RGPD law
Introduction to the RGPD
The General Data Protection Regulation RGPD is the legal framework for the processing of personal data in Europe, as of May 25, 2018. Unlike Directive 95/46/EC, which previously governed such processing, the RGPD is directly applicable in the Union and does not require national transpositions. As such, it will promote the harmonization of legal regimes for the protection of personal data in Europe. Better still, the RGPD has a principle of extraterritoriality that allows, in certain circumstances, its scope of application to be extended outside European borders. As a company processing personal data, Domaine Singla is subject to the provisions of the RGPD. Domaine Singla has distinct obligations: in its capacity as processor or data controller.
Definitions
Understanding the real and precise implications of a European regulation is not always easy. Especially when it contains 99 articles, 173 recitals and numerous guidelines to clarify its interpretation. But it's essential if you are to avoid any risks arising from an overly broad or imprecise interpretation of the regulatory obligations incumbent on your organization.
A good understanding of the terms defined below is therefore essential:
- Personal data: any information relating to an identified or identifiable natural person.
An identifiable natural person is one who can be identified, directly or indirectly.
- Processing: any operation or set of operations, whether or not carried out using automated processes.
Applied to personal data or data sets (collection, recording, transmission, storage, keeping, extraction, consultation, use, interconnection, etc.).
- Controller: the natural or legal person, public authority, department or other body which, alone or jointly with others, determines the purposes and means of processing.
- Sub-processor: the natural or legal person, public authority, department or other body that processes personal data on behalf of the controller.
Domaine Singla's commitments as a service provider and subcontractor
As a service provider and subcontractor, Domaine Singla undertakes in particular to implement the following actions:
- Not to transfer your data outside the EU or outside countries recognized by the European Commission as having an adequate level of protection.
Provided you do not select a Datacenter in a non-EU geographical area.
- Inform you of any subcontractors that may process your personal data.
To date, no services involving access to stored content have been subcontracted outside the Domaine Singla company.
- To implement high security standards in order to provide a high level of security for our services.
- Notify you as soon as possible in the event of a data breach.
- Assist you in meeting your regulatory obligations by providing adequate documentation of our services.
Domaine Singla as data controller
Domaine Singla qualifies as a "data controller" when it determines the purposes and means of "its" processing of personal data. This is typically the case when Domaine Singla collects data for the purposes of invoicing, managing collections and improving service quality. As well as for performance, canvassing, sales management, etc.
In short, "your" data and any information concerning you or your employees (identity and contact details of the person to be contacted via Domaine Singla in the case of a technical support request, for example) may be involved in data processing. But also when Domaine Singla processes the personal data of its own employees.
That's why Domaine Singla would like to give you a better understanding of the guarantees implemented to ensure the protection of your personal data.
-Limit data collection to what is strictly necessary.
As part of this approach, when you order a service, you only provide the necessary information.
So that Domaine Singla can provide billing services.
But also to provide support or to meet its own legal obligations in terms of data retention (in particular on the basis of law no. 2004-575 of June 21, 2004 for confidence in the digital economy.
- Not to use the data collected for purposes other than those for which it was collected.
- Keep personal data for a limited and proportionate period.
For example, data processed for the purposes of managing the relationship between the customer and Domaine Singla (surname, first name, postal address, e-mail, etc.) are kept by the company for the duration of the contract and the following thirty-six (36) months.
At the end of this period, they are deleted on all media and backups.
- Not to transfer this data to third parties other than Domaine Singla's affiliates involved in the execution of the contract.
- Implement appropriate technical and organizational measures to guarantee a high level of security.
Why do we collect your personal data?
We collect and use your personal data in a way that is adequate, relevant and limited to what is necessary for the main purposes listed below and in accordance with the regulations in force:
- To enable the performance of your contracts or pre-contractual measures taken at your request.
-To study specific needs in order to offer suitable contracts and services in the exercise of our duty to sell and advise.
Contract management from pre-contract to termination, including electronic signature and payment operations.
- Customer management, notably through loyalty actions, monitoring and improving the quality of customer relations (satisfaction surveys, contract consolidation, telephone records, emails, SMS, communication on social networks, any other communication...), updating customer knowledge, providing personal spaces and accounts on the Internet or mobile (including managing connections, implementing measures to secure your account)... (Marketing)
- Fulfilling contract guarantees.
- Exercising remedies.
- Claims management.
- Litigation management.
- Actuarial studies.
- Conducting research and development activities during the life of the contract.
- To pursue our legitimate interests in commercial canvassing of customers and prospects by carrying out : * operations relating in particular to loyalty actions, tests of new products or new equipment, competitions, the conduct of research and development activities (these are methods of prospecting, loyalty, communication), * operations of solicitation, marketing, business development, advertising, management of people's opinions on products, services or content ... * technical operations to complete and update files (which includes in particular standardization, enrichment and deduplication).
- In order to carry out these commercial prospecting operations which may be of interest to you, we analyse your profile in order to determine your preferences, unless you object.
- To compile sales and usage statistics for our services, sites and applications.
- Institutional and statutory communications, particularly by electronic means.
- Comply with our legal and regulatory obligations: *in the fight against money laundering and the financing of terrorism and asset freezes, *for the detection and identification of escheated contracts, *for the enforcement of tax and social security regulations, or the collection of contributions for various state taxes.
- Your prior consent will be requested when necessary for the processing of your data, in particular for commercial prospecting by electronic means (e-mail, SMS, MMS, etc.).
What personal data do we process?
We collect and process the following data only when strictly necessary for the purposes described above.
- Identification data, contact details, etc.
- Professional details such as company name, field of activity, job title, etc.
- Connection and traceability data: for example, tracking the pages consulted (cookies).
- Data relating to the commercial relationship, such as requests for quotes, correspondence, comments, etc.
Who receives your personal data and where?
Your personal data will only be passed on to those natural or legal persons who are legitimately entitled to process them:
- Authorized collaborators within the limits of their functions and missions.
- Domaine Singla's data processors, their service providers, partners and subcontractors, as well as interested parties and those involved in the contract, such as lawyers, experts, court officers and any other entity or person designated by the regulations.
Where applicable, you will be informed of any transfer of your personal data to a recipient located in a country outside the European Union and of the terms and conditions of such transfer.
What are your rights and how can you exercise them?
We take all necessary steps to enable you to exercise your rights. What are your rights?
- Right of access: You have the right to know what information we have collected and how it has been processed.
- Right of rectification: You have the right to request a modification of your personal information if it appears to be out of date.
- Right to erasure and restriction of data processing: You also have the right to request the deletion or restriction of the use of your data, particularly if it is no longer required.
- Right to data portability: In the event of processing based on the performance of a contract or on consent, you may retrieve the personal data you have provided to us in a structured format or ask us to communicate it to a person designated by you.
- Right to object: You may object to the use of your data for commercial prospecting, including profiling.
Please note that you can also sign up to the telephone marketing opposition list at www.bloctel.gouv.fr.
- You may withdraw your consent to data processing at any time.
- You can define general or specific directives concerning the conservation, deletion and communication of your personal data after your death, which can be registered with a trusted digital third party (the trusted third party must be certified by the CNIL).
These directives may designate a person to carry them out, failing which your heirs will be designated.
- You also have the right to lodge a complaint with the CNIL on the website www.cnil.fr or by post by writing to CNIL 3 place de Fontenoy TSA 80715 - 75334 PARIS CEDEX 07 Your rights may be exercised through the following contacts.
Contact
Domaine Singla has appointed a Data Protection Officer to act as your personal contact regarding the processing of your personal data.
You can exercise your rights and send any requests for information about your personal data by post.
→ Download the form and send it to us with a copy of both sides of your ID to Domaine Singla 52, Rue Arago, 66250 Saint-laurent-de-la-salanque, France.