1. OBJECT
To ensure its proper functioning, our company is required to implement and operate the processing of personal data relating to its customers and/or contacts (prospects).
The purpose of this policy is to satisfy our obligation to provide information and to remind you of the rights you have regarding personal data.
2. LEGAL BASIS
The processing implemented by our company under this policy all has the legal basis of the execution of a contract which binds us to you and, depending on the cases for our contacts, consent or legitimate interest.
3. PURPOSE
We process your personal data for the following purposes:
– Execution and monitoring of our contracts;
– Execution and monitoring of our services;
– Customer relationship management (CRM);
– Prospect relationship management (GRP);
– Customer service ;
– Event planning ;
– Improvement of services and investigations;
– Production of statistical reports.
4. RECIPIENTS
The recipients of your data are internal or external recipients depending on the case.
Internal recipients are all employees of our company who serve our customers or our contacts.
External recipients are our external service providers (accountant for example), technical service providers (ERP in SaaS for example) or our partners (subcontractor for example).
5. SHELF LIFE
Your data is processed for a limited period which we determine with regard to the legal and contractual constraints which weigh on us and, failing that, according to our needs. The following principles are retained:
– data relating to customers: kept for the duration of the contractual relationship with us, increased by 5 years corresponding to legal requirements;
– data relating to contacts and prospects: kept for 3 years from the last contact from the contact or prospect.
6. YOUR RIGHTS
You have the following rights with regard to your personal data:
– a right to ask us for confirmation that data concerning you is being processed, to access this data and request a copy;
– a right to have any data concerning you that is erroneous or obsolete corrected;
– a right to obtain the erasure of your data if you have objected to their processing for commercial prospecting purposes;
– a right to obtain portability of your data when the processing is based on the execution of a contract, you yourself have provided your data to our company and their processing is automated;
The request to exercise your rights must come from you exclusively, be accompanied by proof of identity and be made in writing to the marketing manager.
7. SECURITY
We implement the technical and organizational measures that we consider appropriate to combat the unauthorized destruction, loss, alteration or disclosure of data concerning you.
In the event of a data breach, we undertake to notify the CNIL under the conditions prescribed by the GDPR.
If said violation poses a high risk for our clients/prospects, we undertake to notify those affected and provide them with the necessary information and recommendations.
