Personal Data

Version dated 22 August 2018

Neovote undertakes to ensure that the collection and processing of your data from the domain is compliant with the General Data Protection Regulation (GDPR), the French Law on Information Technology and Civil Liberties, and the applicable legislation on electronic voting in France.

The electronic voting service available on this website constitutes a data processing operation managed by Neovote.


The purpose of the processing operation is to allow you to cast your vote electronically.

It enables Neovote to:

Legal basis

The French legislation on electronic voting and the recommendations of the French Data Protection Authority (CNIL).

This data processing operation is part of the role of electronic voting organisation entrusted to Neovote by the election organiser.

Categories of data processed

Data source

The data originate firstly from the person who wishes to cast their vote entering their email address or landline/mobile telephone number in the field for two-factor password recovery, and secondly from that person logging in and casting their vote.

Data concerning:

are transmitted by the election organiser, who is the Data Controller.

Mandatory nature of data collection

Collection of the data is mandatory in order for voters to vote electronically.

Automated decision making

No automated decision making is anticipated as part of the processing operation.

The data processing operation concerns only persons registered in the voting system by the election organiser: electors/voters, polling stations, observers, Neovote’s technical team, and independent experts.

Categories of recipients

The recipients of the data are:

Data transfers outside of the EU

No data are transferred outside of the European Union. All processing operations are performed solely on French territory.

Neovote keeps all the data solely for the duration of the electoral operations, including the appeal period.

Data on connection traceability are kept for 6 months in accordance with the Neovote Information System Security Policy.

The voting website is assessed by independent experts in accordance with the applicable provisions of French law.

You can access and obtain a copy of the data concerning you, object to their processing, and have them rectified or deleted. You also have the right to restrict processing of your data.

Exercising your rights

Neovote’s Data Protection Officer (DPO) is your point of contact for any request to exercise your rights concerning this processing operation. All such requests must be accompanied by proof of identity:

Complaining to the French Data Protection Authority

If you consider, having contacted us, that your rights over your data are not being respected, you can send a complaint to the French Data Protection Authority (CNIL).

We use cookies for the sole purpose of improving the security of electronic voting.

What is a cookie?

A "cookie" is a file of limited size, generally composed of alphanumeric characters, sent by the Internet server to the browser cookie file located on the hard drive of your computer.
> Find out more about cookies, how they work and how you can block them

Optional internal cookies to help the website work better

These cookies enable the site to function in optimum fashion and with enhanced security. You can block them and delete them using your browser settings.

  1. Cookie name: zz_test_cookie
    Purpose: checking cookie enablement
    Retention period: session
  2. Cookie name: zz_g_id
    Purpose: session identifier
    Retention period: session
  3. Cookie name: zz_session_connexion_page
    Purpose: identifier for login page and language settings in the event of disconnection with loss of session data
    Retention period: session
  4. Cookie name: zz_noback
    Purpose: identifier to prevent redisplay of pages for votes already cast, used as a last resort by a JS script if the browser history has not honoured the cache management instructions
    Retention period: session
  5. Cookie name: zz_pc_id
    Purpose: Inter-session browser identifier
    Retention period: 6 months