PRIVACY NOTICE
INTRODUCTION
INERIS DEVELOPPEMENT collect and processes your data legally and transparently, in accordance with the European General Data Protection Regulation (GDPR).
INERIS DEVELOPPEMENT limits collection of personal data to what is strictly necessary. With the Policy below, INERIS DEVELOPPEMENT gives an undertaking to data subjects to maintain a written register of the categories of processing activities performed as data processing manager in respect to the SAF€RA public website.
DEFINITIONS
INERIS DEVELOPPEMENT: The legal entity that is responsible for collecting data. INERIS DEVELOPPEMENT is a simplified joint-stock company, registered with the Trades and Companies Register with number 793 798 703 and with registered office located at Parc Technologique Alata, 60550 Verneuil en Halatte, France.
Contact details: bastien.caillard@ineris-developpement.com
Website: All the content of the webpages and services of the website www.safera.eu
User: The person using the Website and services to which the website may give access.
Data subject: Any person whose personal data are processed by INERIS DEVELOPPEMENT as part of the project.
INFORMATION AND RIGHTS OF DATA SUBJECTS
INERIS DEVELOPPEMENT hereby informs you about how it processes personal data as part of its business activity, how data are collected, used and protected. INERIS DEVELOPPEMENT remains available to provide data subjects any information about processing carried out as part of the Project.
For any request or complaint about the processing of personal data, please contact INERIS DEVELOPPEMENT at bastien.caillard@ineris-developpement.com
In particular, any data subject has the right to ask INERIS DEVELOPPEMENT:
-
For access to the personal data supplied;
-
To correct the data;
-
To object to the processing, when such processing is based on INERIS DEVELOPPEMENT's legitimate interest and given the particular situation of the data subject;
-
To exercise their right to portability of their information.
On the right to portability, INERIS DEVELOPPEMENT offers you the option to return all the personal data about a subject, at their express request. The data subject is thus guaranteed better control of their data and retains the possibility of reusing them. These data will be supplied in an open and easily reusable format, directly into the hands of the other data controller when desired and when technically possible.
For it to be accepted, the request message must be accompanied by a proof of identity. The data subject may authorise a person of their choice to exercise their rights, provided that this person proves their identity, that of the applicant and the extent of their authority in the form of explicit written evidence.
The Privacy Policy may be modified by INERIS DEVELOPPEMENT at any time, particularly to comply with regulatory, case law, editorial or technical developments. Before browsing, the data subject should refer to the latest online version on the Website or sent electronically.
DATA COLLECTED AND PURPOSES OF PROCESSING
As part of using the Website, INERIS DEVELOPPEMENT may collect the following data categories about Users of the Website directly from data subjects (hereafter designated the 'Users Data'):
1/ Identification data (first & last name, telephone number, e-mail address), relating to professional life (organisation, job title), the purpose of which is:
-
To respond appropriately to persons wishing to join INERIS DEVELOPPEMENT by completing the Website contact form;
-
To respond appropriately to persons wishing to receive additional information about INERIS DEVELOPPEMENT.
Any data collection form states the objectives of gathering these data (purposes) and if these data are compulsory or optional to administer the request. This Confidentiality Policy is freely accessible to the User, who should read it before sending their data to INERIS DEVELOPPEMENT.
2/ INERIS DEVELOPPEMENT follows a standard procedure of using log files. These files log visitors when they visit websites. The information collected by log files includes internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks.
The information is used for analysing trends, administering the website, tracking users’ movement on the website, and gathering demographic information.
COOKIES
The User is informed that INERIS DEVELOPPEMENT use cookies for statistical purposes, particularly to optimise services provided to the User, based on processing information about access frequency or personalise pages, as well as operations performed, and information viewed.
If the User doesn't want cookies to be used on their computer, most browsers allow cookies to be disabled through settings options and it is possible to refuse to have cookies saved on their computer. However, in this case, the User is informed that certain services may no longer work correctly.
ONLINE STATISTICS
This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the website. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States.
In case IP-anonymisation is activated on this website, your IP address will thus be truncated within the area of Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases the whole IP address will be first transferred to a Google server in the USA and truncated there.
Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing them other services relating to website activity and internet usage.
The IP-address, that your Browser conveys within the scope of Google Analytics, will not be associated with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser.
However, please note that if you do this you may not be able to use the full functionality of this website. You can also opt-out from being tracked by Google Analytics with effect for the future by downloading and installing Google Analytics Opt-out Browser Addon for your current web browser: https://tools.google.com/dlpage/gaoptout .
RECIPIENTS OF DATA
INERIS DEVELOPPEMENT complies with the legal rules that could prevent, limit or govern the distribution of information or data, and particularly French law 78-17 of 6 January 1978 relating to data processing, files and freedoms and the GDPR.
Personal data are collected by INERIS DEVELOPPEMENT for internal use only. Under no circumstances will these data be sold, transferred or communicated to third parties under conditions not specified herein.
Based on legal obligations, the personal data of data subjects may be disclosed pursuant to a law, a regulation or in accordance with a decision by a competent regulatory or legal authority. The personal data collected may be added to INERIS DEVELOPPEMENT's database. It may be passed to third parties after being anonymised, solely for statistical purposes.
If your personal data are communicated to a third party, INERIS DEVELOPPEMENT will ensure that the third party is bound to apply conditions of confidentiality at least identical to those herein.
The Website uses Social Plugins (Plugins) of different social networks like Twitter/LinkedIn/YouTube/Google+, which are marked by their logos. When you open a website with these plugins, browser data are transferred to the owners of those social networks. Thus, they are informed that you have opened the respective website. If the User is logged in to one or several of these social networks, these data can be linked to his/her account. The IP address may be logged without being a member of a social network or logging into a network.
Please note that data processing takes place outside the European Union. We have no influence over and take no responsibility for the volume of data transferred through social plugins.
For more information, please look up the data security policies of the respective network:
By logging out of networks before surfing or using privacy protecting software, you can limit the amount of data transferred.
STORAGE OF DATA
Personal data processed are not stored longer than necessary to fulfil the obligations defined by the Consortium. Beyond this period, the data will be anonymised and stored solely for statistical purposes and will not be used in any other way whatsoever.
More generally, data purging procedures are implemented to plan their effective deletion as soon as the storage or archiving duration necessary to fulfilling the predetermined or required purposes is reached.
Any person not actively involved in relation to the processing purposes described over a three-year period will have their data deleted.
Cookies are stored for a maximum period of 38 months after they are first saved on the User's computer, corresponding to the validity period of User consent to use these Cookies. The lifetime of cookies is not extended by each visit. The User's consent must therefore be renewed at the end of this period.
SUBCONTRACTING
In the context of its involvement in the Project, INERIS DEVELOPPEMENT may bring in one or more subcontractor(s) to undertake specific processing activities; these subcontractors are subject to the conditions of this Policy.
INERIS DEVELOPPEMENT ensures that any subcontractor or subsequent subcontractor provides adequate contractual guarantees regarding the use of appropriate technical and organisational measures to protect the data of data subjects.
PROCEDURES IN CASE OF SECURITY BREACH DETECTED BY INERIS DEVELOPPEMENT
INERIS DEVELOPPEMENT undertakes to implement all appropriate technical and organisational measures using physical and logistical security resources to guarantee an adequate security level to meet risks of accidental unauthorised or illegal access, disclosure, alteration, loss or destruction of the personal data collected.
However, INERIS DEVELOPPEMENT cannot guarantee that all risks of data misuse are eliminated.
In the event that INERIS DEVELOPPEMENT were to become aware of illegal access to personal data stored on its servers or those of its contractors, or unauthorised access resulting in the risks identified above being realised, INERIS DEVELOPPEMENT undertakes to:
-
Notify the person affected by the incident as quickly as possible, if this meets a legal requirement;
-
Investigate the causes of the incident;
-
Take the necessary reasonable measures to reduce the negative effects and harm that could arise from the aforesaid incident.
Under no circumstances may the commitments defined above relating to notification in the event of a security breach be considered as any form of acknowledgement by INERIS DEVELOPPEMENT of fault or liability for occurrence of the incident in question.
CROSS-BORDER AND NON-EU PROCESSING, CONTROL AUTHORITY
INERIS DEVELOPPEMENT performs cross-border processing of personal data. INERIS DEVELOPPEMENT has activities located in different countries of the European Union and has its head office located in France. Also, the lead supervisory authority in the meaning of article 56 of the GDPR is the French Commission nationale de l’informatique et des libertés (CNIL), the French data processing control authority (https://www.cnil.fr).
In addition, INERIS DEVELOPPEMENT may perform data transfers outside the European Union and that has an adequate level of protection. In such cases, INERIS DEVELOPPEMENT undertakes to apply the GDPR transfer rules.