- Category: Legal Notice
- Also available:
The policy set out below applies to the collection and processing of personal data carried out by ELTRACE, a SAS company, registered in the trade and companies register of MEAUX - France, under number R.C.S. 392 493 152, having its registered office 12, rue des Frères LUMIERE – 77290 MITRY MORY, (hereinafter referred to as the Data Controller).
This policy defines the main commitments of ELTRACE SAS in terms of the protection of personal data, whose activity is intended for professionals.
1 – The legal framework – compliance with the GDPR and French law
The Data Controller declares that he processes personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, relating to the protection of natural persons with regard to the processing of personal data. personal nature and the free movement of such data (hereinafter referred to as the GDPR) and French law n° 78-17 of January 6, 1978 relating to data processing, files and freedoms (modified).
2 – Collection and processing of personal data
Legal basis for collection
Each collection of personal data carried out by the Data Controller meets the conditions defined by the regulations in force, in particular:
• Informing the person concerned about the data processing carried out;
• Obtaining the consent of the person concerned to the transfer of their data to third parties.
Type of personal data collected
Depending on the purpose of the collection, the Data Controller may collect the following data: title, first name, last name, telephone number, email address, postal address, profession.
Purpose of processing
The purposes of the processing carried out are in particular:
• The delivery of the services subscribed by the data subject;
• The communication to the person concerned of information concerning news or offers related to the sector of activity of his company;
• Improving communication with the people concerned (relevant content, planning of the sending of offers according to needs);
3 – Storage of personal data
The duration of the conversation
The data is kept for the duration necessary for the purposes for which it is collected and processed. By default, this period is set at 6 years from the date of data collection or the last interaction between the data subject and the Data Controller.
Security and Privacy
The Data Controller undertakes to take all appropriate measures to guarantee a level of protection appropriate to the risk in terms of confidentiality, integrity, availability and resilience of the systems and in particular, in order to prevent the data to be personal character are not distorted, damaged or communicated to unauthorized third parties.
4 – Exercise of the rights of the person whose data is collected In accordance with the regulations in force, the person whose personal data is collected has the right, at any time, to exercise their rights of access, rectification, deletion of data concerning him as well as his rights of limitation and opposition to the processing and portability of his personal data. Any request to exercise these rights must be sent to the Data Controller in writing at the following address:
ELTRACE – 12, rue des frères Lumière – 77190 MITRY MORY
In addition, each of the communications from the Data Controller includes an unsubscribe link allowing the data subject to no longer receive the offer to which he or she is unsubscribing.
5 – Access to personal data The people likely to have access to personal data are:
• the Data Controller's staff;
• subcontractors carrying out the processing on behalf of the Data Controller in accordance with his instructions;
• subject to the consent of the persons concerned, trusted third parties (affiliation boards, agencies, lead generation companies and companies looking for customer acquisition and/or online visibility).
In this context, the Data Controller ensures that its subcontractors and trusted third parties have implemented the necessary measures to ensure the confidentiality and security of the data.
6 – Transfer of personal data
No transfer of personal data to a country outside the European Union is carried out by the Data Controller.