PREAMBLE
This Privacy Policy is for you, as a user of the WEBSITE www.myrungis.com (hereinafter the “SITE”) and aims to inform you of how your personal information may be collected and processed by SEMMARIS.
The company of mixed economy for the development and management of the market of national interest of the Paris area, a public limited company with a capital of €14,696,158, registered with the RCS of Créteil under the number B 662 012 491, whose registered office is located at Rungis Marché International, 1 rue de la Tour – 94152 RUNGIS CEDEX, publishes and operates the SITE accessible at www.myrungis.com (hereinafter “SEMMARIS” or “Us”).
The protection of people and data is a priority for SEMMARIS. The purpose of this Privacy Policy is to present the content of the personal data processing implemented on the SITE.
SEMMARIS undertakes in any event to respect the following two (2) essential principles:
– You remain in control of your personal data;
– Your data is processed transparently, confidentially and securely.
The processing of personal data is governed:
– by Act No. 78-17 of 6 January 1978 relating to data processing, files and freedoms (hereinafter the “French Data Protection Act”);
– From 25 May 2018: by the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter “GDPR”).
ARTICLE 1. DEFINITIONS
DATA CONTROLLER: means the entity that, alone or jointly with another entity, determines the means and purpose of the personal data processing.
SITE: refers to the website accessible at www.myrungis.com; the SITE includes all web pages, services and features that are offered to you as a USER.
SUBCONTRACTOR: means the person processing the personal data on behalf of the DATA CONTROLLER, who acts under the authority of the DATA CONTROLLER and on the instructions of the DATA CONTROLLER. This is in accordance with Article 28 of the GDPR.
USER: means anyone who accesses and browses the SITE as an Internet user.
ARTICLE 2. CNIL AND GDPR FORMALITIES
The processing of your personal data is subject to the filing of processing forms which are recorded in the SEMMARIS processing log.
ARTICLE 3. PROCESSING PURPOSES
Your various data may be collected by SEMMARIS to ensure:
– The proper functioning and continuous improvement of the SITE, its services and its features;
– The sending of newsletters and other information to USERS who have requested these;
These purposes are detailed in Articles 4, 5 and 6 of this Privacy Policy.
SEMMARIS will also be authorised to use this data for the purpose of fulfilling a legal or regulatory obligation.
In any case, and for each defined purpose, SEMMARIS will engage all means in their possession to ensure the security and confidentiality of the personal data entrusted to them, in compliance with the laws and regulations in effect.
ARTICLE 4. SITE ACCESS, INTERMEDIATION AND SERVICE PROVISION
4.1. Identity of the data controller
In the context of the provision of the SITE, SEMMARIS must be considered as the data controller.
For more information:
If you have any questions about the management and use of your personal data, you can contact us:
Either by email, at privacy@semmaris.fr
Or by letter, sent to SEMMARIS – 1 rue de la Tour 94152 Rungis Cedex
Legal reminder: THE DATA CONTROLLER is, within the meaning of the French Data Protection Act, the person who determines the purposes and means of the data processing. When two or more controllers jointly determine the purposes and means of the data processing, they are joint (or co-responsible) data controllers.
4.2. The collection and processing of personal data
In the context of the operation of the SITE, SEMMARIS may collect personal data relating to the USERS of the SITE. These data are processed in accordance with the intended purposes of the collection.
In particular, SEMMARIS may collect personal data:
– During your visit to the SITE;
– When you request contact with SEMMARIS via our online forms.
In addition, data relating to your navigation of the SITE can also be used to target your needs and interests and target our commercial and advertising offers.
Regardless of the method of collection, SEMMARIS undertakes to inform you of the purposes of the processing, the mandatory or optional nature of the responses to be provided, the possible consequences, with respect to them, of a lack of response, of the recipients of the data, the existence and manner of exercise of rights on access, rectification, portability and opposition to the processing of their data.
When necessary, under the French Data Protection Act, SEMMARIS undertakes, depending on the case, to collect your consent and/or to allow you to oppose the use of your data for certain purposes.
More detail & legal basis
In any case, SEMMARIS undertakes to process all the data collected in accordance with amended Act No. 78-17 of 6 January 1978, which defines PERSONAL DATA as being: “Any information relating to a natural person who is identified, or who can be identified, directly or indirectly, by reference to an identification number or to one or more data elements. In order to determine whether a person is identifiable, all the means that the data controller or any other person uses or may have access to should be taken into consideration.”
You will find more details on the management of cookies allowing us to achieve this purpose in our Cookies Charter.
4.3. Consent
As a data controller, SEMMARIS must obtain the consent of the SITE USERS to collect and process their personal data.
In accordance with the provisions in effect, the consent of the USER must be freely given, for each purpose designated, in an informed and unequivocal manner. It is given by declaration or by a positive action, evidencing the agreement of the USER for the processing of personal data.
In this case, any USER whose data are collected for the purposes mentioned above has:
– Given consent when filling in a form;
– Or accepted the cookie management charter through the corresponding cookie banner
For more information:
Data about your SITE navigation can also be used to target your needs and interests and target our commercial and advertising offers.
In any case, you are informed of the purposes for which your data are collected by us via the various online data collection forms, your customer account or even via our cookie management charter.
Where necessary, SEMMARIS undertakes, as the case may be, to collect your consent and/or to allow you to oppose the use of your data for certain purposes, for example, the possibility of sending you commercial prospecting or placing third-party cookies on your devices (mobile phone, computer, tablet) for the purposes of audience measurement of our site and our application and to make you commercial offers and offer targeted advertising depending on your areas of interest.
ARTICLE 5. DATA RECIPIENTS
Only the persons mentioned below will be able to access the USERS’ data:
– The authorised staff of the various departments at SEMMARIS (authorised staff of the marketing, commercial, administrative, logistic and IT departments, responsible for handling customer relations and prospecting and in charge of inspections)
– The companies in charge of the management of the SITE;
– The authorised staff of our subcontractors (if subcontractor’s used);
– Where applicable, the courts concerned, mediators, accountants, auditors, lawyers, bailiffs, debt collection companies,
– Third parties likely to place cookies on your devices (computers, tablets, mobile phones…) when you consent (for more details, see our Cookies Charter).
Your data is not communicated, exchanged, sold or rented to anyone other than those mentioned above.
ARTICLE 6. DATA RETENTION PERIOD
SEMMARIS undertakes to store the collected data in a form allowing for your identification for a period that does not exceed the duration required for the purposes for which these data are collected and processed.
However, data processing is possible on proof of a right or contract. These data may also be retained for the purpose of complying with legal obligations or stored in files in accordance with applicable regulations and laws.
Regarding the cookies referred to in Article 10 of this Privacy Policy, it is stated that the information stored in your device (e.g. cookies) or any other element used to identify you for the purposes of audience statistics are not retained beyond a period of six (6) months. Beyond this time, the raw traffic data associated with an identifier are either deleted or anonymised.
Finally, to ensure the smooth operation and continuous improvement of the SITE and its functionalities, the raw traffic data associated with an identifier are kept for a period of thirteen (13) months. Beyond this period, they are deleted or anonymised.
For more information
For audience and statistics measurements – 24 months, then your data is deleted or anonymised
To ensure the smooth operation and continuous improvement of our site – 24 months, then your data is deleted or anonymised. [PB1]
ARTICLE 7. YOUR RIGHTS
In accordance with the Data Protection Act and the GDPR, you have the following rights:
Right of access (article 15 GDPR), rectification (article 16 GDPR), updating, completeness of your data (find out more)
Right to block or delete your personal data (article 17 GDPR), when they are inaccurate, incomplete, equivocal, out of date, or whose collection, use, disclosure or storage is forbidden (find out more)
Right to withdraw your consent at any time (article 13-2c GDPR)
Right to limit the processing of your data (article 18 GDPR)
Right to oppose the processing of your data (article 21 GDPR) (find out more)
Right to portability of the data you have provided to us, when your data is subject to automated processing based on your consent or on a contract (article 20 GDPR)
Right to define the fate of your data following your death and to choose that we communicate (or not) your data to a third party that you have designated in advance (find out more).
In the event of death and in the absence of any instructions from you, we undertake to destroy your data, except where it is necessary to keep it for probative purposes or to fulfil a legal obligation.
These rights can be exercised, by simple request by email to the address privacy@semmaris.fr or by letter to SEMMARIS – 1 rue de la Tour 94152 Rungis Cedex, indicating contact details (name, first name, address) and of a legitimate reason where required by law (especially in case of opposition to processing).
In cases of sending copies of ID documents to prove your identity, we will keep these for one (1) year or three (3) years when this communication is done within the framework of exercising a right of opposition.
To find out more about your rights, you can also consult the CNIL (French Data protection Authority), site at the following address: https://www.cnil.fr/en.
ARTICLE 8. USAGE DATA AND COOKIES
SEMMARIS makes use on its SITE of usage data (date, time, IP address, protocol of the visitor’s computer, page consulted) and cookies (small files saved on your computer) allowing us to identify you, to save your visits, and benefit from measurements and audience statistics of the SITE, in particular relating to the pages viewed.
By browsing the SITE, you agree that SEMMARIS may install “technical” cookies that have the sole purpose of enabling or facilitating the electronic communication of your device with our site, by facilitating the site management and navigation.
Our access to the information stored in your device or the saving of information on it will therefore be done only in the following cases:
– To allow or facilitate electronic communication;
– When necessary to provide our online communication service at your express request.
You can, as for other data, exercise your right of access to this usage data by sending a request by email to the address privacy@semmaris.fr or to the postal address SEMMARIS – 1 rue de la Tour 94152 Rungis Cedex.
If the browser allows it, you can disable these cookies at any time, following the procedure indicated by the browser. However, SEMMARIS informs you that such deactivation may have the effect of slowing down and/or disrupting access to the SITE.
In addition, SEMMARIS informs you that it uses the services of Google Analytics to measure SITE traffic. You can refuse your navigation of the SITE being tracked via the Google Analytics tool by downloading and installing Google Analytics Opt-out Browser addon for your current browser at the following address: https://tools.google.com/dlpage/gaoptout?hl=en-GB.
In any case, the information stored in your terminal (e.g. cookies) or any other element used to identify you for purposes of audience statistics are not retained beyond a period of thirteen (13) months . Beyond this time, the raw traffic data associated with an identifier are either deleted or anonymised.
To find out the nature of the cookies and other trackers implemented on the SITE, the USER is invited to consult the Cookies Charter, provided for this purpose and accessible on the SITE.
To find out more about cookies (how to manage, delete, identify them), you can consult the CNIL WEBSITE: http://www.cnil.fr/vos-droits/vos-traces/les-cookies/#c5554
ARTICLE 9. DATA PROTECTION OFFICER CONTACT INFORMATION
Our Data Protection Officer is here to answer all your requests, including the exercise of rights, relating to your personal data.
You can reach them by email at privacy@semmaris.fr or at the postal address SEMMARIS – 1 rue de la Tour 94152 Rungis Cedex.
ARTICLE 10. SECURITY
SEMMARIS and any of its potential subcontractors undertake to implement all technical and organisational measures to ensure the security of our personal data processing and the confidentiality of your data, in application of the French Data Protection Act and the European Data Protection Regulation (GDPR) and Act No. 2018-133 of 26 February 2018 “on various provisions for adaptation to European Union law in the field of security”.
As such, SEMMARIS takes the necessary precautions, with regard to the nature of your data and the risks presented by our processing, to preserve the security of data and, in particular, to prevent them from being distorted, damaged, or that third parties gain unauthorised access (physical protection of premises, authentication of our customers with personal and secure access via confidential identifiers and passwords, connection logging, encryption of certain data, etc.).
ARTICLE 11. TRANSFERS OUTSIDE EU
SEMMARIS undertakes not to transfer data from USERS outside of the European Union.
In the event that SEMMARIS should do so, it will inform the USERS indicating the measures taken to control this transfer and ensure the respect of the confidentiality of their data.