GIREVE, in its function as the data controller, collects and processes personal data relating to its partners, customers, and prospects, employees, suppliers, and users of its website.
To build long-lasting relationships of trust with these users, GIREVE has put in place the technical and organizational means necessary to protect the personal data it processes.
The purpose of this policy is to present the commitments made by GIREVE in terms of personal data protection.
GIREVE is committed to the following principles in the collection and use of personal data.
Personal data are collected within the framework of its economic activities by GIREVE. This collection is only carried out for specific, explicit, and legitimate purposes.
The collection of personal data within GIREVE has the following purposes:
These data cannot be used subsequently in a way that is incompatible with these purposes.
For each processing, GIREVE undertakes to collect and process only data that is strictly necessary for the purpose.
In the interest of fairness and transparency regarding its members, partners, suppliers, and service providers, GIREVE informs the persons concerned of each processing operation that it implements using appropriate information. This information is communicated to the persons concerned but can also be obtained from this address: firstname.lastname@example.org
Data is collected fairly; no collection is made without the knowledge of the persons concerned.
GIREVE is also available at the following address to provide any necessary clarification about its personal data protection policy: email@example.com.
The personal data collected is strictly necessary for processing. GIREVE strives to minimize the data collected and to keep it accurate and up to date.
The personal data collected is regularly updated and stored by GIREVE in its databases.
GIREVE has adopted internal policies and processes and is committed to implementing measures that respect the principles of privacy by design and by default.
Thus, when developing, designing, selecting, and using applications, services, and products that rely on the processing of personal data, GIREVE considers the right to the protection of personal data.
If GIREVE uses applications, services, or products provided by third parties, GIREVE ensures with their publishers that they meet the legal requirements and ensure the protection of the data processed.
GIREVE can use encryption techniques for personal data whenever possible or necessary.
GIREVE respects the legal provisions regarding the protection of personal data, in particular the General Data Protection Regulation (GDPR). To guarantee the highest level of protection, GIREVE has appointed a Data Protection Officer.
GIREVE, as the data controller, implements within the framework of this website the processing of personal data relating to users for the following purposes:
The legal basis for the data processing is:
Les données collectées sont indispensables aux traitements et seulement destinées au service en charge des relations clients et de la communication de GIREVE, le cas échéant, aux sous-traitants de GIREVE.
The duration of data retention is set at 3 years starting from the last contact with the users.
Any user concerned by the processing has the right to query, access, rectify, delete data, limit the processing, a right to data portability, as well as a right of opposition.
When the data processing that we implement is based on the user’s consent, the user can withdraw it at any time. We will then stop processing his or her personal data without affecting the previous operations for which he or she had consented.
Also, every user concerned has the right to formulate specific and general directives concerning the retention, deletion, and communication of his or her data post-mortem.
The person concerned can exercise these rights by sending an e-mail to the following address: GIREVE, 108-110 avenue du général Leclerc, 78220 VIROFLAY, or by sending an e-mail to firstname.lastname@example.org.
The user may also file a complaint with the “Commission Nationale de l’Informatique et des Libertés”.
The user of this site is required to respect the provisions of the law n°78-17 regarding data processing, files, and freedoms of January 6, 1978, modified, the violation of which is liable to penal sanctions. In particular, he must refrain from any collection, any misuse, and, in general, any act likely to affect the privacy or reputation of persons.
GIREVE attaches particular importance to the security of personal data.
It implements technical and organizational measures adapted to the degree of sensitivity of the personal data, to ensure the integrity and confidentiality of the data and to protect them against any malicious intrusion, loss, alteration, or disclosure to unauthorized third parties.
GIREVE conducts regular audits to verify the proper operational application of data security rules.
Thus, GIREVE commits to take the physical, technical, and organizational security measures necessary to:
Nevertheless, the security and confidentiality of personal data rely on the good practices of each individual, and the person concerned is invited to remain vigilant on issues that may involve the use of his or her personal data.
Following its commitments, GIREVE chooses its subcontractors and service providers with care and requires them in particular:
Thus, GIREVE commits to conclude contracts with its subcontractors that comply with the obligations imposed by the regulations and that precisely define the conditions and modalities of the processing of personal data.