top of page

PRIVACY POLICY

Personal data – Website management

​

Activities relating to the www.bourcherie-maison-roman.fr website involve the processing of personal data.

 

What is the personal data use policy about?

This policy informs you of the characteristics of this processing and your rights on the personal data concerning you.

This privacy policy is drafted in accordance with Law No. 78-17 of January 6, 1978 (known as the "Data Protection Act" or "LIL") and the General Regulations on the Protection of Personal Data ("RGDP") No. 2016 /679.

 

Who is responsible for this policy?

The controller is the company MAISON ROMAN represented by its legal representative TABAILLOUX Luc and Emilie.

The contact details of the data controller are as follows: 824 route de Chambéry 38330 SAINT-NAZAIRE-LES-EYMES

The contact can be reached on the contact form of the site

 

Who is this policy for?

This policy is intended for users of the site: Internet users who browse the site.

It also concerns:

- people who subscribe to the newsletter (newsletter)

-candidates who apply on the site (online recruitment)

- the people who contact us using the contact form on the site

- people who post opinions and comments on our site

 

Purposes (what the data collected is used for)

The purpose of the processing is to manage the website.

This treatment allows:

- management of subscriptions to the newsletter (newsletter)

- management of online applications (online recruitment)

- management of requests for information through the contact form

- management of opinions and comments published on the site

 

Legal basis for processing: what gives us the right to process the data

 

The legal bases for processing are as follows:

-for the management of subscriptions to the newsletter (newsletter), the legal basis is the consent of the subscriber

-for the management of online applications (online recruitment), the legal basis is the consent of the candidates

-for the management of requests for information through the contact form, the legal basis is the legitimate interest (to allow online communication) or the execution of pre-contractual measures (production of quotes at the request of people)

-for the management of opinions and comments published on the site, the legal basis is the consent of the persons concerned

​

Data retention period

​

The data subject to processing are kept for a period not exceeding that necessary for the purposes for which they are recorded (principle of minimization of processing).

The maximum retention periods are as follows:

- for the management of subscriptions to the newsletter (newsletter): the e-mail address is kept as long as the person concerned does not unsubscribe

-for the management of online applications (online recruitment): 2 years for unsuccessful applications

-for the management of requests for information by the contact form: 3 years from the request

- for the management of opinions and comments published on the site: 5 years from publication

 

Data processed

​

The data controller processes the following categories of data:

- Civil status, identity, identification data, images (surname, first name, address, photograph, date and place of birth, etc.)

- Connection data (IP addresses, logs, terminal identifiers, connection identifiers, timestamp information, etc.)

-Professional life (CV, professional situation, education, training, distinctions, diplomas, etc.)

Mandatory or optional nature of data collection

The data collected is mandatory to achieve the processing purposes except in certain cases:

Jobs/internships form: website/ebook + CV + cover letter

Data sources

The data is transmitted directly by the data subject.

Data recipients

The personal data collected is reserved for the use of the controller. No personal data is transferred by the controller to recipients.

 

What security measures are in place?

​

The controller implements the appropriate technical and organizational measures to guarantee a level of security appropriate to the risk.

The controller takes measures to ensure that any natural person acting under the authority of the controller or the processor, who has access to personal data, does not process them, except on instructions from the responsible for processing, unless obliged to do so.

 

The existence or not of a transfer of data to a country outside the European Union and associated guarantees

The controller does not transfer personal data outside the European Union.

​

Fate of personal data after death – Right of access, rectification, deletion and data portability

​

The person concerned by a treatment can define directives relating to the conservation, the erasure and the communication of his personal data after his death. These directives can be general or specific.

The person concerned by a processing also benefits from a right of access, opposition, rectification, deletion and, under certain conditions, portability of his personal data. The data subject has the right to withdraw consent at any time if consent constitutes the legal basis for the processing.

The request must indicate the surname and first name, e-mail or postal address of the person concerned, and be signed and accompanied by a valid proof of identity.

She can exercise these rights by completing the form ​ below.

​

Complaint

​

The person concerned by processing has the right to lodge a complaint with the supervisory authority (CNIL):  https://www.cnil.fr/fr/webform/adresse-une-plainte

​

Thank you for what you sent !

bottom of page