Privacy Policy
Preamble
The General Data Protection Regulation (GDPR) came into force on 25 May 2018 and complements the existing legislation on personal data protection.
For your information, the term personal data refers to any information relating to an individual who is identified or can be identified, whether directly or indirectly, by reference to an identification number or to one or more elements that are specific to that person (last name, first name, address, email, telephone number, contract number, credit card number, etc.).
The processing of personal data refers to any operation performed on this type of data (collection, storage, transmission, deletion, etc.), whether on paper or digitally. The Data Controller is the person who determines the purposes of each processing operation and the means used to achieve those purposes.
At LogipremF, protecting personal data is a priority.
Therefore, in the interest of transparency, this Privacy Policy aims to explain why your personal data are collected and processed by LogipremF in its capacity as the Data Controller, how the data are processed, what rights you have with regards to your data and how you can exercise those rights.
The Company reserves the right to change this Privacy Policy at any time. Any modification shall take immediate effect.
Therefore, we ask you to consult our Privacy Policy regularly to ensure that you are aware of the latest applicable online version.
Purpose of the processing of data from the website
The purpose of the processing is to establish contact between visitors to the website and LogipremF.
Said processing makes it possible to receive requests via the contact form.
As a general rule, LogipremF does not process any of your data for purposes other than those for which they were collected, unless you give your prior consent.
Data processed
LogipremF collects various types of personal data about you when you fill in the contact form.
The data collected can be classified into the following categories:
- Identity
- Contact details (email)
- Date and subject of the request
- Description
The data are provided on a voluntary basis by visitors to the logipren.com website who wish to send a request to the company.
The recipients of the data are:
- LogipremF’s communications department
- if relevant, other contributing departments at LogipremF
Hosting
Duration of storage
The data are stored for the time required to fulfil the purposes for which they were collected, which cannot exceed a maximum duration of 3 years.
Cookies
LogipremF uses cookies and other tracking technologies to collect information when you access the LogipremF website, in particular concerning your browsing.
To learn more about cookies and how to disable them, please see the Cookie Policy.
Legal basis
LogipremF only collects your personal data for the purposes described above (Purpose of the processing) and only within an authorised legal framework. Subject to obtaining your prior consent, LogipremF may use your data to: – answer the questions you send via the contact form
– send you a commercial proposal concerning its products and services
– deposit cookies under the conditions described in the Cookie Policy.
You may alter your choice and withdraw your consent at any time, as described in the section of this Policy entitled “Your rights concerning your personal data”, without calling into question the lawfulness of any prior processing based on the consent provided before the withdrawal.
Security
LogipremF implements all the technical, physical and organisational measures required to ensure the security and confidentiality of your data during their collection, processing and transfer.
LogipremF’s infrastructure is protected against malware; you are, however, responsible for the security of your terminal.
In the event we use service providers to process part of your data, we undertake to check that those providers offer sufficient guarantees to ensure the protection of the personal data entrusted to them and shall have them sign confidentiality clauses in accordance with Article 28 of the GDPR.
In the case of a personal data breach, i.e. in the event of a security incident that may compromise the integrity, confidentiality or availability of your personal data, whether the incident be intentional or unintentional or of malicious origin or not, we undertake to comply with the following obligations:
| POUR VOUS, LA VIOLATION DES DONNEES ENGENDRE | AUCUN RISQUE | UN RISQUE | UN RISQUE ELEVE |
|---|---|---|---|
| Documentation interne, dans le « registre des violations » | X | X | X |
| Notification à la CNIL, dans un délai maximal de 72h | – | X | X |
| Nous vous en informons dans les meilleurs délais | – | – | X |
The “Breach register” contains the following elements:
- the nature of the breach;
- the categories and approximate number of people concerned;
- the categories and approximate number of files involved;
- the likely consequences of the breach;
- the measures taken to remedy the breach and, if appropriate, to limit the adverse effects of the breach;
- if relevant, the justification for not notifying the CNIL or sending information to the people concerned.
However, in accordance with the regulations in force, we are not obliged to inform you of a breach in the following cases:
- your personal data are protected by measures that make them incomprehensible for anyone who is not authorised to access them;
- measures have been taken to ensure that the risk is no longer likely to materialise;
- communicating the information would require a disproportionate effort on our behalf, notably if we do not have any way of contacting you to inform you of this.
Accountability
In order to comply with the principle of Accountability, our company:
- implements internal procedures to ensure compliance with the regulations (IT charter, personal data protection charter);
- keeps a documentary record of all processing carried out under its responsibility or that of the sub-processor (log of processing operations, confidentiality agreements with employees and service providers, company security policy, procedures for managing requests to access,
rectify, oppose data, etc.); - carries out privacy impact assessments (PIA) for processing operations presenting specific risks to rights and freedoms.
Your rights concerning your personal data
You may access and obtain a copy of your data, object to the processing of that data and have them corrected or deleted. You also have the right to limit the processing of your data.
Contact the Data Protection Officer (DPO) if you wish to request to exercise your rights.
All requests must specify the reason for the request in the subject line (e.g. exercising the right to access, oppose, delete data, etc.). The request must also be accompanied by a two-sided copy of a valid ID card bearing the signature of the person making the request and specifying the address to which the response should be sent.
LogipremF will send you its reply within a maximum of one (1) month from the date it receives your request. However, this period may be extended by two (2) months due to the complexity or number of requests.
SAS LogipremF Paris Branch
104 boulevard Auguste Blanqui
75013 Paris
SAS LogipremF Headquarters
27, Avenue du Dr Jean Marie Dambreville, Terre Sainte
97410 Saint-Pierre - La Réunion
