VALOREX Group Privacy and data processing Policy
Publication date: 4 September 2019.
As data controller, VALOREX, a simplified joint stock company with its registered office at Combourtillé 35210 La Messayais which is registered with the Rennes Trade and Companies Register under number 389 863 986 and its subsidiaries (hereinafter “we” or “The VALOREX Group”), attaches major importance to the protection of your personal data as a customer, web user or user of the services.
The VALOREX Group undertakes to implement appropriate measures to ensure the protection of your personal data and to process and use said Data in accordance with the applicable provisions and in particular European Regulation 2016/679 of 27 April 2016 (hereinafter the “GDPR”) and law no. 78-17 of 6 January 1978 known as the French Data Protection Act.
This document reflects and describes our policy on this issue and will help you understand what personal data we collect, what we do with it and how you can protect your privacy with regards to the services we provide.
1. What data do we collect?
Our business activity requires the collection and use of personal data. The personal data that is collected varies depending on how the services are used. In accordance with Article 4 of the GDPR, the terms “Data” or “Personal Data” mean any information relating to an identified or identifiable natural person (hereinafter referred to as the “Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.
The personal data collected or held by the VALOREX Group is directly communicated by the Data Subject themself or is collected from the activity on our websites and the use of the services offered by the VALOREX Group.
The VALOREX Group may collect the following data:
- Identity data (surname, first name, etc.)
- Contact details (contact details, postal address, etc.)
- Customer follow-up (purchase history, etc.)
- Invoicing and payment terms,
- History of the contractual relationship,
- If applicable, responses to surveys and questionnaires and comments/opinions,
- Technical information related to web browsing (e.g. IP address).
2. For what purposes do we use your Data?
Personal Data is processed for one or more specific, explicit and legitimate purposes. The VALOREX Group undertakes not to process Personal Data for other purposes, unless we have obtained the explicit specific consent of the Data Subject. In addition, we undertake to process only Personal Data that is adequate, relevant and not excessive in relation to the purposes for which it is collected. We inform Data Subjects that the VALOREX Group may process their Data for the following purposes:
- Execution of contracts with our customers, partners or users;
- Customer management;
- Management of orders, deliveries, invoicing;
- Commercial prospecting;
- Allowing people to contact us and allowing us to respond;
- Receiving job applications (via our dedicated space on our Valorex.com site for example) and processing them;
- Processing requests for the right of access, rectification, objection, erasure,
- Collecting information to improve our sites (including through cookies).
- Developing sales statistics.
The processing implemented by the VALOREX Group is based on:
- Performance of the contract for processing relating to the management of contracts, orders, invoicing and the customer/user relationship of VALOREX Group services,
- Legitimate interest for processing relating to the management of commercial activity and commercial prospecting for legal entities,
- Compliance with a legal obligation for tax-related processing, for example.
3. Use of VALOREX Group websites – Cookies
The cookie has a validity period that varies depending on the type of cookie and allows the visitor to be recognised when they next use the website. In any case, this period does not exceed 13 months.
4. Who receives the Data?
The Group does not market personal information. However, the VALOREX Group may share your Personal Data between its subsidiaries. In addition, in the course of our business, it is possible that service providers may be involved in the processing of the Personal Data collected. They are then bound by the strict obligations of data security and confidentiality. All Personal Data collected and processed by the VALOREX Group is hosted in the European Union.
5. How long do we retain your Data for?
The Data is stored in a secure environment for a period appropriate to the purposes of its processing and in accordance with the legislation and regulations in force. Thus, the Customer Data is stored during the contractual relationship, and may be stored for ten (10) years after the termination of the contractual relationship to comply with accounting and tax obligations. The Data of prospective natural persons may be stored for up to three (3) years after the last contact from the prospective customer.
What are your rights and how can you exercise them?
In accordance with the GDPR 2016/679 of 27 April 2016, each person has a right of access, rectification, erasure and portability of his or her Personal Data, and a right to restrict or object to the processing of such Data. You also have a right to information, which is why you can ask us for details on the processing of your Personal Data.
These rights may be exercised by contacting us at the following address:
- BY POST: VALOREX – DPO – BP 60138 – 35301 FOUGERES CEDEX
- BY EMAIL: email@example.com
You also have the right to lodge a complaint with the Commission Nationale de l’Informatique et des Libertés (CNIL). For any information on the protection of personal data, please visit the CNIL website: www.cnil.fr