Privacy and personal data processing policy
THE PARTIES
This document sets out the privacy and personal data processing policy of SIREM, a company registered with the Trade and Companies Register under the identification number 351 138 169 RCS Bourg-en-Bresse, as a manufacturer of motorization (hereinafter referred to as “SIREM”) and any natural person of legal age and capacity, or any legal person, using the services offered by SIREM (hereinafter referred to as the “Customer”).
DEFINITIONS
“Data”: data includes the website, databases, backups.
“Personal Data”: is any data of a personal nature relating to a natural person identified or who can be identified, directly or indirectly, by reference to an identification number or to one or more elements relating to the person.
“User”: any natural person of legal age and capacity, or any legal person, using the services offered by SIREM.
“Third party”: natural or legal person other than the Customer or SIREM.
PERSONAL DATA PROCESSING
Current regulations
The Parties undertake to respect the current regulations in force, in particular:
Law 78-17 of 6 January 1978 amended by Law No. 2004-801 of 6 August 2004 on information technology and civil liberties.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Regulation on the protection of natural persons with regard to the processing of personal data), applicable from 25 May 2018.
Collection and dissemination of personal data
SIREM may collect personal data related to the User in particular during:
the creation of a Customer account (automatically following the receipt of an online contact form or manually by a SIREM department) or a supplier account
a request for information or a quote on a website owned by SIREM
browsing of a website belonging to SIREM in order to supply, analyse and improve our services
contact by phone or in writing.
The information likely to be collected by SIREM is that relating to the identity of the user and the entity for which he/she works (professional or institutional structure), his/her postal and/or electronic contact details and his/her connection data.
All personal data collected by SIREM is mandatory and necessary for the provision of the services offered and the establishment of a commercial relationship with SIREM.
Information related to the user is only collected and stored by SIREM on its websites after explicit consent from the user is received (box checked by the user, provision of the document on the protection and processing of personal data). In the absence of explicit consent from the user, the contact form cannot be posted and sent to SIREM.
Data is collected on SIREM’s websites in a secure way, each SIREM website being protected by an SSL certificate (use of the HTTPS protocol ensuring encryption of the data between the User and the platform host responsible for collecting the data).
In the case of contact by simple email or telephone from the user, SIREM is authorised to process and save the data transmitted by the user for processing in the context of the commercial relationship.
The data relating to the consent given by the User (date and time, source, identity of the person giving the consent, what the person consents to), as well as all the data collected (data adequate to what is necessary for the purposes for which it is processed, such as: data required for the commercial relationship, for informing the user, for supplying services, etc.) is saved on SIREM’s servers…
Certain elements of the personal data may in fact be transmitted to external service providers in order to ensure the proper functioning of the company.
SIREM may also communicate the data to judicial authorities if requested to do so by them.
Personal data retention
The personal data of the User is kept until its deletion is requested by the User or by SIREM.
On its information systems, SIREM stores information requests (online forms), transactions including purchase orders, invoices and contracts in accordance with the provisions of the Commercial Code relating to the retention period for books and documents created for the purposes of commercial activities and the Consumer Code relating to the retention of contracts concluded electronically, which is ten years in this case.
Personal data hosting
Personal data of Users is exclusively stored in the data centres of third parties used for the hosting of SIREM’s websites, all located in France as well as on the internal servers of the SIREM Company.
Security
SIREM takes all necessary precautions to preserve the security of the personal data and to store it in a lawful and redundant manner.
The collection of personal data on SIREM’s websites is secured by the use of the HTTPS protocol, a protocol that ensures encryption of data between the user and the platform hosting the data.
Right of access, deletion of personal data and portability
In accordance with the provisions of amended law 78-17 of 6 January 1978, the User may request the modification, rectification or permanent deletion of his/her data at any time.
Under Regulation (EU) 2016/679, the User may also request the modification or deletion of his/her personal data, withdraw his/her initial consent, or request the portability of his/her personal data. He/she may exercise his/her rights by sending a letter addressed to:
SIREM
IT department
Chemin du Pilon – Saint Maurice de Beynost
01700 Miribel
Or by email to the following address: rgpd@sirem.fr
PRIVACY POLICY
Confidentiality
The parties agree to treat as confidential all information that they may become aware of in the context of this policy, with respect to their respective businesses.
In particular, all end-user information, methods and documentation provided to SIREM, all documents (economic, technical, functional, organisational, etc.) and data entrusted thereto, all interviews in which they participate and all documents issued are considered as confidential information.
Information that was already known to the Parties prior to the commencement of their contractual relationship is not considered confidential, evidence whereof may be provided in writing, and information that is contained in a written document independently of any disclosure by the parties.
The Parties undertake to use appropriate means to maintain the absolute secrecy of the other party’s confidential information to which they shall have access in the context of their commercial relations and undertake to ensure that this obligation is respected by all their corporate officers, personnel and third-party Customers.
Amendments
SIREM reserves the right to modify this privacy and personal data processing policy at any time. The most recent version of this document shall always be available on SIREM’s websites. In the case of a major amendment to this document, a notification shall be sent to you by email. By continuing to access the services offered by SIREM in the context of a commercial relationship, the user accepts this privacy policy without any reservation.