Privacy and data protection policy
Update : may 2018
EUREP Industrie has always paid particular attention to the security and protection of the personal data of its customers and users.
This Data Protection Policy has been drawn up to enable you to be aware of the conditions under which EUREP Industrie collects and protects your data. We invite you to read it in its entirety.
Summary
This document may change over time, so please consult it regularly. Use of our Website implies acceptance of our "Data Protection Policy".
Definitions
Personal data
Personal data consists of any information relating to a natural person enabling him to be identified directly or indirectly.
Visitor
The term "visitor" refers to an anonymous visit to the website without authentication.
Authenticated user
The term "user" refers to authenticated users with a personal account on our website.
GDPR
The term "GDPR" refers to the "General Data Protection Regulation" which defines the rights and obligations regarding the collection and protection of personal data (European Regulation No. 2016/679 of 27 April 2016).
Data Controller
The controller within the meaning of the GDPR is EUREP Industries
CNIL
The term "CNIL" refers to the "Commission Nationale de l'Informatique et des Libertés" an independent administrative authority whose purpose is to ensure compliance with the law on the protection of privacy and computer use. This authority is responsible, in addition, for monitoring the implementation of the GDPR.
What data do we collect ?
Depending on the level of interaction between you and our website, we collect two types of data. So-called "anonymous" data and so-called "personal" data.
Personal data collected
Some services offered on the website require that personal data be collected. This is the case, for example :
When creating a Personal Account, the recorded data is used to manage your authentication, give you access to the private pages of the website and the various services associated with it.
During an Online Order, the data collected on this occasion are necessary for the proper execution of the contract and compliance with the legal obligations in this area. (Ensure delivery, proceed to invoicing ...).
The essential information is identified by an asterisk in the various registration forms. If you do not fill in these mandatory fields, we will not be able to respond to your request.
Other information is optional and allows us to improve our services to our users.
Anonymous data collected
We also collect anonymous data on visits such as: the size of the screen, the type of device used, the pages viewed, etc. For this we use cookies (small text files stored on your computer)
This data is collected anonymously. They are used for statistical processing purposes to improve our services. They also contribute to the security of our website. No personal data is recorded on this occasion.
You can accept or refuse the use of these cookies at any time during your browsing using the options of your browser. However, some services may not function properly in the absence of this information.
We also use the "Google Analytics" tool to perform audience measurements. EUREP Industrie does not control the cookies used by Google, and invites you to consult Google's Audience Measurement Privacy Policy.
Social Networks
The activation of social network cookies ("Like" button ...) gives the possibility to these networks to analyze your interests. EUREP Industrie does not have control over these cookies and invites you to visit the various platforms to learn about the use made of the information collected on this occasion.
Way of communication
As part of its activity, EUREP Industrie uses e-mail services to communicate. As such, you are likely to receive:
- Emails necessary for the smooth running of the commercial relationship (acknowledgment of receipt of order, notification of delivery, response to a message ...) .
- Informative emails about our activity (Announcement of events, new products ...). In the latter case, you can at any time oppose the receipt of our informative communication by the "unsubscribe" link that is systematically proposed.
Rights of access and rectification
As an identified user, you have the right to access and rectify your personal data. You can also request the deletion of your account, or request to receive the contents in a usable computer format. In the event of a request for deletion of an account, and before its effective deletion, the necessary data is archived and kept for the legal period defined in this matter (see Retention periods).
Security and protection
EUREP Industrie has always attached the utmost importance to the protection of your data and the security of its website. To this end, EUREP Industrie has put in place a set of measures that guarantee you a high level of protection.
Securing exchanges
All exchanges between your computer and our website are encrypted by the HTTPS / SSL protocol. This is to prevent their exploitation in case of interception during transfers. (Identifiable by the small padlock in the address bar)
During payment, the bank details are encrypted before being transmitted in unintelligible form to the only servers capable of decrypting them.
Protection of personal data
All your personal information is transmitted encrypted. Sensitive information, such as password, is encrypted and stored in its encrypted form. The encryption used is of the "non-reversible asymmetric" type. Only you know your credentials. In case of loss a procedure for changing your identifiers is proposed to you.
Responsability of the user
As an Authenticated User with a personal account on our website, you are responsible for the confidentiality of access to your account. EUREP Industrie declines all responsibility in the event of misuse made with your account following the loss of confidentiality of your access.
The strength of a password is in its length. To ensure strong protection, we invite you to use passwords longer than 8 characters. The best solution is to use a phrase as a password.
Preventive monitoring
In order to prevent unauthorized access to the systems we use, we have implemented automated monitoring as a preventive measure. When an access is identified as "non-compliant" we immediately receive an alert to inform us of the problem encountered.
Technical and administrative access to data
Administrative and technical access to the data is strictly reserved for EUREP Industrie and its direct subcontractor "Enovanet", mandated by EUREP Industrie to take charge of issues related to the implementation of the GDPR. All persons entitled to access personal data in the course of their daily work have been expressly authorised by EUREP Industrie. They have undertaken by contract to ensure and maintain the confidentiality of the data processed.
Recipient of the data
EUREP Industrie is the sole and only recipient of the data that is collected. No data is transmitted or sold to anyone for any reason. Except for a request from the legal or judicial authorities. No data is transferred or stored outside the European Union.
Data retention period
The data retention and archiving periods comply with legal provisions, or have been established on the basis of the CNIL (Commission Nationale Informatique et Libertés) reference system. The data retention periods collected by EUREP Industrie are as follows:
data Type |
Retention period |
---|---|
Anonymous cookie |
Maximum 1 year, or until you delete them. |
Subscription to the Newsletter |
Until the exercise of your right of opposition by activating the "Unsubscribe" link provided for this purpose. |
Messages sent using the forms offered on the site |
For the time necessary to complete your request, and archived maximun 5 years frome the last contact. |
Customer Account Information |
Up to 3 years. From the end of the business relationship of your request to delete an account. |
Information related to the creation of business documents |
Legal term of 10 years |
Beyond these periods, the data may be aggregated anonymiezd to be used for statistical purposes.
Outsourcing
EUREP Industrie calls on the professional skills of its direct subcontractor "Enovanet", to ensure the security of the Website and the protection of the data collected. The latter is committed by a Confidentiality Agreement. It works with the agreement and under the authority of the eurep Industrie data controller.
Claim
For any request relating to our Personal Data Protection Policy or the implementation of the GDPR, please send your request using the contact form on this website. Depending on the nature of the request, proof of your identity may be required before it is actually carried out.
You also have the right to refer directly to the Commission Nationale de l'Informatique et des Libertés (CNIL) 3 place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07, any complaint concerning the processing of your personal data.