Personal data protection charter

Absiskey (SAS) is concerned about the protection of the privacy and data of its contacts and customers (users of its websites, including the Project netboard platform, contacts established within the framework of professional meetings, missions, partnerships, applications, etc.).

Absiskey respects the rules of French law applicable to the protection of personal data, as well as the European General Regulation on the Protection of Personal Data No. 2016/679 of 27 April 2016 (known as “RGPD / GDPR”).

The purpose of this Privacy Policy is to inform data subjects (“you”) in a clear and simple manner about how Absiskey, in its capacity as data controller, collects and uses personal data about you and how you can control such use and exercise your rights in relation thereto.

1- How are your personal data collected?

Absiskey may collect your personal data in the context of professional meetings, files, partnerships, applications, your visit to its premises, your visits to its websites and your use of its online services.

Declarative personal data are those that you provide via forms, whether they are dematerialized on websites, in paper format or in response to questions asked to you by employees of the company.

Absiskey takes into account the principles of data minimisation, “data protection from the design stage and data protection by default” (Article 25 of the GDR). Consequently, relevant, adequate and limited information is collected which is necessary for the purposes for which it is processed.

Mandatory declarative personal data are marked with an asterisk (*). You are free to provide or not all or part of your personal data. However, such a decision could result in limiting your access to certain services or features offered by its websites.

Your personal data are processed by Absiskey under the following conditions:

you have given free, specific, informed and unequivocal consent to the processing of your personal data (e.g. registration for an event, etc.)
it is necessary for the execution of a contract or pre-contractual measures taken at your request (e.g. application, mission…) ;
for compliance with Absiskey’s legal or regulatory obligations;
where Absiskey’s legitimate interests may be such as to justify processing
(e.g. computer security measures).
Information in accordance with the applicable law is provided in each case.

Your personal data is collected for specific, explicit and legitimate purposes and may be used for:

to dialogue with you within the framework of files, missions, partnerships, etc.
Participate in satisfaction surveys, analyses and statistics in order to improve our products and services as well as the knowledge of our customers and prospects;
request, obtain or receive information about Absiskey or any of its entities or affiliates, or the products and services offered by them;
subscribe and receive thematic information (documentation, invitations, activity reports, etc.);
process your application for a job.
Absiskey may also use your personal data for administrative purposes or for any other purpose required by applicable law.

2. Customer relationship management (CRM) databases

Absiskey uses customer relationship management (CRM) databases to manage and track its marketing efforts. These GRC databases include personal data relating to members or collaborators of our customers, suppliers, partners or other interlocutors with whom we have a business relationship or with whom we wish to develop a professional relationship.

Personal data used for these purposes include business information necessary for the development of a business relationship such as: contact data (e.g. surnames, first names, business contact details), publicly available information (e.g. Board of Directors, published articles, press releases, public messages published for business purposes, on social networks), and replies to targeted e-mails.

3. We may use cookies

Our cookies improve access to our sites and identify regular visitors. In addition, our cookies enhance the user experience by tracking and targeting their interests. However, this use of cookies is in no way linked to personally identifiable information on our sites.

Definition: Cookies are small data files that a website sends to your computer’s browser, phone or other device while you are browsing it. In particular, they allow you to remember your preferences from one page to another and possibly improve the user experience. The cookies used may be configured by our website or by a third party site.

These cookies can be “session” or “persistent” cookies: a session cookie is a cookie that is automatically deleted when the user closes his browser, while a persistent cookie is a cookie that remains stored in the user’s terminal until a defined expiration date. The cookies used on the Absiskey website have a maximum lifetime of 365 days.

4. Confidentiality of your personal data

Your personal data being confidential, only persons duly authorised by Absiskey may access your personal data, without prejudice to their possible transmission to the bodies in charge of a control or inspection mission in accordance with the applicable regulations.

All persons who have access to your personal data are bound by an obligation of confidentiality. These persons include all authorised personnel within the company and its affiliates.

Our service providers may also be required to process personal data strictly necessary for the performance of the services we entrust to them (mission, electronic and postal distribution, logistics, etc.).

5. Security of personal data

Absiskey takes care to protect and secure your personal data in order to ensure their confidentiality and prevent them from being distorted, damaged, destroyed or disclosed to unauthorized third parties.

Absiskey puts in place technical and organisational measures to ensure that personal data are kept securely for the duration necessary for the exercise of the purposes pursued in accordance with applicable law.

Although these measures are taken to protect your personal data, Absiskey draws your attention to the fact that no transmission or storage technology is totally infallible.

When disclosure of data to third parties is necessary and authorised, Absiskey ensures that these third parties guarantee the same level of protection for the data concerned as that offered by Absiskey, and requires contractual guarantees so that, in particular, the data are processed exclusively for the purposes you have previously accepted, with the required confidentiality and security.

In accordance with applicable European regulations, in the event of a proven breach of Personal Data likely to create a high risk for the rights and freedoms of the persons concerned, Absiskey undertakes to communicate this breach to the competent supervisory authority and, where required by this regulation, to the persons concerned (individually or generally as the case may be).

Without prejudice to the above, it is your responsibility to exercise caution to prevent unauthorized access to your personal data and terminals (computer, smartphone, tablet,…).

In addition, Absiskey’s websites may provide links to third party websites that may be of interest to you. Absiskey has no control over the content of such third party sites or the privacy practices of such third parties that they may collect. Consequently, Absiskey declines any responsibility concerning the processing by these third parties of your Personal Data, not subject to the present Charter. It is your responsibility to inform yourself about the personal data protection policies of these third parties.

6. Retention period for personal data

Absiskey keeps your personal data for as long as necessary, subject to the obligation to keep certain data and/or to anonymisation.

We apply the following retention periods for these few broad categories of personal data:

Personal data of customers, prospects, or business partners: as long as the user is active and, at the latest, 5 years after the last contact with the latter ;
Personal login data: 1 year after last login;
Personal data of candidates (recruitment): time needed to process the application and, in case of a negative outcome, 3 years after the last contact (unless the candidate agrees for a longer period).

7. Your Rights

In accordance with applicable law, you have the right to know whether we hold personal data about you. You have the right to access, modify, correct or delete your personal data at any time. You may also object to the processing of such personal data.

No sensitive personal data is collected, i.e. no data concerning sexual preferences, religious beliefs, ethnic group, political affinities, or membership of a community or trade union.

You can exercise your right to refuse to receive our marketing communications by checking certain boxes on the forms we use to collect your personal data, or by using unsubscribe mechanisms in emails we may send you.

You can also exercise the right to stop marketing communications, and you also have the right to request, subject to your possible contractual obligations, the deletion of your data in particular in our customer relationship management databases (CRM/CRM) at any time by using our “Contact” form.

If despite Absiskey’s efforts to preserve the confidentiality of your personal data, you feel that your rights are not respected, you have the right to lodge a complaint with a supervisory authority.

8. How to exercise your rights

For any question relating to the present Charter and/or to exercise your rights as described above, you may contact the data protection officer (DPO),  electronically or by post, by sending a letter accompanied by a copy of any identity document to :

Xavier FABRE, Digital Director

Data protection officer (DPO)

41 bis, rue Dupetit Thouars, 49000 ANGERS (France)

Email: rgpd@absiskey.com

Absiskey undertakes to reply as soon as possible, and in any event within one month of receipt of your request.

How to address a complaint to the CNIL and under what conditions?

https://www.cnil.fr/fr/cnil-direct/question/844

9. Applicable law and competent court

This Charter is subject to French law. In the event of a dispute and in the event that an amicable agreement cannot be reached, the competent courts shall be those of the Angers Court of Appeal.