CONFIDENTIALITY POLICY FOR SMICERS

CONFIDENTIALITY POLICY FOR SMICERS

At SMICE, the protection of your personal data is a priority.

When you use the site https://smice.com/ (the “ Site ”) and the SMICE application (referred to together with the Site as the “ Application “) and as part of the management of our contractual relationships with our customers, we collect personal data about you.

The purpose of this policy is to inform you of the terms by which we process this data in accordance with Regulation (EU) 2016/679 of April 27, 2016 relating to the protection of individuals with regard to the processing of personal data. personal and the free circulation of this data (the “ GDPR ”) and Law No. 78-17 of January 6, 1978 relating to data processing, files and freedoms (together the “ Applicable Regulations ”).

  1. Who is the data controller?

    As part of the management of our contractual relations with our customers, the data controller is the company QCM SMICE, a simplified joint stock company registered with the RCS of Nanterre under number 483 620 381, whose head office is located at 58 rue of Nanterre 92600 Asnières-sur-Seine (“ We ”).

  2. What data do we collect?

    Personal data is data that allows an individual to be identified directly or by cross-referencing with other data. We collect personal data that falls into the following categories:

    • Identification data (surname, first name, email address , postal address and delivery address where applicable if the latter is different from the postal address, telephone number);

    • Connection data (connection logs, encrypted passwords);

    • Browsing data (IP address, pages viewed, date and time of connection, browser used, operating system, user ID, MAID);

    • Data related to the mission carried out;

    • Economic and financial data (RIB) ;

    • Any information you wish to send us as part of your contact request.

    Mandatory data is indicated when you provide us with your data. They are reported by all means.

  3. On what legal basis, for what purposes and for how long do we keep your personal data?

    Goals

    Legal bases

    Shelf life

    Provide our services available on our Application via your account

    Execution of
    pre-contractual measures
    taken at  your request
    and/or execution of the contract that you or your company has entered into with Us

    When you have created an account: your data is kept for the duration of your account. Your connection logs are kept for 1 year. If your account is inactive for 2 years, your personal data will be deleted if you do not respond to our reactivation email. In addition, your data may be archived for evidentiary purposes for a period of 5 years.

    Create a file of customers and prospects

    Our legitimate interest in developing and promoting our activity

    For customers: data is kept for the duration of the contractual relationship.

    For prospects: data is kept for a period of 3 years from your last contact.

    Send newsletters, solicitations and promotional messages by email

    For customers: our legitimate interest in retaining and informing our customers of our latest news

    For prospects: your consent

    The data is kept for 3 years from your last contact with Us or until you withdraw your consent.

    Respond to your requests for information

    Our legitimate interest in responding to your requests

    The data is kept for a period of 3 years from your last contact.

    Processing applications for carrying out tests and missions in the event of successful tests

    Execution of contractual measures

    Your data is kept in active database for the duration of the test until the recruitment decision.

    If your application is refused, your data may be kept for 3 months after the end of the test in order to be able to provide you with explanations on the reasons leading to the rejection of your application.

    Your data may be kept in intermediate archiving for evidentiary purposes for 5

    years from the date of the test.

    Manage requests to exercise rights

    Our legitimate interest in responding to your requests and keeping track of them

    If we ask you for proof of identity: we only keep it for the time necessary for identity verification. Once verified, the document is deleted.

    If you exercise your right to object to receiving prospecting: we keep this information for 3 years.

  4. Who are the recipients of your data?

    Will have access to your personal data:

    1. The staff of our company;

    2. Our subcontractors: hosting provider, newsletter sending provider, electronic messaging provider and chat provider.

    3. Our partner for managing gift vouchers acts as an independent data controller. We disclaim any responsibility regarding the processing of personal data carried out by our partners and we invite you to consult their confidentiality policy;

    4. Where applicable: public and private organizations, exclusively to meet our legal obligations.

  5. Is your data likely to be transferred outside the European Union?

    Your data is retained and stored for the duration of processing on the servers of the company Online (FREE), located in France.

    As part of the tools we use (see article on recipients concerning our subcontractors), your data may be transferred outside the European Union. The transfer of your data in this context is secure using the following tools:

    • either the data is transferred to a country which has been the subject of an adequacy decision by the European Commission, in accordance with Article 45 of the GDPR: in this case, this country ensures a level of protection deemed sufficient and adequate to the provisions of the GDPR;

    • either the data are transferred to a country whose level of data protection has not been recognized as adequate for the GDPR: in this case these transfers are based on appropriate guarantees indicated in article 46 of the GDPR, adapted to each service provider , in particular in a non- exhaustive manner the conclusion of standard contractual clauses approved by the European Commission, the application of binding corporate rules or under an approved certification mechanism.

    • or the data is transferred on the basis of one of the appropriate guarantees described in Chapter V of the GDPR.

  6. What are your rights over your data?

    You have the following rights regarding your personal data:

    • Right to information : this is precisely why we have written this policy. This right is provided for by Articles 13 and 14 of the GDPR.

    • Right of access : you have the right to access all of your personal data at any time, under Article 15 of the GDPR.

    • Right of rectification : you have the right to rectify your inaccurate, incomplete or obsolete personal data at any time in accordance with Article 16 of the GDPR.

    • Right to limitation : you have the right to obtain limitation of the processing of your personal data in certain cases defined in Article 18 of the GDPR.

    • Right to erasure : you have the right to demand that your personal data be erased, and to prohibit any future collection of it for the reasons set out in Article 17 of the GDPR.

    • Right to lodge a complaint with a competent supervisory authority (in France, the CNIL), if you consider that the processing of your personal data constitutes a violation of the applicable texts, in accordance with article 77 of the GDPR.

    • Right to define guidelines relating to the conservation, erasure and communication of your personal data after your death .

    • Right to withdraw your consent at any time : For purposes based on consent, Article 7 of the GDPR states that you can withdraw your consent at any time. This withdrawal will not call into question the legality of the processing carried out before the withdrawal.

    • Right to portability : under certain conditions specified in Article 20 of the GDPR, you have the right to receive the personal data you have provided to us in a standard machine-readable format and to request its transfer to the recipient of your choice.

    • Right to object : under Article 21 of the GDPR, you have the right to object to the processing of your personal data. Please note, however, that we may continue their processing despite this opposition, for legitimate reasons or the defense of legal rights.

    You can exercise these rights by writing to us using the contact details below. We may ask you on this occasion to provide us with additional information or documents to prove your identity.

  7. Contact point to exercise your rights

    Contact email : [email protected]

    Contact address: 58 rue de Nanterre 92600 Asnières-sur-Seine.

  8. Changes

We may modify this policy at any time , in particular in order to comply with any regulatory, jurisprudential, editorial or technical developments . These modifications will apply on the effective date of the modified version. You are therefore invited to regularly consult the latest version of this policy. However, we will keep you informed of any significant changes to this privacy policy.

Entry into force: November 1 2023

Retour

Widget Support