Our website url : https://www.eurofeedback.com.
1. PURPOSE OF DATA PROCESSING
The purpose of the processing is to manage newsletters and the contact form on the EFB beauté site.
- Purpose of newsletters: the information entered is used as part of communication campaigns on our products and services.
- Purpose of the contact form: The information collected is subject to computer processing intended to best respond to customer requests.
The personal data collected via these forms are available to third parties in order to allow the various services to be able to meet the customer’s needs.
This information cannot in any case be marketed and sold. Any recipient of this data is subject to compliance with the GDPR.
1.2. LEGAL BASIS
Article 6 of the General Data Protection Regulation – GDPR
This data processing is based on the consent of the person filling out the form to accept the processing of their personal data for this purpose.
2. DATA PROCESSED
2.1. CATEGORIES OF DATA PROCESSED
Data processed are:
- first name,
3. PERSONS CONCERNED
Data processing concerns people filling out forms (newsletter and contact) on the EFBbeauté site.
4. RECIPIENTS OF THE DATA
4.1. DATA FROM A RESIDENT OF THE EUROPEAN UNION
- Categories of recipients: EU distributors and IS department, software development department, marketing department of Eurofeedback.
- Data transfer: No data transfer outside the European Union is made.
4.2. DATA COMING FROM A RESIDENT OUTSIDE THE EUROPEAN UNION
- Categories of recipients: Distributors outside the EU
- Data transfer: Data transfers outside the European Union are carried out.
5. DATA CONSERVATION PERIOD
Registration of contact forms on the website database:
- Personal data older than 6 months are deleted from the website database.
- Securing of the room containing the servers: the room is accessible only to people authorized to enter it.
- Securing of the Eurofeedback company: the company is secured by an access control and fire alarm system.
- User access control: Eurofeedback has set up a password and unique identifier system for each employee to secure the opening of his session on the workstations. The central management system requires a password renewal every 60 days. The workstation session is automatically locked after 30 minutes of non-use.
- Software protection measures: A virus and intrusion protection solution is used to secure data on the Eurofeedback network. Updating the virus signature lists is managed automatically by the server to the client workstations every hour. Data contained on the Company’s mobile workstations (laptops) is encrypted.
- Data backup: A backup of the data modified during the day on the main servers is performed each (by copy). A data backup for all servers is performed on weekends to removable media and is referred to as a “weekly backup”. The last backup of the month is referred to as a “monthly backup”
- Retention of backed up data: All backup tapes are kept in the company safe. The penultimate weekly backup tape is stored offsite. The latest Weekly backup tape is present on-site during office hours, and is stored off site outside of office hours. The tapes are kept for a minimum of 1 year.
- Data restoration: The data is restored by the IT Manager from one of the backups of the previous period.
- An IT charter is provided to the employee on their first day of work. This charter describes the rules for using the IT resources made available to it, as well as the rights and duties relating thereto.
- A GDPR procedure has been created to describe the different steps to follow when personal data is processed by Eurofeedback
- A GDPR awareness charter has been created to warn EUROFEEDBACK employees of the importance of complying with the requirements of this regulation.
- Internal audits of each sector within Eurofeedback are planned each year
7. YOUR RIGHTS ON THE DATA CONCERNING YOU
You can access and obtain a copy of the data concerning you, oppose the processing of this data, have them rectified or have them deleted. You also have a right to limit the processing of your data.
Understand your IT rights and freedoms:
7.1. EXERCISE YOUR RIGHTS
The Data Protection Officer (DPO), is your contact for any request to exercise your rights to this processing. You can contact the DPO by electronic means, by post, by telephone at the following coordinates:
- E-mail : firstname.lastname@example.org
- Tel : +33 160 863 545
- Adress : 3 rue de l’Aubrac Z.I la petite montagne sud, LISSES
7.2. COMPLAINT (COMPLAINT) WITH THE CNIL
If you feel, after contacting us, that your rights over your data have not been respected, you can submit a complaint (complaint) to the CNIL via this link: https://www.cnil.fr/fr/webform/adresser-une-plainte