.
We believe that compliance is not only a legal obligation, but also an opportunity to strengthen the trust of our users. By complying with regulations and adopting ethical practices, we aim to create a safe and respectful environment for everyone who interacts with our services.
If you have any questions or would like to know more about our commitment to responsibility and compliance, please do not hesitate to contact us. Your trust is important to us, and we want to assure you that we handle your data with the utmost care and lawfully.
14. Links to third-party sites
Our site may contain links to third-party sites. These links may direct you to platforms or services that are not operated by us. We are not responsible for the data protection practices of these sites, and we advise you to consult their data protection policies before providing your personal information.
It is important to understand that each third-party site may have different data collection and use practices than we do. Consequently, we cannot guarantee the security or confidentiality of your data once you have left our site to browse these other platforms. We recommend that you carefully read the privacy policies of each site you visit to understand how your information will be treated.
In addition, third-party sites may use technologies such as cookies or web beacons to collect data about your online activity. These technologies make it possible to track your behavior on the Internet, which may include information about the pages you visit, the length of your visit and other usage data. We have no control over these practices and cannot be held responsible for the use these third parties make of your data.
We would like to point out that when you click on a link to a third-party site, you leave our site and our data protection policy no longer applies. We are not responsible for the content of these sites, nor for their privacy practices. We encourage you to be vigilant and to exercise caution when providing your personal information on external platforms.
15. Use of Social Networks
We may interact with you via social networks. When you communicate with us on these platforms, we may collect personal information that you choose to share. This includes data such as your username, messages, comments, "likes" and other interactions you may have with our content on these networks.
It is important to note that social networks have their own privacy and data protection policies. We therefore recommend that you consult these policies to understand how your information is collected, used and shared by these platforms. We are not responsible for the privacy practices of social networks, and their use is subject to their own terms of use.
We may use the information you share with us on social networks to improve our communication, understand your preferences and interact more effectively with our community. This may include publishing content tailored to your interests, responding to your questions and comments, or promoting our services.
In addition, certain features of our site may be integrated with social networks. For example, you may be able to share content directly from our site to your social network accounts. In this case, we encourage you to be aware of the information you choose to share, as these actions may make some of your data public.
We advise you to be careful when sharing personal information on social networks. Avoid posting sensitive or private information that could compromise your safety or privacy. Bear in mind that anything you post on these platforms may be accessible to a wide audience.
16. Contact
If you have any questions or requests relating to this data protection policy, please contact us at contact@amt-immo.com. We will be happy to respond to your concerns and provide you with any information you may require regarding the processing of your personal data.
We are committed to dealing with all your requests seriously and diligently. If you have any questions about how we collect, use or protect your data, please let us know. Your satisfaction is important to us, and we want to make sure you feel safe and informed about how your information is used.
