The EDISER company (hereinafter referred to as “the Data Controller”), publisher of the recruitment.enpc-ediser.com website (hereinafter referred to as “the Services”).
The Data Controller is committed to protecting personal data. As such, the Data Controller is committed to compliance with the General Data Protection Regulation 2016/679 of 27 April 2016 (“GDPR”) and Law no. 78-17 of 6 January 1978 relating to information technology, files and freedoms (“Information Technology and Freedoms” law) (together “the Data Protection Regulations”).
The present Charter for the protection of personal data (hereinafter referred to as “the Charter”) is part of a policy of transparency and fairness towards you.
The purpose of the Charter is to provide you with all the information you need to understand how the Data Controller collects, processes and protects your personal data when using the Services and the options available to you in this respect.
The Data Controller may amend the Charter at any time, according to the changes or additions made, in particular in order to comply with any regulatory, legal, editorial and/or technical developments. You are advised to refer to the latest version of the Charter before browsing.
How and why is your personal data processed?
Personal data is any information that enables you to be identified as an individual, directly or indirectly. This includes, for example a surname, first name, date of birth, gender, postal address, email address, computer IP address, browsing history, purchase history, telephone number, payment card number, photo, videos, comment indicating your contact details, personal and confidential identifier and password, etc.
When you access the Services, you may be asked to provide personal data, for example if you :
- wish to download online documentation
- send a contact request
Providing this information may be mandatory in order to use some of our Services.
The purpose of collecting and processing your personal data is to:
- respond to your requests ;
- compile statistics on visits to the various parts of our Services;
- comply with current legislation if you participate in areas where contributions are moderated after the event (forums, opinions, uploading of any digital element, etc.) ;
- provide you with the documents you request
- identify misuse of our Services.
Who can use your personal data?
Your personal data is collected when you subscribe to our Services. This data is intended for the Data Controller, and may be communicated to third parties under certain conditions.
The Data Controller
Your personal data is processed by the Data Controller for the purposes described above.
Your personal data may be:
- communicated by the Data Controller to its subsidiaries;
- transmitted to any third party company that the Data Controller has appointed as a subcontractor to carry out any of the activities described above on its behalf, it being specified that your personal data will remain under the control and direction of the Data Controller.
- Third parties authorised by law:
In certain cases provided for by law, your personal data may be transmitted to third parties legally authorised to access it upon specific request: judicial authority, administrative authority, your Internet service provider, or a third party issuing a cookie recorded in your terminal (an external advertising agency, another publisher, etc.).
We may also communicate your personal data to third parties if such a measure is necessary to protect and/or defend the rights of the Data Controller, to ensure compliance with these provisions, or to protect your rights and/or interests or those of the public, provided that such transmission is authorised by law.
In the event that all or part of the Data Controller is sold to a third party, we reserve the right to transfer your information as a sold or assigned asset.
How can you access, modify and/or delete your personal data?
You have rights over your personal data.
In accordance with the Data Protection Regulation, and within the limits laid down in particular by articles 12 to 22 of the GDPR, you :
- have the right to ask us for access to your personal data, and for it to be corrected or deleted – you can access and correct some of your personal data directly from your Account;
- also have the right to object to the processing of your personal data, to request its limitation, and the right to portability of the personal data provided.
- Finally, we remind you that you have the right, in any event, to define general or specific directives relating to the fate of your personal data after your death.
Exercising your rights
The easiest way to exercise your rights is to send us your request online. You can exercise these rights by :
- using the tools provided for this purpose and made available to you as part of our Services;
- writing to us at the following address firstname.lastname@example.org
In addition, you may withdraw your consent to the processing of your personal data at any time by clicking on a dedicated hypertext link in the messages we send you.
Withdrawal of consent does not affect the lawfulness of processing based on consent given prior to such withdrawal.
If you are unable to access, modify or delete your information online, you may make your request by post to the following address EDISER, 381 rue Raymond Recouly – 34070 MONTPELLIER. In order to prevent any unauthorised access, modification or deletion or to avoid any impersonation, please attach proof of your identity to your request wherever possible. If there is any doubt about your identity, we will ask you to send us a copy of an identity document.
A few clarifications
Any abusive, manifestly unfounded or excessive request may be rejected.
The request must also specify the address to which the reply should be sent, failing which it will be sent to any address known to us. A reply will then be sent to you within 1 month of receipt of the request. This period may be extended by 2 months, depending on the complexity and number of requests.
We remind you that our partners are responsible for the use they make of your personal data and for taking into account your rights, including the right to no longer receive offers from them.
If your personal data is deleted, you acknowledge that you will not be able to access and/or order products on the Site.
How long is your personal data processed by the Data Controller?
Your personal data is stored by the Data Controller and/or any service provider strictly for the performance of the Services offered, and is kept for the period strictly necessary to achieve the purposes for which it is collected, in compliance with the regulations in force.
Thus, for example, the data collected when you subscribe to one of our newsletters is kept for the purpose of sending you such newsletters until you unsubscribe.
Information relating to each order/purchase is archived in any event until invoicing and is kept for up to 5 years after delivery of your order/purchase.
After that, we will proceed to :
- either the secure deletion or destruction of data;
- or the strict anonymisation of the data, for statistical purposes only, which will not be used for any other purpose whatsoever.
Where is your personal data stored and processed?
As a matter of principle, the Data Controller attaches great importance to protecting the personal data of its customers and subscribers and to complying with the framework laid down by the Regulations on the protection of personal data.
Your personal data is therefore processed by us or our service providers within the European Union and, as far as possible, is not transferred to third countries.
In this case, the Data Controller has ensured the existence of appropriate safeguards so that the level of protection of individuals guaranteed by the Data Protection Regulations is not compromised. You can consult these guarantees on request at the following address: email@example.com.
Who to contact about your data
For any questions relating to your personal data, you can contact the Data Protection Officer appointed by the Data Controller, who is authorised to deal with all issues relating to the protection of personal data. You can contact him using the following address: firstname.lastname@example.org.
We remind you that in the absence of a satisfactory response to your request, you may lodge a complaint with the Commission Nationale de l’Informatique et des Libertés, which is the regulatory authority responsible for ensuring compliance with the regulations on the protection of personal data in France, directly on the website https://www.cnil.fr/fr/agir or by post at the following address:
Commission Nationale de l’Informatique et des Libertés, 3 Place de Fontenoy – TSA 80715, 75334 PARIS CEDEX 07.