DATA PROTECTION POLICY
ARTICLE 1: PREFACE
The GDPR and you...
Thus, the purpose of this current data protection policy is to introduce you to:
- The personal data controller
- How your data is collected and processed. A personal data is a data allowing to identify a physical person
- Your rights regarding the use of your personal data
The recipients to whom your data is transmitted
) on the website.
ARTICLE 2 : LEXICON
We promise, you will understand us!
Personal Data is any information relating to an identified or identifiable person, that is to say an information that allows that person to be identified directly (e.g., name and surname) or indirectly (e.g. using cookies).
Processing of personal data is any operation or set of operations (whether or not automated) applied to personal data or sets of personal data, such as: the collection, recording, organization, storage, transmission of data.
The Data Controller determines the purposes (the objectives of the processing) and the means of the processing.
The Sub-contractor processes personal data on behalf of and under the instructions of the Controller.
ARTICLE 3 : GENERAL PRINCIPLES
We have legal obligations!
In accordance with the provisions of Article 5 of the General Data Protection Regulation (GDPR), the collection and processing of your personal data respect the following principles:
- Legality, fairness and transparency: the collection and processing of personal data can only be based on a previously defined legal basis (performance of a contract, legal obligation, consent, legitimate interest, preservation of vital interests).
- Limited purposes: the collection and processing of personal data is carried out for one or more defined purposes.
- Minimization of data collection and processing: only data strictly necessary for the proper execution of the objectives are collected.
- Data storage limited in time: the data controller is obliged to define storage periods for the personal data processed.
- Integrity and confidentiality of collected and processed data: the data controller is committed to guarantee the integrity and confidentiality of the data collected.
ARTICLE 4 : RESPONSIBLE FOR DATA PROCESSING
We are responsible for the data entrusted!
As data controller, beauTec undertakes to comply with the obligations arising from the European Data Protection Regulation and the amended Data Protection Act, on the collection and processing of personal data. In accordance with Article 32 of the GDPR, we implement all technical and organizational measures to ensure the protection of your personal data.
ARTICLE 5 : PERSONAL DATA COLLECTED AND PROCESSED: WHAT DATA?
What do we know about you?
In accordance with the principle of minimization, we only collect the data necessary for the performance of our tasks. Thus, within the framework of our activity, beauTec is likely to collect and process the following information:
We do not collect sensitive data such as religion, trade union membership, racial and ethnic origin, criminal registers or health-related data.
ARTICLE 6 : PERSONAL DATA COLLECTED AND PROCESSED: FOR WHAT PURPOSES?
We would like to explain to you!
In all of these situations, beauTec acts as a "Data Controller" under the GDPR.
||REASONS FOR COLLECTION
|CONSULTATION OF THE WEB SITE|
We use this data in order to:
- Offer you personalized services
- Monitor and improve our websites and applications
- Carry out audience analysis or statistics
- Secure our website and ensure our and your protection against fraud
Your navigation data on our website are kept for a maximum period of 12 months.
- Professional life
We use this data in order to:
- Research and develop software applications
- Manage and implement IT projects
The storage period is relative to the development time of the project.
Execution of the contract
|SUPPORT AND MAINTENANCE
- Professional life
We use this data for the purpose of:
Data can be stored for one year.
Execution of the contract
ARTICLE 7 : PERSONAL DATA: WHO HAS ACCESS TO YOUR PERSONAL DATA?
We don't pass them on to just anyone!
beauTec undertakes to transmit your personal data only to internally authorized persons and to authorized third parties such as the tax authorities, the administration of justice and the police.
beauTec may, if necessary, transmit your personal data to subcontractors. The use of these service providers is necessary for the proper performance of our services. We undertake to verify and guarantee their compliance with the RGPD and the amended Data Protection Act.
beauTec may pass on your personal data to its subsidiary boTec as part of its distribution contract.
Apart from the recipients mentioned above, beauTec undertakes not to pass on your personal data to third parties or external organizations without your express consent.
beauTec does not and will not sell, transfer or disclose your personal data to any unauthorized third party.
beauTec does not use any automated decisions based on your personal data. No profiling is carried out during processing, and the data we collect will never be used without human intervention.
ARTICLE 8 : YOUR RIGHTS
You have all the cards in hand!
8.1 Your rights
In accordance with the regulations in force, you have the following rights concerning your personal data:
8.2 The internal referent
beauTec has appointed an internal data protection referent. Thus, to exercise your rights, you can contact our internal referent at the following address:
Contact details: email@example.com. beauTec SARL. 1545 Route d'Epagny, 74330 Sillingy, FRANCE.
8.3 Complaint to the CNIL
You may at any time file a complaint with the competent authority, namely the Commission Nationale de l'Informatique et des Libertés (CNIL), by following this link: https://www.cnil.fr/fr/plaintes.
ARTICLE 9 : SAFETY MEASURES
You entrust us with your data, we take care of!
beauTec is concerned about the security of personal data, which it undertakes to process securely and only for as long as is necessary to achieve the intended purpose.
beauTec has put in place technical and organizational measures to ensure a level of data protection adequate to the nature and purpose of the processing.
Thus, in accordance with Article 32 of the RGPD on the security of processing, beauTec has implemented:
- Means to ensure the continued confidentiality, integrity, availability and resilience of processing systems and services
- Means to restore data availability and access in appropriate deadlines in the event of a physical or technical incident;
The obligation of security remains however an obligation of means, i.e. we make every effort to guarantee the confidentiality and integrity of your personal data.
All persons having access to your personal data have been made aware of good practices in data protection. They are bound by an obligation of confidentiality, and are exposed to disciplinary sanctions in case of non-respect of this provision.
ARTICLE 10 : DATA TRANSFERS OUTSIDE THE EUROPEAN UNION
A well-organized trip!
In the framework of our business and in order to manage your requests, we do not transfer your data outside the European Union.
However, if your personal data is transferred outside the European Union, we will ensure that these countries guarantee a sufficient and appropriate level of data protection.
We undertake to inform you in advance of the possibility of transferring data outside the European Union and thus, we will inform you of the guarantees put in place to ensure a sufficient and appropriate level of protection.
ARTICLE 11 : DATA PROTECTION POLICY UPDATE
You are on the right track, it's almost the end of the reading!
The last update was made on 03/01/2023.