Privacy Policy
In this Privacy Policy, 2CRSi (“we”) set out how your personal data collected via the website 2crsi.com is processed, in our role as data processor.
Data Processor
The data processor for your personal data is 2CRSi, a Société Anonyme (French limited company) registered with the Strasbourg RCS (Register of Companies) under no. 483 784 344, headquartered at 32 Rue Jacobi-Netter, 67200 Strasbourg, represented by our President Mr Alain Wilmouth.
You can contact us at any time at dpo@2crsi.com or by phone on +33 (0)3 68 41 10 60.
Data Protection Officer
We have designated a data protection officer. You can contact them with any questions relating to your rights, either by email at dpo@2crsi.com or by sending a letter marked for the attention of “Délégué à la protection des données” (Data Protection Officer) to our headquarters.
Processing your data
The purposes for which we process your personal data, and the legal basis on which we do so, are as follows:
|
||||||||
|
|
Recipients of personal data
The personal data that we collect via our website 2crsi.com is primarily intended to be used internally, by the teams that process requests or collect data, for the relevant purpose.
We may also communicate some of your personal data to third parties, who may act as data processors or as sub-contractors.
For example, we may in some cases send some personal data to authorised bodies in order to carry out our legal, regulatory or contractual obligations, or to ensure the defence of our rights.
Duration of retention of personal data
Your personal data will only be retained as long as is strictly necessary to fulfil the purpose for which it is processed.
You can contact us at the address mentioned below for more details concerning the exact period of time for which we retain your personal data.
Confidentiality and security of personal data
We take all technical and organisational measures in order to ensure that your personal data is processed securely. Security measures include using various tools, training our staff and following internal processes in order to ensure the company conforms to the provisions of the relevant laws.
The aim is to avoid any unauthorised access to, provision of or deletion of personal data, in accordance with the provisions of the General Data Protection Regulations no.2016/679 of 27 April 2016.
Transfert of personal data outside of the EU
As a general rule, we will only process your personal data inside the European Union. However, should any data be transferred outside the EU, we undertake to ensure a level of protection that meets the requirements of the Regulations.
We may for example sign standard contractual clauses with organisations outside the EU to whom we transfer personal data.
Exercising your rights
In accordance with data protection regulations, you have the following rights over your personal data, depending on the processing involved: access, correction, deletion, limitation, export and objection, and to stipulate at a later date how you want your data processed.
You can exercise your rights via email or by letter, by contacting our Data Protection Officer as set out above, telling us the nature of your request and providing a copy of a document that proves your identity.
If you believe that your rights have not been respected in relation to the processing of your personal data, you are free to make a complaint to CNIL (French data protection authority) or any other competent European data protection authority.