General Condition

  1. Home
  2. General Condition

This document governs, together with the online shipping request, the collection request, the order form, and the documents mentioned, YOUR USE OF THE TOPTEO RELAY SERVICE.



In the context of this contract, the following terms mean:

« Customer » : designates the organization (company, community, association, etc.) which has applied for the opening of an account with the company TOPTEO RELAY with a view to using the TOPTEO RELAY service; this organization is usually your employer or a client of your employer. The Client acts as GED's data controller with regard to the Documents and the data they contain when they are personal data. By extension, the Customer designates, when relevant, any End User whose access has been created by said Customer or under the authority of said Customer.

« Terms of Service » : means these general conditions of use of the Service (including any document that is expressly included by reference in these general conditions), any special conditions indicated by TOPTEO RELAY and any amendments to the general / special conditions

« Hosted Content » : describes all information, in whatever form, that is made available online, i.e. through internet access to a remote server.

« Document » : designates all the digital information, gathered, recorded and managed under a single name on a storage space and whose storage implies the definition of a specific format.

« Data » : designates all the elements that you can deposit on Your Space, that is to say the dematerialized documents in a format that also complies with the procedures required by the Service. The Data thus received may be kept in Your Space for a specific storage period determined contractually with you.

« Personal Data» : means any information relating to an identified or identifiable natural person (referred to as a “data subject”) ; an "identifiable natural person" is deemed to be a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more specific elements specific to his physical, physiological, genetic, psychological, economic, cultural or social identity. Examples: Surname, first name, telephone number, e-mail address as well as all the data that is attached to the person concerned: order history, digital journey, connection IP address, etc. Personal Data may also hereinafter be referred to as DCP or Personal Data.

« Storage space» : space made available to you by TOPTRO RELAY at the following address: and allowing the remote storage of your Data in accordance with the General Conditions of Use.

« Electronic Document Management (EDM) » : describes a computer service by which Documents are downloaded, processed and managed on disk space.

« Guest » : third party that you authorize to consult your Data on your Storage Space.

« Update » : means improvements to existing features and the addition of new features, provided by TOPTEO RELAY in the form of regular periodic releases.

« Part » : natural or legal person engaged in a contractual relationship of subcontracting of the Service on behalf of the subscriber of a subscription to the Service, in particular TOPTEORELAY as subcontractor and its Client as data controller.

« JIS COMPUTING » : the company JIS COMPUTING, a company registered in the Bobigny Trade Register under number 484 875 513, which acts as a subcontractor within the meaning given by the general regulations on data protection with regard to the personal data contained in the documents, and as data controller in relation to the personal data concerning you, processed to provide the Service (in particular the e-mail address you use to connect to your Storage Space).

« Server » : means the digital infrastructure, secure, managed and administered by JIS COMPUTING or its service providers on which the customers of the resellers transfer their hosted content through their TOPTEORELAY access.

« Service » : refers to the services provided to you by Transporteo under the TOPTEORELAY brand. The Services include basic services such as the right to classify Data on the Storage Space according to the terms set by the offer:

  • Selected commercial,
  • Optional services as eventually agreed.

The subscription to the Service is done by signing this contract, which implies the unreserved acceptance of these general conditions and the communication by you of the required information.

« Software as a Service (SaaS) » : means software distributed to the End User as a service.

« Traceability » : the Service ensures the traceability of the various operations on the Storage Space. The elements of traceability are recorded in an operations log with regard to the identifications and the sendings, transmissions and receptions of Data carried out. As part of traceability operations, JIS COMPUTING complies with the legal requirements applicable to the collection of connection data, in particular the provisions of the general data protection regulations.

« Utilisateur Final » : designates a person, in particular an employee of the Customer, for whom access to TOPTEORELAY has been created in the form of a unique password associated with an email address provided by the Customer.

« You » : any person who has accepted these general conditions of use of the TOPTEORELAY Service.


JIS COMPUTING is the publisher of the TOPTEORELAY solution, a logistics and electronic document management solution that it distributes in the form of an offer in SaaS mode (Software as a Service / Software as a Service). This software allows the End User to manage Hosted Content in the form of Documents through functionalities such as the search, consultation, exchange and distribution of these Documents.

The documents filed by the Customer within TOPTEORELAY may contain any type of information, in particular Personal Data (DCP) within the meaning of the General Data Protection Regulations (GDPR).

JIS COMPUTING has no way of knowing or predicting what types of data are or will be present in the documents that its customers deposit in TOPTEORELAY. The range of features of TOPTEORELAY may be modified when an Update is released by JIS COMPUTING as part of its service.

2.1 Purpose of the Service

The main purpose of the service is the computerized management of the Documents deposited within TOPTEORELAY by offering in particular:

  • indexing and search functions allowing the use of criteria defined by End Users to find documents that meet these criteria
  • functions for reading data contained in documents
  • functions for exporting or transferring data read in documents, in particular in structured form for the purpose of being transferred to third-party software or services.

2.2 Elements of the Service

Although it is impossible to list all the elements making up the Service, JIS COMPUTING specifies that the Service includes the following elements in particular:

  1. Access to hosted data storage:
    • The storage capacity is defined by the type of document accepted by TOPTEORELAY
    • For an unlimited number of users
  2. The replication of data stored on three different servers, the securing of this data by means of tools such as a firewall, the encryption of data (during the transfer of documents from the client\'s space to its TOPTEORELAY space and on the TOPTEORELAY space itself) and the control of the digital fingerprint of the document
  3. Online access to Documents through an internet browser, on a computer, smartphone or tablet, in particular via a web interface.
  4. The consultation of the Documents by means of a visualization tool allowing visualization approaches (zoom, scrolling pages, change of angle, etc.)
  5. Access to multiple features for distributing and exchanging hosted documents, including:
    • L’envoi par courriel d’un ou plusieurs Documents hébergé au sein de TOPTEORELAY
    • Sharing one or more Documents via an access link
  6. Extraction of data included in document indexes, in particular in Excel or CSV format
  7. Service administration features, including:
    • Filtering access to documents according to their indexes
    • Access filtering to all the features available in TOPTEORELAY
    • Creation of new End Users
  8. Automatic version update during the entire period of use
  9. Maintenance of the service over the period of use

Article 3 PURPOSE

The purpose of these General Terms and Conditions of Use is to determine the conditions under which You benefit from the TOPTEORELAY Service as described in article 2, to which you connect, in particular by means of the interface

You are informed that this service is reserved for the storage and provision of Data free of rights or for which You hold the rights of reproduction, communication and provision to the public subject to the exceptions specific to copyright.


The emancipated minor, being 18 years or older to order or use the Service and accepting these terms confirms that you are legally authorized by law. It is your responsibility, prior to the validation of these General Conditions of Use, to check the adequacy of your computer equipment with the Service offered.

You must at the very least be equipped with the following computer and telecommunications equipment without which You will not be able to access the Service, namely at least:

  • a computer or terminal (smartphone, tablet, etc.) with a broadband internet connection.
  • a recent generation browser, the latest generation available being highly recommended or the TOPTEORELAY mobile application, executable on a smartphone or tablet.

The equipment, the cost of telephone communications and access to the Internet network, as well as any necessary authorization relating thereto, are your responsibility or that of the Customer who created your access to TOPTEORELAY. It is your responsibility to be appropriately equipped, particularly in terms of IT and electronic communications, to access the Site and the Service and to take all appropriate measures to protect against any attack or damage to your Data stored on, from or to your computer equipment. You agree not to interfere with the proper functioning of the Site and/or the Service in any way whatsoever, in particular by transmitting any element likely to contain a virus or likely to otherwise damage or affect the Site and/or the Service and , more broadly, the information system of TOPTEO RELAY and/or its co-contractors. You acknowledge knowing and understanding the Internet and its limits and, in particular, its functional characteristics and technical performance, the risks of interruption, the response times for consulting, querying or transferring information, the risks, whatever they may be, inherent in any transfer of Data, in particular on an open network. In order to ensure the confidentiality of the stored Data, TOPTEO RELAY will ask you when setting up the Service to identify yourself using a code. This code is strictly personal. You agree to keep it and not communicate it to anyone.

You are solely responsible for the consequences resulting from the communication of your personal code to any third party, without prejudice to the damages that TOPTEO RELAY could claim from you because of the damage suffered as a result.

You are responsible for ensuring that your Guests comply with the provisions referred to in this article. Your Guests will need to identify themselves using a username and password. This password is confidential. You agree to inform your Guests and release JIS COMPUTING and TOPTEO RELAY from any liability relating to the use made of this identifier by your Guest or any other person authorized or not to access the Service.

You acknowledge that the Service is intended for use under normal and reasonable conditions of use. You agree to use the Service in strict compliance with the law. You agree not to knowingly transmit, download, share, send to external recipients or to your Data Storage Space that contains viruses or any other code or similar program capable of interrupting, destroying or altering any program , computer or means of electronic communication or to limit its functionality. You represent and warrant that any Data complies with any applicable law, regulation and/or usage, as well as the rights of third parties. In particular, you agree not to transmit Data:

  • that may constitute an apology for crimes against humanity or war crimes
  • likely to undermine the respect and dignity of the human person, equality between men and women, the protection of children and adolescents, in particular through the production, transport and dissemination of messages of a violent nature , pornographic or pedophile;
  • contrary to public order or morality ;
  • threatening, abusive, constituting harassment, defamatory, insulting ;
  • constituting an act of counterfeiting, unfair competition or parasitism ;
  • causing or allowing the incitement to discrimination, hatred or violence on the basis of origin, sex, state of health, political or trade union affiliation ;
  • invasion of privacy ;
  • including, without this list being exhaustive, computer viruses or any other code or program, designed to interrupt, destroy or limit the functionality of any software, computer or telecommunications tool ;
  • encouraging the commission of crimes, misdemeanors or acts of terrorism ;
  • encouraging the consumption of prohibited substances ;
  • violating the secrecy of correspondence ;
  • allowing a third party to directly or indirectly obtain pirated software, software enabling acts of piracy and intrusion into computer and telecommunications systems and, in general, any software or other tool enabling the rights of others and the safety of persons and property ;
  • You also agree to strictly comply with the provisions of the Intellectual Property Code
  • You agree not to modify, attempt to modify or harm the Server or the Service in any way whatsoever and not to use software or any form of computer program intended to reach or make available content protected or not freely available. It is also forbidden to create a work or a site deriving from all or part of this Service. In this respect, it is recalled that:


5.1 Accommodation

JIS COMPUTING implements all reasonably conceivable technical means to ensure secure hosting of the storage servers and the Data they contain against any malicious intrusion (hacking, data theft, etc.). All storage and data server hosting sites are located on French territory.

You are informed that the Service does not integrate or provide any identification service or protection against viruses. JIS COMPUTING strongly advises you to install an anti-virus capable of identifying and destroying infected files on your computer terminal. Under no circumstances can JIS COMPUTING be held responsible for the consequences of downloading a virus-infected file.

5.2 Restitution and reversibility of data

JIS COMPUTING implements all reasonably conceivable means to ensure the restitution on your computer equipment or on any other similar or compatible computer equipment, of the Data that you have stored on Your Storage Space as soon as possible, subject to normal operation of the Internet network and in the absence of any interruption of service made necessary by maintenance, repair or upgrade operations. At any time during the term of the service, you have the option of downloading and recovering all of Your Data archived in TOPTEORELAY.

JIS COMPUTING will have fulfilled its obligation to return once all the Data referred to in the previous paragraph has been made available to you on the Internet. This is the principle of service reversibility. As an option and at the request of the customer, the Data may be returned to him in their entirety, at any time, according to the following technical and financial methods:

  • the Data will be returned in the original computer format in which they were filed
  • the Data will be returned on CD-Rom, USB key, according to your choice and technical feasibility
  • JIS COMPUTING reserves the right to invoice the time spent by its staff in setting up this restitution, the cost of the computer support on which the Data will be transferred as well as the cost of sending this support by Registered Letter with Acknowledgment of Receipt

5.3 Destruction of data

You are informed that Transporteo will destroy all your data stored on its servers 30 days after the date on which you have terminated this contract.

5.4 Data transfer

JIS COMPUTING implements all reasonably conceivable means to ensure the transfer of the Data that you have selected to the computer station of the Guest that you have invited and/or the possibility for the Guest to view the files to which you will have granted access subject to normal operation of the Internet network and in the absence of any interruption of Service made necessary by maintenance, repair or development operations.

5.5 Data confidentiality

Subject to the applicable legal provisions, JIS COMPUTING implements all reasonably conceivable technical means within the framework of a service comprising both a service of storage and provision of Data, to ensure and respect, ensure and make respect the strictest confidentiality regarding the existence and content of the files and Data stored via the Service, within the limits of article 6.1 below. In particular, the Documents are encrypted with an encryption key specific to the Customer so that only people with access to the customer\'s storage space (his Virtual Cabinet) can access them. Thus, neither TOPTEORELAY nor the other customers of TOPTEORELAY are able to access the content of the documents deposited in the Cabinet of a given Customer. The Customer or an End User may nevertheless authorize temporary access to his Cabinet, in particular to JIS COMPUTING teams for support purposes.

Les détails de la politique de confidentialité de TOPTEORELAY sont disponibles sur son site web.


As a user of the Service, you agree to use it on behalf of the Client who subscribed to said Service and under whose responsibility your access was created. You agree to use the Service only according to its instructions or within the framework of the missions entrusted to you by it. Your responsibility takes over that of the Customer vis-à-vis TOPTEORELAY. The Customer may, where appropriate, turn against you following a breach or violation of these General Conditions on your part.

6.1 Obligation of means on the Data

JIS COMPUTING, in its capacity as subcontractor custodian of the Data, undertakes to return, in their Integrity, the hosted Data, within the framework of an obligation of means. It specifies that it is insured under its civil liability with an insurance company well known in the market and undertakes to provide, at the Customer\'s first request, a certificate justifying it.

6.2 Réponses aux besoins particuliers

JIS COMPUTING makes no warranty as to the ability of the Site and/or the Service to meet your specific expectations or needs. Similarly, JIS COMPUTING is not able to guarantee that no error or other malfunction or use will appear during the use of the Site and/or the Service.

JIS COMPUTING does not warrant that the results and information obtained are free from error or other defects. JIS COMPUTING is bound, with regard to the provision of the Service, by an obligation of means.

Under no circumstances shall JIS COMPUTING be liable for damages such as in particular: financial or commercial damage, loss of customers, any commercial trouble, loss of profit, loss of brand image, loss of computer programs suffered by you which could result of the non-execution of these general conditions, which damages are, by express agreement, deemed to have the character of indirect damage. JIS COMPUTING will in no way be liable for damages resulting, even partially, from a total or partial non-performance of your obligations, as well as for any indirect damages even if it was aware of the possibility of such damages occurring.

JIS COMPUTING assumes no liability or responsibility for delays, corruption or other errors that may occur in the transmission of mailings from the Site when such events result from the use of the networks or a failure of your go. JIS COMPUTING is not responsible for the unavailability of networks (software or hardware) which are not entirely under its direct control, nor for any modification, suspension or interruption of the dissemination of the Service, as well as for the continuity, durability, compliance , compatibility or performance thereof or the absence of bugs.

You acknowledge and accept that the Internet network or any other network used for the purpose of transmitting the stored Data may be saturated and/or that the Data exchanged by means of the network may be diverted and consequently, You release JIS COMPUTING and TOPTEORELAY from any liability this regard.

Similarly, JIS COMPUTING TOPTEORELAY cannot be held liable for interference by third parties in the communication and transmission systems you use or for malfunctions or stoppages of the Service due to negligence, fault or any act from you or from a third party.

JIS COMPUTING and TOPTEORELAY cannot in particular be held responsible for any failure during the reception of the Data and/or the invitation messages transmitted, since these failures would result from the filtering and/or blocking techniques put in place by technical intermediaries, such as access providers. In the event that you notice such failures, you are invited to contact your Internet service provider.

6.3 Data Integrity

When repatriating the files, it is your responsibility to test and verify that they are in all respects compliant with the files allegedly deposited and that they are correctly integrated into the original computer applications or computer applications in all respects. similar. You agree to report on the contact form at any anomaly that you have noticed within 24 hours of receipt of the data by communicating your name and e-mail. mail.

In the event that You do not indicate to the address mentioned above the anomaly noted within the time limits and according to the procedures referred to in the preceding paragraph, JIS COMPUTING cannot be held responsible for any prejudice resulting from the loss of this Data when the absence of information deprives it of the possibility of carrying out a new restitution of the data purified of the anomalies initially noted within a period allowing to avoid or limit your prejudice.

6.4 Ownership of Data

Data stored on JIS COMPUTING servers remain your full and exclusive property.

JIS COMPUTING and TOPTEORELAY are technically unable and refrain from controlling the Data stored and/or circulating from/to your server. Consequently, JIS COMPUTING and TOPTEORELAY cannot be held responsible for the presence on your server or the return to your computer terminal of data obtained fraudulently and/or prohibited by law or regulation. You alone have the ability to choose whether or not to save these files, keep them, share them, send them or destroy them, and assume sole responsibility for these choices.

JIS COMPUTING nevertheless informs you that it is required to collaborate with any duly mandated judicial authority to retain, control or even eliminate the Data stored on its servers. JIS COMPUTING cannot be held responsible for defects and/or interruption of the Service in cases of force majeure as defined in Article 10 hereof.

6.5 Downloads and Cookies

As part of the provision of the Service, you may be offered the download of software(s) likely to facilitate the use of the Service. You agree when using this software as part of the Service to comply with these terms of use. In any event, You acknowledge that any computer program that JIS COMPUTING offers you to download as part of the use of this Service remains its property, JIS COMPUTING only granting you a simple user license. JIS COMPUTING also reserves the exclusive right to carry out any intervention on this software both for maintenance and interoperability with any other program or hardware.

In order to allow you to connect to the Server and, where applicable, to the Service, the Site's web page servers may need to place cookies on your device. Cookies are stored in the storage space local to the terminal and kept on the latter until the withdrawal made by you. You can refuse cookies by changing your browser settings. Nevertheless, the refusal of cookies may prevent You from benefiting from all the functionalities of the TOPTEORELAY Service.

6.6 Limitations and changes

You acknowledge having received complete information online about the Service and knowingly subscribe to it.

JIS COMPUTING cannot be held responsible for any alleged inadequacy of the Service with your needs. JIS COMPUTING also reserves the right to:

  • put in place technical barriers limiting the number, type and/or size of data exchanged and/or the number of guests in order to limit abusive or misused use of the Service. You will be informed of the technical limitations made to the use of the Online Service by e-mail when you register;
  • modify these general conditions of use of the Service.

However, you may terminate this Agreement within 30 days of the implementation of these modifications. In the absence of termination within this period, You will be deemed to have definitively accepted them.

6.7 Responsibility for Data

You are solely responsible for the Data that you wish to deposit on the Storage Space. Consequently, you are responsible for all damages that may result from the communication of erroneous or incomplete Data.

You are responsible for all damage caused by yourself to JIS COMPUTING. You agree to indemnify JIS COMPUTING, in the event of a request, claim or condemnation for damages, which JIS COMPUTING would be the subject of as a result of non-compliance with your obligations or damage caused to others or to itself. by the Data that you would have diffused by using the Service.

You guarantee JIS COMPUTING against any claim, pretension or demand from third parties who invoke a violation of their rights, following the use of the Service by You. You acknowledge that any use of the Service with your Identification elements is presumed to be made by You and will be charged to you, it being up to you to provide proof to the contrary.


You are informed and accept that all or part of the Service may, for reasons of repair, development or maintenance, be temporarily interrupted. JIS COMPUTING cannot be held responsible for the consequences resulting from any interruption related to maintenance or development operations. JIS COMPUTING will make every effort, if necessary, to restore the Service as soon as possible. As far as possible, JIS COMPUTING will inform You of any foreseeable interruption of the Service exceeding 24 (twenty-four) hours.

Automatic interruption by TOPTEORELAY:

In the event of violation of the terms of these General Conditions of Use, of any misuse of the functionalities of the Service, TOPTEORELAY will be entitled to proceed to the automatic interruption of the Service by simple email, without you being able to request any compensation from this title. Your Data will then be permanently deleted from the JIS COMPUTING servers within 30 days without you being able to claim any prejudice in this regard.

In the event that TOPTEORELAY is informed of the use of the Service for the purpose of storing Data contrary to French laws and regulations or of the State from which you are accessing the Service, TOPTEORELAY shall be entitled to immediately interrupt the service, without notice. You will then be informed by email. Your Data will then be permanently deleted from the servers within 30 days without you being able to claim any prejudice in this respect.


JIS COMPUTING is the sole owner of the software or software created by it necessary for the operation of the Service and of any documentation relating thereto. Intellectual property rights, in particular of use and exploitation, relating to other elements of the Service may have been acquired by JIS Computing or granted to JIS COMPUTING, in particular rights of use and exploitation of software elements “open-source”. JIS COMPUTING grants you a right to use the software(s), the use of which is strictly limited to the proper functioning of the Service. This right of use cannot be detached from this Service. JIS COMPUTING reserves the exclusive right to carry out any intervention on this software both for maintenance and for interoperability with any other program or material.


TRANSPORTEO cannot be held responsible for the partial or total non-performance of its obligations or for any delay in the performance of these, if this non-performance or this delay has been caused by the occurrence of unforeseeable, reasonably irresistible events. and exteriors. Expressly, are considered as cases of force majeure or fortuitous event, in addition to those usually retained by the jurisprudence of French courts and tribunals, the following cases: total or partial strike, lockout, riot, civil disorder, insurrection, civil war or foreign, nuclear risk, embargo, confiscation, capture or destruction by any public authority, bad weather, epidemic, blockage of means of transport or supply for any reason whatsoever, earthquake, fire, storm, flood, damage to water, governmental or legal restrictions, legal or regulatory changes in forms of marketing, blocking of electronic communications, including electronic communications networks, a stoppage or incident of machinery, one or more computer viruses, an attack by one or more hackers, and all cases not foreseeable by JIS COMPUTING, calling into question the norms and standards of its profession and any other case beyond the control of the parties preventing the normal performance of the obligations arising from this Contract.

JIS COMPUTING will inform the customer of any delay resulting from a case of force majeure and will take all measures to try to remedy it. If the delay caused by force majeure exceeds ninety (90) days, either party may terminate this Agreement. Payment will remain due for the obligations already fulfilled and the parties will settle their accounts accordingly, without being able to claim any compensation of any kind whatsoever.


The information collected about you, in particular from the forms and documents used to create your access to the service, is necessary to provide the service as defined above. This information is subject to computer processing intended for TOPTEORELAY to ensure the proper functioning of the TOPTEORELAY service and has been declared to the APDP under the number ..... TOPTEORELAY is the sole recipient of the data collected. They are stored on servers located in France.

TOPTEORELAY is prohibited from communicating the data that you communicate to it, in particular via the forms, to any third party whatsoever, except to its subcontractors, to the persons who, because of their function, are responsible for processing Your data and case of request from the legally empowered authorities. In accordance with the regulations in force, You have rights concerning your data:

  • The right to information

    When personal data concerning you is collected directly from you, TOPTEORELAY provides you, at the time the data in question is obtained or before it is obtained, a whole series of information. This information is notably contained in these General Conditions, and in particular:

    • The purposes of the processing are to provide you with a Computerized Document Management service in SaaS mode as defined in Article 2 above.
    • The categories of Personal Data concerned are: the email address used to connect to the Service, and data relating to your connection (IP address of your terminal, technical details of your browser, in particular for the purpose of adapting visual interfaces )
    • Your Personal Data is kept for the subscription period that binds the Customer who created your access, increased by 30 days
    • The existence of the rights below:

  • The right of access (article 15 of the GDPR)

    You have the right to obtain from TOPTEORELAY confirmation that Your personal data is or is not being processed and, when it is, you have the right to obtain access to said data as well as to a certain number of additional information. This right also includes the right to obtain a copy of the data being processed.

  • The right to rectification (Article 16 of the GDPR)

    You have the right to request that Your data be rectified or completed, as soon as possible.

  • The right to erasure or “right to be forgotten” (article 17 of the GDPR)

    You have the right to request the erasure of Your data, as soon as possible. You are informed that in the event of exercise of this right, You will no longer be able to connect to the Service and, subsequently, that You will no longer be able to use it.

  • The right to restriction of processing (Article 18 of the GDPR)

    You have the right, in certain cases provided for by law, to obtain from TOPTEORELAY the limitation of Your data. When such a limitation is requested, JIS COMPUTING will only be able to store the data. No other operation can, in principle, take place on Your personal data. You will therefore no longer be able to use the Service if you request the exercise of this right.

  • The right to data portability (Article 20 of the GDPR)

    You have the right to retrieve the data You have provided to the controller, in a structured, commonly used and machine-readable format, and you have the right to transmit this data to another controller, for example in order to be able to change of service provider.

  • The right to communication of a personal data breach (Article 34 of the GDPR).

    The data controller is obliged to notify you of data breaches likely to expose you to a high risk to his rights and freedoms.

  • The right to lodge a complaint with a supervisory authority (Article 15 of the GDPR).

    You can lodge a complaint with the APDP in Benin, if you believe that your rights have not been respected or that a processing carried out within the framework of the Service is likely to harm you.

You can exercise these rights by sending an email on the contact form to the address contact or by contacting TOPTEORELAY by post at Transporteo International, rue 440, Cotonou, Benin.


11.1 Purpose

The purpose of this article is to define the conditions under which JIS COMPUTING, the Subcontractor, undertakes to carry out on behalf of the Client, the Data Controller, who created Your access to the Service, the processing operations of personal data defined below. Within the framework of their contractual relations, the parties undertake to comply with the regulations in force applicable to the processing of personal data and, in particular, the AU Convention on cyber-security and the protection of personal data. of Section 415 of the Digital Code and the SADC Model Law for Data Protection 2013 (For the performance of the Service, JIS COMPUTING (hereinafter "the Processor") makes available to you, as as an End User acting under the authority of the Data Controller (the Client who created your access to the Service), the following necessary information:

11.1.1 Service offered by TOPTEORELAY to its customers

This service is described in Article 2 above.

11.1.2 Purpose of the processing carried out by the Subcontractor

JIS COMPUTING, the Subcontractor is authorized to process on behalf of the Client, the Data Controller, the personal data potentially included in the documents that the Data Controller files with TOPTEORELAY. The nature of the operations carried out on the data is defined in the article – DESCRIPTION OF THE SERVICE above.

The purpose of the processing carried out by JIS COMPUTING is the computerized management of the documents of the Customer Responsible for Processing, online (in a cloud computing infrastructure, Cloud Computing).

The potential subsequent purposes, for which the Client Responsible for Processing processes the personal data potentially contained in the documents that he files within TOPTEORELAY are determined by said Client Responsible for Processing. These purposes can be, for example and without this being limiting, the management of orders, the administration of the services of a local authority, the management of litigation files, the management of personnel or human resources, etc.

11.1.3 Personal Data processed under the outsourcing contract

The categories of personal data processed as part of the service are not determined by JIS COMPUTING but by the Customer Responsible for Processing. Indeed, it is data present in the documents deposited in TOPTEORELAY by the Customer, and JIS COMPUTING has no control over the decision that the Customer takes to deposit documents in TOPTEORELAY nor any means of determining or predicting which data these documents contain or will contain. The Data Controller is the only Party capable of determining and documenting said categories of personal data.

11.1.4 Categories of persons concerned by personal data in the context of subcontracting

In the same way, the categories of persons concerned by the personal data present in the documents deposited in TOPTEORELAY by the Client Processing Manager are not determined by JIS COMPUTING but by the Client, Processing Manager.

The Customer is the only Party able to determine and document the said categories of data subjects.

11.1.5 DCP retention period under the subcontracting agreement

Similarly, the retention period of the personal data potentially contained in the documents filed in TOPTEORELAY and/or indexed by TOPTEORELAY is not the responsibility of JIS COMPUTING but that of the Client, Data Controller.

Le Client est la seule Partie en capacité de déterminer et de documenter ladite durée de conservation.

11.1.6 Obligations of JIS COMPUTING, the Processor, vis-à-vis the Client, the Data Controller

The Subcontractor agrees to: Purpose

Process personal data that may be contained in the documents submitted by the Customer in TOPTEORELAY only for the sole purpose(s) for which subcontracting (Purpose of the Service, see above). Compliance

Process the data in accordance with the provisions of these general conditions and/or any contract binding the Parties, or, where applicable, the documented instructions of the Data Controller accepted by both Parties If the Subcontractor considers that an instruction given to it by the Data Controller constitutes a violation of the GDPR or any other provision of Union law or the law of the Member States relating to data protection, it shall inform the Data Controller in a diligent and spontaneous manner. In addition, if the Subcontractor is required to transfer data to a third country or to an international organization, under Union law or the law of the Member State to which it is subject, it must inform the Data Controller of this legal obligation before processing, unless the law concerned prohibits such information for important reasons of public interest Privacy

To ensure the confidentiality of personal data processed under this contract and in particular to ensure that persons authorized to process personal data under this contract :

  • Agree to maintain confidentiality or are subject to an appropriate legal obligation of confidentiality
  • Receive the necessary training in the protection of personal data. Privacy by Design

Take into account, with regard to its tools, products, applications or services, the principles of data protection by design and data protection by default. Suppliers:

The Subcontractor is authorized to use any supplier to make the Service operational (hereinafter, the "Suppliers"), in particular to carry out the following processing activities: Hosting of servers, data center operators, providers of cloud computing solution, backup solution providers, access to an Internet or similar data network, document personalization service, etc.

Any Supplier is required to comply with the obligations of this contract on behalf of and according to the instructions of the Data Controller. It is up to the initial Subcontractor to ensure that the Supplier presents the same sufficient guarantees as to the implementation of appropriate technical and organizational measures so that the processing meets the requirements of the European data protection regulations. performance by the Supplier of its obligations. Right to information of data subjects

It is the Data Controller's responsibility to provide information to the persons concerned by the processing operations at the time of the data collection. The Subcontractor may make available to the Client notices and standard provisions in order to help convey the information to the persons concerned that the personal data concerning them may be processed by the Subcontractor. Exercise of the rights of persons

As far as possible, the Processor must help the Data Controller to fulfill its obligation to respond to requests to exercise the rights of data subjects: right of access, rectification, erasure and opposition, right to restriction of processing, right to data portability, right not to be subject to an automated individual decision (including profiling) The Data Controller has full control of the personal data in relation to the persons concerned and the Subcontractor makes its best efforts to implement the technical and organizational measures allowing the Data Controller to fulfill its its obligations to respond to requests to exercise the rights of data subjects. Personal Data Breach Notification

The Processor notifies the Data Controller of any personal data breach within a maximum period of 72 hours after becoming aware of it and by any appropriate means, in particular one of the following means: e-mail, telephone call, written mail, fax, SMS, etc. This notification is accompanied by any useful documentation to enable the Data Controller, if necessary, to notify this violation to the competent supervisory authority as well as to the data subjects. The notification shall contain, as far as possible:

  • a description of the nature of the personal data breach including, where possible, the categories and approximate number of data subjects affected by the breach and the categories and number number of personal data records concerned;
  • the name and contact details of the Data Protection Officer or other point of contact from whom further information may be obtained;
  • description of the likely consequences of the personal data breach;
  • the description of the measures taken or that the Processor proposes to take to remedy the breach of personal data, including, if necessary, the measures to mitigate it the possible negative consequences. If and to the extent that it is not possible to provide all such information at the same time, the information may be provided in a staggered manner without undue delay. Help from the Processor in the context of the Data Controller's compliance with its obligations

The Processor helps and advises the Data Controller in carrying out impact analyzes relating to data protection. The Processor can also help and advise the Data Controller for carrying out the prior consultation of the supervisory authority. Security Measures

With regard to the documents deposited in TOPTEORELAY, the Subcontractor undertakes to implement the following security measures:

  • document encryption;
  • the means to guarantee the constant confidentiality, integrity, availability and resilience of processing systems and services;
  • the means to restore the availability of personal data and access to them within appropriate timeframes in the event of a physical or technical incident;
  • a procedure for regularly testing, analyzing and evaluating the effectiveness of technical and organizational measures to ensure the security of the processing Output data

At the end of the provision of services relating to the processing of this data, the Processor undertakes to:

  • Destroy all Customer data, including personal data where
  • To return all data, including personal data to the Data Controller where
  • To return the personal data to the Data Processor designated by the Data Controller

The return must be accompanied by the destruction of all existing copies in the Subcontractor's information systems. Once destroyed, the Subcontractor must justify in writing destruction. Data Protection Officer

The Processor communicates to the Data Controller the name and contact details of its data protection officer, if it has appointed one in accordance with article 37 of the European Data Protection Regulation, or any other person or department performing similar functions on behalf of the Processor. This person or department can be contacted by email at Register of categories of processing activities

The Processor declares to be able to produce a register of all categories of processing activities carried out on behalf of the Data Controller including:

  • the name and contact details of the Data Controller on whose behalf he is acting, of any Subcontractors or suppliers and, where applicable, of the data protection officer
  • the categories of processing carried out on behalf of the Data Controller;
  • recipients of personal data, including service providers, suppliers and Sub-processors;
  • if applicable, transfers of personal data to a third country or to an international organization, including the identification of this third country or this international organization and , in the case of transfers referred to in Article 49, paragraph 1, second subparagraph of the European Data Protection Regulation, the documents attesting to the existence of appropriate guarantees ;
  • as far as possible, a general description of the technical and organizational security measures, including inter alia, as required:
  • the encryption of documents deposited in TOPTEORELAY;
  • means to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
  • means to restore the availability of data, including personal data and access to them within appropriate timeframes in the event of a physical or technical incident ;
  • A procedure for regularly testing, analyzing and evaluating the effectiveness of technical and organizational measures to ensure the security of processing. Documentation and Information

The Processor shall provide the Data Controller with the information or documentation necessary to demonstrate compliance with all its obligations and to enable audits to be carried out, including including inspections, by the controller or another auditor appointed by it, and contribute to these audits.

11.1.7 Obligations of the Data Controller vis-à-vis the Processor Information of data subjects

The Data Controller undertakes to inform the persons concerned of the fact that the personal data concerning them which are contained in documents may be stored in a Electronic Document Management solution TOPTEORELAY and that processing such as indexing and optical reading then storage of this data can be carried out within the Electronic Document Management solution TOPTEORELAY. Legality

The Data Controller undertakes, when he files a document in TOPTEORELAY which contains personal data, to do so only in a lawful manner, i.e. -say when :

  1. the document is necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures taken at the request of the data subject (sale, service, order, quote, etc.)
  2. the data subject has consented to the processing of their personal data for one or more specific purposes, and this consent has been obtained under the terms and according to the obligations of the GDPR, in particular after having received clear information on the purposes and in a positive way (no pre-ticked consent box for example)
  3. the processing or the document is necessary for compliance with a legal obligation to which the controller is subject, in particular the establishment and storage of invoices or pay slips;
  4. the processing or the document is necessary to protect the vital interests of the data subject or of another natural person;
  5. the processing or the document is necessary for the performance of a task carried out in the public interest or in the exercise of official authority invested the Data Controller ;
  6. the processing or the document is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, unless the interests or the fundamental rights and freedoms of data subject which require protection of personal data, in particular where the data subject is a child. Sensitive Data

When the documents he files in article 49, by potentially contain sensitive data within the meaning of the GDPR, the Data Controller undertakes to do so in a lawful, i.e. in one of the cases provided for by the GDPR and which are recalled below. In this case, the Data Controller undertakes either to deposit these documents in a digital safe offered optionally within TOPTEORELAY or to carry out, if it deems it necessary, a possible impact analysis and to take charge of any corrective measures that will have to be put in place following the said impact analysis.

More generally, the Data Controller undertakes to assume full responsibility for the fact of depositing in TOPTEORELAY documents containing sensitive data within the meaning of the GDPR.

The GDPR considers sensitive data to be personal data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as genetic data, biometric data for the purpose of identifying a uniquely natural person, data concerning the health or data concerning the sex life or sexual orientation of a natural person. National identification numbers (NIR or INSEE numbers in France) are also considered sensitive data, as well as data relating to criminal convictions and offences.

The processing of such data is only possible in the following cases :

  1. the data subject has given explicit consent to the processing of such personal data for one or more specific purposes, except where Union law or Member State law provides that such consent cannot be given by the concerned person ;
  2. the processing is necessary for the purposes of the performance of the obligations and the exercise of the rights specific to the controller or the data subject in terms of labor law, social security and social protection, insofar as such processing is authorized by Union law, by the law of a Member State or by a collective agreement concluded under the law of a Member State which provides appropriate safeguards for the fundamental rights and interests of the person concerned ;
  3. the processing is necessary to protect the vital interests of the data subject or of another natural person, in the event that the data subject is physically or legally unable to give consent ;
  4. the processing is carried out, within the framework of their legitimate activities and subject to the appropriate guarantees, by a foundation, an association or any other non-profit organization and pursuing a political, philosophical, religious or trade union purpose, provided that said processing takes place relates exclusively to members or former members of the said organization or to persons maintaining regular contact with it in connection with its purposes and that the personal data are not communicated outside of this organization without the consent of the persons concerned ;
  5. the processing relates to personal data which are manifestly made public by the data subject ;
  6. the processing is necessary for the establishment, exercise or defense of a legal right or whenever courts act within the framework of their judicial function ;
  7. the processing is necessary for reasons of important public interest, on the basis of Union law or the law of a Member State which must be proportionate to the objective pursued, respect the essence of the right to the protection of data and provide for appropriate and specific measures to safeguard the fundamental rights and interests of the data subject ;
  8. the processing is necessary for archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes, on the basis of Union law or the law of a Member State which must be proportionate to the objective pursued, respect the essence of the right to data protection and provide for appropriate and specific measures to safeguard the fundamental rights and interests of the data subject.

Furthermore, sensitive data may be subject to processing, if these data are processed by a professional subject to an obligation of professional secrecy in accordance with Union law, the law of a Member State or the rules adopted by the competent national bodies, or under its responsibility, or by another person also subject to an obligation of secrecy in accordance with Union law or the law of a Member State or the rules adopted by the competent national bodies.

The processing of personal data relating to criminal convictions and offenses or related security measures may only be carried out under the control of official authority, or if the processing is authorized by Union law or by the law of a Member State which provides appropriate safeguards for the rights and freedoms of data subjects. Any complete record of criminal convictions can only be kept under the control of public authority. Compliance with GDPR obligations

The Data Controller undertakes to comply with the obligations of the GDPR and to ensure, before and throughout the duration of the processing, compliance with the obligations provided for by the European data protection regulations on the part of the Subcontractor.

In particular, the Data Controller undertakes, if he is obliged to do so or if it is strongly recommended, to keep a register of the processing operations mentioning in particular, with regard to the processing operations he carries out or which are carried out on his behalf on personal data: the purposes of the processing, the categories of personal data, the categories of data subjects and the retention period of the personal data. Monitoring

The Data Controller undertakes to supervise the processing, including, if appropriate, carrying out audits and inspections of the Processor. In the event that such audits and inspections are carried out, the Data Controller undertakes to make available to the Subcontractor the results of said audits and inspection and to allow the Subcontractor to transmit them to its customers and prospects or to make them public. Instructions given to the Subcontractor

The Data Controller undertakes to document in writing any instructions concerning the processing of data by the Subcontractor.

11.2 Obligations common to the Parties

The Parties undertake individually and mutually to comply with the text of the GDPR available on the APDP website, and with any applicable national regulations relating to the processing of personal data. These regulations shall prevail in this Agreement and shall supplement or prevail, where applicable, over all the provisions of this Agreement.


Subscribe to our newsletter.