Bergerat Monnoyeur, whose registered office is located at 117, rue Charles Michels – 93200 Saint-Denis FRANCE (hereinafter the “Company” or “We”), acting as independent data controller, would like to inform you about the methods of processing (i.e. collection, use and sharing) of your personal data, through this website (hereinafter the “Website”) and the use of associated services such as special offers, event platforms, e-shop, tchat (hereinafter “Services”), in accordance with applicable laws and regulations on the protection of personal data, in particular: (i) Law No 78-17 of 6 January 1978 on Data Processing, Data Files and Individual Liberties and Law No 2018-493 of 20 June 2018 on the protection of personal data; (ii) Regulation (EU) 2016/679 dated April 27, 2016 (hereinafter “GDPR”), which came into force on May 25, 2018; and (iii) any other normative act, decree, regulation or provision that would be enacted by a competent national or European supervisory authority (hereinafter collectively referred to as the “Applicable Data Protection Regulations”).
The Company is an entity of GROUPE MONNOYEUR, a French corporate group having its mother entity located at 117, rue Charles Michels – 93200 Saint-Denis FRANCE.
1. What is the scope of this policy?
2. What types of personal data do we collect?
The Company collects (1) personal data that you have voluntarily shared with the Company and (2) personal navigation data related to access and use of the Website and Services. In particular, the Company collects the following information:
- Personal Data that you voluntarily share with the Company: the Company may collect your personal data (e.g. first name, last name, email, address, telephone number, etc.) when you submit a request via an online form on the Website or when you use our Services;
3. We process your personal data:
- To enable you to use the Website and Services;
- To evaluate and improve our Services and the functionality of the Services;
- To improve your experience using the Website and Services;
- Provide you with customer support and respond to your inquiries;
- To serve the interests of the Company; in certain cases, the Company may disclose your personal data, including when the Company believes in good faith that such processing is necessary to : (i) protect, exercise, or defend the rights, privacy, safety, security, or property of the Company or its employees, agents and contractors (including the performance of our contracts and terms and conditions of use); (ii) protect the safety, privacy and security of Users or the public; (iii) protect against fraud or for risk management purposes;
- To comply with legal obligations (including obligations related to the provision of the Services and consumer information), or to respond to requests from public and governmental authorities;
- To provide you with goods and/or services according to a contract;
- Subject to your consent, send you messages of a commercial nature and/or our newsletter and to share your personal data with our trusted business partners, including other GROUPE MONNOYEUR entities, to enable them to send you messages of a commercial nature.
4. On what legal basis do we process your personal data?
As an exception: if you connect to a personal account/customer area of the Website, within the framework of a service contract with the Company, the processing of personal data from this personal account is based on the contract that binds you to the Company.
5. How long is your personal data retained?
The Company retains your personal data for as long as it is necessary for the fulfillment of the purposes described in section 3 above.
Your personal data is kept:
- For the time strictly necessary for the use of the Website, the Services, or for the needs of the Company, and for a maximum of 3 years from the date of their collection in the absence of a contract with the Company for marketing purposes;
- In case of conclusion of a contract or an order, within the framework of the Services or otherwise, during the entire period of the contractual relationship, then kept in intermediate archives for a period corresponding to the possible warranty period to which is added the applicable legal prescription period (5 years in most cases);
- For email marketing operation and newsletter, 3 years from your last contact with the Company;
- For data processed by the Company to comply with legal obligations, during the time required to carry out those legal obligations.
- Until the withdrawal of your consent, in case of data processed based on your consent.
- For a period of 25 months from their implementation/creation in the case of cookies
6. How do we process your personal data?
The personal data is processed both manually and electronically and is protected by appropriate security measures. In this respect, although the Company uses appropriate administrative, technical and organizational measures to protect personal data against theft, loss, unauthorized use, disclosure or modification, it cannot guarantee that it will be able to protect itself against all existing IT risks.
7. Who has access to your personal data?
- Other GROUPE MONNOYEUR entities, as the case may be;
- Third party service providers, subcontractors (i.e. IT service providers, service providers related to the Services – for illustrative purposes, and without this list being exhaustive, experts, consultants and lawyers, companies involved in potential mergers, demergers or other transformations);
- Competent national authorities: in order to comply with the law in force and also with any administrative or judicial authority that may request it or need to have access to it in the context of a possible control or litigation.
- Trusted business partners (i.e. to enable them to send you messages of a commercial nature).
8. Are your personal data transmitted abroad?
Your personal data may be transferred to other GROUPE MONNOYEUR entities and service providers acting on its behalf that are located within the European Union.
We will not carry out any transfer of personal data to non-EEA countries.
9. Minors under 15 years of age
The Website does not address or offer Services to individuals under the age of 15, and the Company does not knowingly collect personal data from individuals under the age of 15 or minors in general.
10. What are the applicable security measures?
The Company implements all appropriate technical and organizational security measures to ensure a level of personal data security appropriate to the risk, and in particular, to protect data against accidental or unlawful destruction, loss, damage, disclosure or unauthorized access.
The same level of protection is contractually imposed by the Company on all its subcontractors. Any employee of the Company who, in the course of his or her duties, may have access to your personal data undertakes to hold it in a strictly confidential manner.
11. What are your rights with regard to personal data?
In accordance with the Applicable Data Protection Regulations, depending on the situation, you have a right to request access, rectification, erasure and the portability of your personal data and to request the limitation or object to the processing of your personal data as well as to withdraw your consent at any time. You have the possibility to give us instructions concerning the use and disclosure of your personal data (retention, erasure, third party transfer, etc.) after your death. You may exercise these rights by writing to the following e-mail address: email@example.com.
However, you are informed that your objection may, in practice and depending on the case, affect or make it impossible to take into account your request for information, registration or use of the Services offered on the Website.
You also have a right to lodge a complaint against a supervisory authority such as the Commission Nationale de l’Informatique et des Libertés, “CNIL”, in the event of a breach of the Applicable Data Protection Regulations.
12. Modifications and updates
13. Data Protection Officer
The Company has appointed a Data Protection Officer (“DPO”) whom you may contact for any questions relating to the processing of your personal data and to exercise your rights.
DPO Contact Information: firstname.lastname@example.org