The purpose of this Policy is to inform you about the use and procedures that are in place within the CEIS Group regarding the protection of your personal data in accordance with the European Union’s General Data Protection Regulation or “GDPR” of April 27, 2016 (No. 2016/679).
Our Data Protection Officer (DPO-CEIS@ceis.eu) ensures that data subjects are informed of their rights and can explicitly consent to these data processings and their purposes.
Scope of application
This Policy is specific to the CEIS group and its companies and only concerns the activities for which the group is a Data Controller within the meaning of the GDPR.
Anonymous access of visitors
Type of personal data collected and retention period
We collect the data that you send us specifically for each purpose, as well as data strictly related to your Internet browsing (cookies) such as:
- Identifying data (name, surname, function, company, telephone, professional email) in order to proceed to any registration (newsletters, publications) at your request (the legal basis being your consent, presumed in the framework of a BtoB use);
- Professional data allowing you to register for our various events (name, surname, function, company, telephone, email, official identity document needed by legal obligation, etc.) in order to facilitate your access and to allow you to receive information necessary for your participation (the legal basis being your consent). We may use this information to invite you to future events that we will organize and to send you publications and newsletters related to these events.
- The content of the messages you send us via the contact form (the legal basis is therefore our legitimate interest);
These data are kept for a period of three years after the last contact we had with you.
- The data allowing you to apply to our offers (CV, cover letter, etc.) in order to fill job offers within the group. We keep this data for up to two years after the last contact we had with you (the legal basis being the conclusion of a possible contract between us);
- The usage data of our site allows an analysis of audience, which are preserved up to a maximum duration of one year.
Note: the information indicated by an asterisk (*) is essential to the processing of your request.
Confidentiality and security measures
We take all reasonable measures (physical, logical, organizational) to protect your data at the time of their transmission on the service, in particular against loss, misuse, unauthorized access, disclosure, alteration or destruction, via security measures such as the detection of vulnerabilities, the deployment of the HTTPS protocol, the setting up of pseudonymization and anonymization processes etc.
However, this does not allow us to guarantee the security of the information you send us. Depending on the type of the collected data and their purposes, the processing is carried out only by authorized personnel in accordance with our requirements of confidentiality and security, in the constitution of files, exchanges with our partners and subcontractors, and transfer of these data (see below).
Recipients of the data
The personal information that you may provide can be consulted by the personnel of our company, as well as all the group’s subsidiaries, the departments in charge of control and our subcontractors within the strict framework of the purposes we have presented to you.
We specify that we have subscribed with our sub-contractors strict security clauses, in conformity with article 28 of the GDPR, identifying in particular the objectives of security to be reached.
We also indicate that in the case of using social modules or your Facebook or LinkedIn account, the social network in question may have access to some of the information.
Finally, we may be required to disclose personal information on request of any Public Authority in the context of a compulsory legal procedure, or in the event of a proven risk that could affect our information system, having an impact on our activities or the conduct thereof, or the fundamental rights of third parties concerned.
International data transfer
We may transfer your personal data to service providers outside the European Economic Area (EEA). In this case, be assured that they are subject to specific rules and measures to ensure the appropriate level of security for the protection of your personal data. This means that we will base our transfers on the basis of the applicable regulations (standard contractual clauses approved by the European Commission in our contracts with third parties outside the EEA, transfer to countries with protection recognized as adequate by the European Commission, etc.). For more information, please contact our Data Protection Officer at DPO-CEIS@ceis.eu.
Share social networks where you have an account
We have planned for you the ability to easily share the pages you visit on your favorite social networks. The use of buttons to access social networks is indeed likely to lead to the collection and exchange of certain data between social networks and group sites.
Our sites use “plug-ins” or social modules on its various pages (buttons “share” of social networks such as Facebook, Twitter, Google+, LinkedIn and Viadeo, …). When you visit a page of one of our sites containing such social modules, a connection is automatically established with the servers of social networks (Facebook, Twitter …) who can then be informed you have accessed the corresponding page of our site.
Rights of access, rectification and deletion
We remind you that you have the right:
- To be informed about how your data is processed;
- To access your data;
- To oppose for legitimate reasons that your data be processed and in particular that your data be used for commercial prospecting purposes;
- To limit certain uses of your data;
- To correct your personal information, as well as asking us to delete certain information;
- To challenge the way your personal data is processed;
- To withdraw your consent at any time (in cases where we rely on your consent);
- To define guidelines regarding the fate of your personal data after your death, pursuant to Article 32 of the Law of 6 January 1978.
The protection of personal data is a fundamental right, and you can always contact our Data Protection Officer at the following address DPO-CEIS@ceis.eu to exercise your rights. However, we reserve the right to ask you to justify your identity and the relevance of your request.
If, despite our response, you were not satisfied, you have the possibility to contact the CNIL directly at the following address https://www.cnil.fr/en/contact-cnil.
Evolution of the perimeter of the group
If we are repurchased or merged with another company, or if there is a restructuring of the group, there will be a transfer of your personal data to the new entity. If this assumption were to materialize, we would apply the same rules as those set forth in this Policy to your personal data and your rights to the use thereof.
Cookies are often encrypted files that are stored in your browser. They are created for a limited time when the browser of a user loads a given website: the site sends information to the browser, which creates a text file. Each time the user returns to the same site, the browser retrieves this file and sends it to the server of the website.
The information stored by cookies includes the pages visited, the type of browser you use, your IP address, or the information you have entered on a site to prevent you from entering them again.
For more information on cookies, please consult the CNIL information page: http://www.cnil.fr/vos-droits/vos-traces/les-cookies/.
To get to know you better and to improve the navigation and ergonomics and fluidity of our website, we may use different types of cookies:
- “Session cookies”: they remain stored in your browser only during your browsing session, i.e. until you leave the site.
- “Persistent cookies”: they remain in your browser after the session (unless you have deleted them).
- “Performance cookies”: they collect information about your use of the site, such as web pages visited and error messages, but the information collected is aggregated so that it is made anonymous: these cookies do not collect information about identified persons. They are used to improve the efficiency of the website.
- “Functionality cookies”: they allow the site to remember the choices you make on the website (e.g. changes in text size, personalized pages) or activate services such as comments on a blog.
Our cookies have a life span ranging, depending on the type of cookies used, between 30 minutes and one year.
You can of course set your cookies. Your browser’s help menu will let you know how to express or change your cookie preferences:
- For Internet Explorer ™: https://support.microsoft.com/en-us/help/260971/description-of-cookies
- For Safari ™: http://support.apple.com/kb/ht1677
- For Chrome ™: https://support.google.com/chrome/answer/95647?hl=en&hlrm=en
- For Firefox ™: https://support.mozilla.org/en/kb/enable-and-disable-cookies-website-preferences
- For Opera ™: http://help.opera.com/Windows/10.20/en/cookies.html
For mobile devices, you can view the following links:
- For Safari ™: https://support.apple.com/en-us/HT201265
- For Chrome ™: https://support.google.com/accounts/answer/61416?hl=en&ref_topic=2373959
- For Firefox ™: https://support.mozilla.org/en/kb/activate-or-switch-cookies-on-firefox-for-android
- For Windows Phone ™: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies