These Terms and Conditions apply to the DYNSEO games programs: Stim’Art Sofia, Stim’Art Roberto, Stim’Art Scarlett, Stim’Art Clint, The Rolling Ball and its website, www.stimart.com, hereinafter referred to as “Program”.
All DYNSEO programs have a free trial period. Once this period ends, the user must subscribe to the program to keep using it.
The user acknowledges, hereinafter referred to as “Institution”, having read these Terms and Conditions Use and undertakes to respect them.
The Institution is therefore responsible for collecting the consents of the end-users in its residences.
According the GDPR regulations, DYNSEO is a mere subcontractor of the Institution. The Institution is responsible for the data processing.
DYNSEO does not interfere in the collection of data within the Stim’Art program and the restitution of the said data on the monitoring platform, stimart.com.
As this contract is between DYNSEO and the Institution, DYNSEO cannot be held responsible for any action done by the end-user if no prior consent has been provided by the Institution.
- General Information on Program Use
The user of the Program acknowledges having verified that the computer configuration he uses contains no viruses and is in perfect condition.
DYNSEO therefore cannot be held responsible for any damages, whether direct or consequential, arising from the access, use or download content through the Program, including any damage or virus that could infect the computer of the user or any other material.
The user acknowledges having been informed that the Program is accessible 24h / 24h and 7 days / 7 days, except for force majeure cases, computer difficulties or technical, as well as difficulties related to the structure of the network telecommunications.
For maintenance reasons, DYNSEO may also interrupt its Program. In this case, DYNSEO will endeavour to forewarn users.
DYNSEO cannot be held responsible for any damage, howsoever kind resulting from the unavailability of the Program.
- Responsibility concerning the Program Content
The information collected on the web platform of the Program are presented as indicative and do not absolve the user from getting further and personalized information from caregivers and qualified personnel.
DYNSEO reserves the right to modify the content of the information at any time.
- Intellectual Property
The general structure of the Program and its content is the exclusive property of DYNSEO and are subject to legal protection under intellectual property (Copyright, database, software, trademarks, etc.).
Any reproduction or total representation or partial representation of this Program by a natural or legal person, by any means whatsoever without express authorization of DYNSEO is prohibited and constitutes an act of infringement sanctioned especially by Articles L. 335-2 and following of the Code of intellectual property.
Any reuse or total extraction or partial extraction of the Program’s databases by a natural or legal person, by any means whatsoever is prohibited and constitutes an act punishable under Articles L. 343-1 and following of the Code Intellectual Property.
Any total or partial reproduction of DYNSEO’s trademarks and logos made without DYNSEO’s express permission is prohibited pursuant to Articles L. 713-2 and following of the Code of intellectual property.
Therefore, DYNSEO reserves the right to pursue any act of infringement to their intellectual property rights.
- Informatics and Freedoms
In accordance with the Informatics and Freedoms law, Act 78-17 of January 6th, 1978 modified, the personal data processing carried out from the Program have been declared to the CNIL, French data protection authority.
Under the Informatics and Freedoms law Act 78-17 of January 6th, 1978, you have a right of access, modification, correction, opposition, and deletion of collected data on this website that concerns yourself.
You can exercise your rights directly from the email address: Contact@dynseo.com or by postal mail to the following address: DYNSEO, 17 rue des belles feuilles, 75116 Paris.
- Web Hosting
Web hosting at OVH, located 2 rue Kellerman – 59100 Roubaix -France. (www.ovh.com). French Server.
- Program maintenance
The program maintenance is carried out by DYNSEO.
- Personal data protection
Obligations of DYNSEO and the Institution in their own capacities of data controllers
All parts agree to respect all the laws and regulation in accordance with the protection of Personal Data, including the 2016/679 regulation (EU) of April 27th, 2016 (GDPR).
DYNSEO processes Personal Data necessary for the management of services described in this contract, in particular: identity, contact details, user login, password and connection data of the Institution’s employees using the Program. As such, DYNSEO acts as data processor and is committed to implementing the technical and organisational measures granting a level of security adapted to the risk.
The Institution processes Personal Data of the individuals concerned entered by its employees in the Program, in accordance with GDPRs. As such, the Institution acts as data controller.
Obligations to be borne by DYNSEO in its capacity of subcontractor
DYNSEO processes Personal Data by account of the Institution to ensure the Program’s hosting services and maintenance herein stipulated.
As such, DYNSEO acts as subcontractor to the Institution. DYNSEO is committed to respecting the arrangements of article 28 of the GDPR:
– process Personal Data only for the purposes that are agreed to be the object of subcontracting,
– process the data in accordance with the documented instructions from the data controller. If the subcontractor is required to transfer the Personal Data to a third country or an international organisation, by virtue of Union and Member State law to which the controller is subject, he must inform the Institution of this legal obligation before processing the data. Unless the concerned right prohibits such information on important grounds of public interest,
– ensure the confidentiality of Personal Data processed in the context of this contract,
– ensure that the persons authorized to process the Personal Data in virtue of this contract have committed themselves to confidentiality, or are under an appropriate statutory obligation of confidentiality and receive the adequate training considering the protection of Personal Data,
– take into account the principles of data protection at the time of processing itself and data protection by default, as it regards its tools, products, applications or services,
– gather the written authorization, prior and specific authorization of the Institution in the event of the recruitment of other subsequent subcontractors: the subsequent subcontractor is required to respect the obligations of the present contract for the account and according to the Institution,
– to the best of its ability, help the Institution carry out its obligations to follow up on requests of the concerned people to exercise their rights: right to access, rectification, erasure and objection, right to restriction of processing, right to data portability, right not to be subject to automated individual decision-making (including profiling),
– notify by any means the Institution and by email its Data Protection Officer of any Personal Data breach within a maximum period of 24 hours after having become aware of it,
– notify the concerned person of Personal Data breach, after agreeing with the Institution, in the name of and by account of the Institution, without undue delay, when the said violation is likely to result in a high risk to the rights and freedoms of the natural person,
– help the Institution in carrying out data protection impact assessments and in carrying out prior consultation with the supervisory authority,
– implement technical and organisational measures ensuring an appropriate level of security according to the risk, including among others:
(a) the pseudonymisation and encryption of personal data,
(b) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services,
(c) the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident,
(d) a process for regularly testing, assessing, and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
– at the end of the provision of services relating to processing, DYNSEO is committed to sending back all the Personal Data to the Institution,
– share with the controller the name and contact details of their Data Protection Officer, if they appointed one in accordance with article 37 of the GDPR,
– keep a written record of all the categories of processing activities carried out on behalf of the controller, in accordance with article 37 of the GDPR,
– make available to the Institution all the information necessary to demonstrate compliance with the obligations laid down and allow for and contribute to audits, including inspections, conducted by the controller or another auditor mandated by the Institution.
Obligation to be borne by the Institution in its capacity of controller
In its capacity of controller, the Institution is committed to:
- using the Program in accordance with the GDPR regulations,
- provide users the information via the processing operations in accordance with articles 12, 13 and 14 of the GDPR,
- providing DYNSEO with all the necessary information for data processing,
- keeping in writing any instructions concerning DYNSEO’s data processing activities,
- ensuring, prior and during the processing period, that DYNSEO respects the obligations stipulated by the European regulations on data protection,
- supervising the processing, including carrying out audits and inspections at DYNSEO.
In virtue of the abovementioned applicable dispositions which came into force in May 2018, DYNSEO will only process and use personal data after receiving consent as it is necessary for the following types of services:
- Contacting the user-institution
- Ensuring the process of the user-institution’s demands
- Ensuring the completion of services as well as verifying the validity of the information necessary for the payment of the services.
The Institution is free to comply with the following requests:
Receiving end of subscriptions emails
DYNSEO’s programs (Coco, Scarlett and Clint) respects the privacy and confidentiality of the user’s game statistics in accordance with the legislation in effect.
The Institution ensures having explicitly obtained the consent of its end-users for the collection of data under to two models:
– An anonymous model for the improvement of the games’ quality
– A model where the Institution will have access to their own game’s statistics (institution and user profiles coming from this Institution) on a personal account through a user login and a password.
- Data collection and processing
The processed data are the following:
Data provided by the user:
Data: email address, first name, last name, date of birth, gender,
Recipient: DYNSEO, OVH,
Duration of storage: Until the user requests the removal.
Data: game results, mood monitoring,
Recipient: DYNSEO, OVH,
Duration of storage: Until the user requests the removal.
Data: success rate, number or games, favourite game, total game time, average game time, evolution,
Recipient: DYNSEO, user,
Duration of storage: Until the user requests the removal.
How does the data life cycle unfold (functional description)?
The data are processed as follow:
Creation of a user account: The user creates an account with their own email address,
Creation of a profile: The user creates a profile (or a closed-ones’) with personal information (first name, last name, date of birth, gender),
Game data collection: The application stores the users’ games data that can be viewed on a dedicated web platform,
Data sending to the server: The data is sent to the server which analyses and produces calculated data available through the web platform,
Improvement of the service quality: exploitation of data collected and calculated from DYNSEO users.
During the trial period in “visitor mode”, no data collection occurs.
- To protect each players’ personal data,
- Not to provide personal data to its partners or third parties not allowed without the user’s consent,
- No to sell personal data to partners or third parties not allowed without the user’s consent
Only under the research, anonymized statistics of institutions and inherent players will be used only in clinical research purposes.
The Institution confirms having informed and receiving consent of the users regarding data use for game improvement purposes.
In accordance with the law Informatics and Freedoms Act 78-17 of January 6th, 1978 modified, personal data processing realized, directly or indirectly, from the site have been declared to the CNIL, French data protection authority.
The statement to the CNIL was conducted June 11th, 2013 under the number 1679021.
In accordance with the law Informatics and Freedoms Act 78-17 of January 6th, 1978 modified, the Institution has a right to access, modification, rectification, objection, and erasure of collected data concerning itself on this program.
The Institution can exercise its rights directly from the email address: Contact@dynseo.com or by postal mail to the following address: DYNSEO, 17 rue des belles feuilles, 75116 Paris.
- Applicable law and jurisdiction
These Terms and Conditions and the content of the Site are governed by the French law.
The parties agree that any disputes that may occur after or because of these, if they cannot be settled amicably, shall be submitted to competent French courts.