1. Data Controller
abbelight, a simplified joint-stock company
RCS n° 819252701
Head Office: abbelight, 191 Avenue Aristide Briand, 94230 Cachan – France
(hereinafter: « Us » or “we”)
2. What personal data do we collect?
The wording “personal data” refers to any data that enables a person to be identified.
The personal data we collect from you includes:
- Information that are including in all our queries including : name, surname, email address, professional phone number, company name, organization role.
- Information on how you use the site, using cookies and page tagging techniques.
Mandatory data are indicated when you provide us with your data. They are necessary to provide you with our services.
3. Why we need it
Your personal data are processed to meet one or several of the following purposes:
- To provide you with our services/products
- To constitute a record of customers and prospects
- To answer your requests
- To send newsletters, requests and promotional advertisements
- To build up our statistics
- To improve our products/services and develop new products/services
- To respect our legal and regulatory requirements.
4. How this data are used?
abbelight will not:
- share, sell or rent your data to a third parties;
- share your data with third parties for marketing purposes
we will share your information only if it required by law or by court order.
5. What is the legal basis for the processing?
- The performance of the contract you or your employer have entered into with us
- Our legitimate interest in developing and promoting our business
- To comply with our legal and regulatory obligations
6. With whom do we share your data ?
- Our team
- Our processors: IT hosting, CRM tools
- If applicable: monitoring services (i.e. auditors), public authorities, exclusively to comply with our legal obligations, court officials, ministerial officers and other authorities in charge of debt collection.This transfer is secured by the following safeguards:
|Data collected in order to provide our services/products, to follow up with customers and to prospect to current customers.||Retention throughout the duration of the commercial relationship and 3 years beyond|
|Data collected for prospecting purposes||3 years from data collection or from the last contact with the prospect|
|Data required for evidentiary purposes||Retention throughout the duration of the statutory limitation period (generally 5 years, 10 years for CE marking requirements)|
|When you exercise your rights||– If we ask for a proof of identity: we only retain it pending the verification of your identity.
– If you exercise your right of opposition to receive prospection: we retain this information during a 3-year period.
8. Are your data likely to be transferred outside the European Union?
Your data are hosted by the servers of the Microsoft Corporation.
They may be transferred outside the European Union while managing our tools and our relationships with our processors (see “With whom do we share your data?”).
- Either these data are transferred to a country that has been deemed to offer an adequate level of protection by a decision of the European Commission;
- Or we have entered into a specific contract with our subcontractors related to the transfer of your data outside the European Union, based on standard contractual clauses between a data controller and a data processor approved by the European Commission.
Cookies are files under text format, generally encrypted, and stored in your web browser. They are created when a user’s browser upload a website: the website send information to the browser, which creates a file under text format. Each time the user comes back on the same website, the browser retrieves such a file and send it to the server on which the website is hosted.
We may distinguish between three types of cookies, depending on their purposes:
- Technical cookies are used all along your website experience in order to improve and execute some functions. For instance, a technical cookie may save answers to a form or the preferences of a user with regard to language or website layouts, if such options are available. These are stored in your web browser for six months.
- Statistical cookies: We are using Google Analytics (or any similar software), as audience measurement analytical tool. This cookie allows us to measure the number of visits on our Website, the number of pages hit and the visitors’ activities. Your IP address is also collected in order for us to solely determine the city from which you are connected.
We hereby remind you, to all intents and purposes, that you may object to the storage of cookies by directly configuring your browser, being stated that, those operations might affect your browsing experience and compromise the proper operations of the Website.
10. What rights do you have over your data?
In compliance with the GDPR in their last version, you are reminded that you are entitled to request for exercising your legitimate Personal Data subject’s rights, including:
- Right of access: you have the right to obtain confirmation whether or not your personal data is being processed and, where applicable, precise information about the processing of your data. You also have the right to request a copy of the information held about you.
- Right of rectification: you have the right to ask us to rectify or complete all or part of the incorrect or incomplete information held about you.
- Right to erasure (“right to be forgotten”): you have the right to ask us to delete from our systems all information held about you.
- Right to restriction of processing: you can ask us to restrict the processing of your data. This means that your data can, except for storage, only be processed with your consent. They are then said to be locked.
- Right to data portability: you can request to retrieve your information in a structured, commonly used and machine-readable format and to transfer it to other data controllers.
- Right to object: you can object to the processing of personal data concerning you.
You also have the right to lodge a complaint with the Data Protection Authority of the Member State of the European Union of your habitual residence, your place of work or the place of the alleged infringement if you believe that your personal data is not processed in accordance with the GDPR.
You can exercise these rights by writing us using the contact details below. We may ask you on this occasion to provide us with additional information or documents to prove your identity.
11. Contact information for data privacy matters
Contact email: firstname.lastname@example.org
Entry into force: 02/02/2021