Privacy policy

1. Preamble

FranceObjetsTrouvés is a service provided by the company ATLANTIS, a SAS with variable capital, registered with the Grenoble Trade and Companies Register under number 815 409 990, whose registered office is located at 9 chemin du Vieux Chêne, 38240 Meylan.

ATLANTIS undertakes to ensure that the processing of personal data carried out as part of its activity complies with European Regulation No. 2016/679, known as the General Data Protection Regulation (GDPR), as well as with the French Data Protection Act.
ATLANTIS undertakes to ensure that the processing of personal data carried out as part of its activity complies with European Regulation No. 2016/679, known as the General Data Protection Regulation (GDPR), as well as with the French Data Protection Act.

In this Privacy Policy (the “Policy”), we explain how and why we use your data, what your rights are, and how to exercise them.

By accepting the Policy, you agree to the processing of your data.


2. What is personal data?

Personal data (“Personal Data” or “Data”) refers to any information relating to an identified or identifiable natural person:

  • directly (last name, first name, email address);
  • indirectly (IP address, geolocation).

3. Who is this Privacy Policy intended for?

This Policy applies to all our services (the “Services”), namely: a service for publishing and consulting information about lost items, a service for publishing and consulting information about found items, and a service for connecting people who have lost items with finders via the website franceobjetstrouves.fr and its subdomains (the “Site”).

It is intended to inform any person using our Services (the “User”).


4. Who collects your Data?

The Data Controller, within the meaning of the European Data Protection Regulation, is ATLANTIS (SAS), represented by Alain FRANCIOSA, in his capacity as President of the company.


5. How do we collect your Data?

The Data collected by this Site is collected exclusively online.

The Personal Data that the User agrees to communicate to us, regardless of the method of collection (online, paper-based, or orally), is subject to the provisions of this Policy.

With regard to the sending of SMS messages, your data is collected via your registration if you have agreed to communicate your data. This data may also be collected via one of our partners if you have agreed to this, or if we have found an item belonging to you that includes your phone number.


6. Why do we collect your Data?

Some of your Data is necessary for the processing and provision of our Services. Failure to provide such information prevents the proper functioning of the Services offered.

For information purposes, you will find below a non-exhaustive list of categories of data collected corresponding to the purposes pursued by our collection.
When creating an account and a listing:

  • Categories of Data collected: identity data (last name, first name and, optionally, date of birth), contact data (email address and, optionally, postal address and phone number), listing number, connection data (username and encrypted password, IP address, connection logs), and description of lost or found items.
  • Category of data subjects: website Users.
  • Legal basis: consent; performance of a contract.
To ensure the performance of the service:
  • Categories of Data collected: identity data (last name, first name), contact data (email address, phone number), customer data (listing number), financial data (credit card data, bank details).
  • Category of data subjects: website Users.
  • Legal basis: contractual measures taken at your request.
To respond to your request submitted via our contact form:
  • Categories of Data collected: identity data (last name, first name), contact data (email address).
  • Category of data subjects: website Users.
  • Legal basis: legitimate interest, in order to provide you with our Services.
To contact you in the event an item belonging to you is found:
  • Category of Data collected: phone number.
  • Category of data subjects: website users, users of a service provided by a partner, citizens who have lost an item.
  • Legal basis: consent when you have voluntarily provided your phone number so that we may contact you; our legitimate interest when an item belonging to you is found and includes your phone number.


7. Are you required to provide your Personal Data?

When you make specific requests, such as responding to your contact form, the processing of your Data is mandatory. Indeed, we cannot proceed with your registration without processing your Data (in particular your email address).

Please note that when you give your consent to the processing of your Personal Data, you may withdraw this consent at any time via the dedicated address infos@franceobjetstrouves.fr, or directly from your user account.


8. How long do we keep your Data?

We retain your Data only for as long as necessary to carry out the operations for which it was collected, unless the law provides for a different retention period.

By way of example:

  • When you register, we retain your Data for a period of 13 months from the date of your registration on the Site. Account data is retained for as long as your account is active, then archived 13 months after the last activity. Before any account closure, you will be informed so that you can reactivate your account.
  • To ensure the performance of the service (namely the management of the transfer of lost/found items), we retain your Data for 5 years after the end of the contractual relationship, excluding the retention period of the item itself, which may initially contain directly or indirectly identifiable data, for the purpose of protecting our interests.
  • Banking data is truncated and retained for 13 months following the debit date for complaint management purposes, then deleted.
  • Invoices are retained for 10 years and then archived.
  • Data relating to listings is retained:
    • For lost item listings where the owner is not identified: 13 months after the listing creation date;
    • For found item listings where the owner is not identified:
      • 19 months after the listing creation date for valuable items;
      • 13 months after the listing creation date for items not considered valuable;
    • For found item listings where the owner has been identified:
      • 19 months after identification of the owner for valuable items;
      • 13 months after identification of the owner for items not considered valuable.
  • When you submit a request via our contact form, we retain your Data for 6 months from the closure of the request.
A user may not delete their account if a return process is ongoing.

You acknowledge that the data you provide to us and that is stored in our information systems is accurate and constitutes proof of your identity.


9. With whom do we share your Data?

ATLANTIS undertakes never to transfer or sell to third parties any information or personal contact details that could be used to personally identify you, except with your express authorization.

Accordingly, the Data collected is shared, according to respective needs and in accordance with the purposes described above, with:

  • ATLANTIS staff;
  • the person who lost the item, the finder, or the partner lost and found service when ATLANTIS and/or the partner has carried out the required prior checks;
  • judicial authorities or third parties by virtue of a legal obligation;
  • staff of partner or affiliated companies, or companies operating under the control of ATLANTIS or its partners, involved in the processes for providing ATLANTIS services;
  • staff of external hosting services for our website;
  • staff of external services for sending confirmation emails following registration and for responding to contact requests;
  • the service provider supplying the SMS sending software;
  • the secure payment service provider.


10. Is your Data transferred outside the European Union?

We do not share your Data outside the European Union with service providers located outside the European Union.

As the Site is accessible via the Internet, its content may be accessible outside the European Union.


11. What security measures have we implemented to protect you?

We undertake to implement all technical and organizational measures necessary to ensure the protection of your Personal Data.

Accordingly, ATLANTIS undertakes to anonymize Data by removing elements allowing personal identification, such as name and email address, when aggregating data for use in market studies or other professional purposes.

We notably carry out regular audits of our information systems to ensure the proper implementation of security measures guaranteeing the integrity, confidentiality, and availability of your Data. Furthermore, ATLANTIS SAS, as the controller responsible for processing and storing your Data, ensures that partner lost and found services have limited access solely to enable the service connecting finders and owners.

Our contracts with our service providers include a section dedicated to Data protection, in compliance with applicable laws.


12. What are your rights?

In accordance with the French Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, and subject to compliance with legal obligations imposed on ATLANTIS as part of its activity, each individual may exercise the following rights:

You may:

  • request a copy of the Data contained in your session – right of access;
  • correct inaccurate Data concerning you, in particular via your personal space – right to rectification;
  • request the deletion of certain Data concerning you – right to erasure;
  • object to the processing of your Data; such a request is incompatible with the performance of our service – right to object;
  • limit the use of your Data while your request is being processed – right to restriction of processing;
  • object to profiling carried out on your Data – right to object to profiling (ATLANTIS does not perform profiling);
  • download your Personal Data directly from your customer account using your username and password – right to data portability.
When a Data breach likely to result in a risk to your rights and freedoms is detected, our Data Protection Officer notifies the breach to the CNIL within a maximum period of 72 hours after becoming aware of it.

When a Data breach likely to result in a high risk to your rights and freedoms is detected, you will be informed of the breach as soon as possible.

You may also define instructions regarding the retention, deletion, and communication of your Personal Data after your death, in accordance with Article 40-1 of Law No. 78-17 of 6 January 1978.


13. How can you exercise your rights?

These rights and instructions may be exercised directly from the preferences center located in your user accounts, or by contacting our Data Protection Officer (DPO):

  • Email: infos@franceobjetstrouves.fr
  • Postal address: Attention of the Data Protection Officer, 9 chemin du Vieux Chêne, 38240 Meylan, France
To enable us to identify you quickly and respond, you should include with your request all elements necessary to establish your identity (in particular your customer number, or a request made directly via your account). A response will then be sent to you within one (1) month of receipt of the request. In certain cases, related to the complexity or number of requests, this period may be extended by two (2) months.

We take all measures to protect Personal Data against accidental or intentional destruction. Consequently, even when you delete Data used by our services, we may not immediately delete residual copies located on our active servers or those stored in our backup systems.

You may also contact the French Data Protection Authority (CNIL), the regulatory authority responsible for enforcing personal data protection regulations in France, online (cnil.fr) or by post at the following address: Commission nationale de l'informatique et des libertés, 3 place de Fontenoy - TSA 80715, 75334 PARIS CEDEX.


14. Cookies

ATLANTIS generates cookies on certain pages of the Site to facilitate navigation (for example, not having to re-enter your password each time). These cookies are generally small and temporary files. They are installed on your hard drive and are usually stored only for the duration of a session. You may always block the installation of cookies via your browser, but this may prevent you from accessing all of our services.

The cookies we use:

Cookie Type Purpose Retention period
PHPSESSID Functionality Navigation personalization and User identification For the duration of the browsing session
hl Functionality Allows the selected user language to be retained 1 year
displayCookieConsent Functionality This cookie confirms the use of cookies 1 year
_pk_id.* Anonymized analytics Used to store certain details about the user such as the visitor’s unique identifier. This data is anonymized and no personal data is collected. Therefore, user consent is not required. 13 months
_pk_ses.* Anonymized analytics Used to temporarily store visit data. This data is anonymized and no personal data is collected. Therefore, user consent is not required. 30 minutes
_pk_testcookie Analytics Used to check whether the browser accepts cookies Immediately deleted

You may express your consent regarding the installation of the aforementioned cookies, in particular through appropriate browser settings.

However, in accordance with applicable regulations, your consent is not required where the sole purpose of a cookie is to enable or facilitate electronic communication, or where it is strictly necessary for the provision of an online service requested by you.


15. ATLANTIS Users

The sending of unsolicited messages from one user to another is strictly prohibited.


16. Password and security

Any action performed using your password and email address is entirely your responsibility. It is therefore essential not to share this information with third parties, as doing so would result in a loss of control over your data and could make you liable for obligations entered into in your name.

If you receive an email asking you to update information such as passwords, credit card numbers, or aliases, do not respond and contact us via the contact system on the website franceobjetstrouves.fr. If your password has been disclosed to third parties, you must immediately change it via your user area.

ATLANTIS strives to secure communications and data storage in order to protect the confidentiality of your personal information against loss and interception by third parties. However, please note that there is no such thing as zero risk of loss or interception of your data by a third party.


17. Changes to this Privacy Policy

We may update this Policy by publishing a new version on our Site. We undertake not to substantially reduce the level of confidentiality of your Data without informing you and obtaining your consent. Any changes made to this Policy will take effect after being published online and after notification of the change in your personal area.


18. Contact

Do you have a question regarding the Privacy Policy? Contact us:

  • By email: infos@franceobjetstrouves.fr
  • By post: 9 chemin du Vieux Chêne, 38240 Meylan, France