CUSTOMER AND CONTACT DATA PROTECTION POLICY
1. PURPOSE
In order to ensure the proper functioning of our company, we are obliged to implement and operate the processing of personal data relating to our customers and/or contacts (prospects).
The purpose of this policy is to meet our obligation to provide information and to remind you of your rights in relation to personal data.
2. LEGAL BASIS
The legal basis for the processing carried out by our company under this policy is the performance of a contract between us and you and, as the case may be for our contacts, consent or legitimate interest.
3. PURPOSE
We process your personal data for the following purposes:
- Performance and monitoring of our contracts;
- Execution and follow-up of our services;
- Customer Relationship Management (CRM);
- Prospect Relationship Management (PRM);
- Customer service;
- Event organisation;
- Service improvement and surveys;
- Statistical reporting.
4. RECIPIENTS
The recipients of your data are internal or external recipients as the case may be.
Internal recipients are all employees of our company who work for our clients or contacts.
External recipients are our external service providers (e.g. accountants), technical service providers (e.g. ERP in SaaS) or our partners (e.g. subcontractors).
5. 5. RETENTION PERIOD
Your data is processed for a limited period of time, which we determine in the light of the legal and contractual constraints which are incumbent on us and, failing that, according to our needs. The following principles are applied:
- data relating to customers: kept for the duration of the contractual relationship with us, plus 5 years in accordance with legal requirements;
- data relating to contacts and prospects: kept for 3 years from the last contact from the contact or prospect.
6. YOUR RIGHTS
You have the following rights with respect to your personal data:
- a right to ask us to confirm that data relating to you is being processed, to access such data and to request a copy of it;
- a right to have any data relating to you that is inaccurate or out of date rectified;
- a right to obtain the deletion of your data if you have objected to their processing for commercial prospecting purposes;
- a right to obtain the portability of your data when the processing is based on the performance of a contract, when you yourself have provided your data to our company and when their processing is automated;
The request to exercise your rights must come from you alone, be accompanied by proof of identity and be made in writing to the marketing manager.
7. SECURITY
We implement technical and organisational measures that we consider appropriate to protect against the unauthorised destruction, loss, alteration or disclosure of your data.
In the event of a data breach, we undertake to notify the CNIL in accordance with the requirements of the GDPR.
If the data breach poses a high risk to our customers/prospects, we will notify those affected and provide them with the necessary information and recommendations.