Confidentiality and protection of personal data concerning natural persons
In accordance with the European Data Protection Regulation, it is now incumbent upon the data collector, if using a website, to integrate this information notice into its legal notice or to create a dedicated section entitled “Personal data “or” Confidentiality and protection of personal data “
The amended law n ° 78-17 of 6 January 1978 and the European Data Protection Regulation (RUE 2016/679 of 27 April 2016 set the conditions under which we may collect and process your personal data to ensure confidentiality and protection thereof.
All transactions on your personal data are carried out in strict compliance with these regulations.
The purpose of this document is to bring to your attention the conditions under which we collect, process and refuse any personal data about you.
I. Identity of the controller
Personal data is collected by xxxxxxxxxxxx, whose registered office is located at xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
The company is registered at the xxxxxxxxxxxxxx Commercial Register under the registration number xxxxxxxxxxxxxxxxxxxxxxxxxx
II. Personal data collected
Personal data is any information relating to an identified or identifiable natural person. It can be, for example:
– Your name and/or first name,
– Your online identifier,
– Your phone number,
– Your email address.
III. Use of personal data
When personal data are collected, the use that we can make of it, without the following enumeration being exhaustive, may be:
– Respond to your requests for information and services and your requests for contact with our company;
– Offer you services that might interest you
– Offer to respond to surveys, which will allow us to improve and adapt our services to the needs of our customers;
– We may also use the personal data for internal purposes, for example for audits, data analysis and research in order to improve the services and communication of our company.
IV. Retention periods of your personal data
We will retain your personal data for a period not exceeding the time necessary for the purposes for which they are collected and processed, plus the retention period required by the rules applicable to the retention of commercial documents.
V. Your rights regarding your personal data
In accordance with Article 13 of the 2016/679 RUE of 27 April 2016, you have several rights:
– Right of access to your personal data,
– Right to rectification or erasure thereof,
– Right to limit the processing of your data,
– Right to opposition to the processing of these data,
– Right to portability of your data
– Right to refuse to be the subject of a decision based exclusively on automated processing, including profiling,
– Right to lodge a complaint with the supervisory authority of your State (for France, it is the CNIL).
To make corrections or deletions of your personal data, it is your responsibility to expressly present the subject of your request, either by email to the following address: firstname.lastname@example.org, or by post LRAR at our headquarters.
VI. Recipients of personal data
The processing of personal data collected is exclusively for internal use within the company for the performance of the services you have entrusted to us.
As such, we guarantee the confidentiality of the personal data that you have provided us.
In compliance with the legal and EU provisions, subcontractors are contractually obliged to respect the confidentiality and security of the personal data that they may receive and to use them exclusively in the context of the services we have entrusted them with.
We may use subcontractors, who may receive all or part of your personal data that we have collected and processed, to the extent necessary to fulfill their services.
We may also disclose your personal data to authorities duly authorized by law to collect such data.
Except in the cases stated above, we undertake not to assign, rent, communicate or transmit, in any capacity whatsoever, your personal data, unless you have previously agreed in writing.
VII. Risks relating to personal data
In case of destruction, loss, alteration, unauthorized access, violation, unauthorized disclosure of personal data, we are committed to inform you of this event as soon as possible.
However, we will not have to inform you of such an event in the following cases:
– Notification to the supervisory authority of this event and this notification is self-sufficient;
– The appropriate technical and organizational protection measures have been implemented to remedy such an event;
– Subsequent measures ensure that the high risk to the rights and freedoms of data subjects is no longer likely to materialize;
– The conditions of information of this event would be manifestly disproportionate.
VIII. Changes to this document
In the event of modification of this document or the applicable provisions, information will be published on any medium and means of operational communication.
For any information on the protection of personal data, you can also consult the website of the National Commission for Computing and Freedoms (CNIL), accessible via the link: www.cnil.fr.