SMLB NEXT > CONFIDENTIALITY AND DATA PROTECTION POLICY

CONFIDENTIALITY
AND DATA PROTECTION POLICY

Preamble

As part of its business and as a data controller, SMLB-NEXT.com may need to process personal data for its internal requirements.

This processing complies with the French Data Protection Act and the General Data Protection Regulation (GDPR). The GDPR aims to respect the fundamental freedom and rights of natural persons in particular, by protecting personal data that they provide, thus helping to create an area of freedom, security and justice, an economic union, economic and social progress and the consolidation and convergence of economies in an internal market, as well as contributing to the well-being of individuals. It encompasses very strict requirements on the data protection of natural persons, which are necessary to guarantee lawfulness and transparency of business operators, and give natural persons in all member states the same level of enforceable rights, and the same obligations and responsibilities for data controllers and processors.

SMLB-NEXT.com is committed to an ongoing process of personal data protection and security, notably:

Our policy

The purpose of this policy is to inform you how SMLB-NEXT.com protects data, especially personal data, processed through the online services on the https://www.SMLB-NEXT.com website

The Confidentiality Policy implemented by SMLB-NEXT.com is governed by the conditions set out below.

Definitions

• Personal data
All information relating to an identified or identifiable natural person; a natural person who can be identified, directly or indirectly is deemed to be an identified or identifiable natural person.

• Processing of personal data:
Any operation, or group of operations, involving personal data, regardless of the process used.

• Data protection officer (DPO):
The data protection officer’s (DPO) role is to ensure data protection complies with the regulations, to independently monitor the legal and IT security of his/her organisation and to ensure compliance with regulatory obligations for data protection.

• Cookie:
A cookie is a piece of information placed on the hard drive of an Internet user by the server of the site that he/she is visiting. It contains several pieces of data: the name of the server that placed it, an ID in the form of a unique number and possibly an expiry date. This information is sometimes stored on the computer in a simple text file that a server accesses to read and save information

Collection and origin of data

Data concerning users of SMLB-NEXT.com solutions are collected from the persons concerned in relation with:
– their first contact with SMLB-NEXT.com;
– registering on the platform;
– using SMLB-NEXT.com solutions;

Purpose of processing data and types of data processed

Data collected are:

Some personal data are necessary to provide the services offered by SMLB-NEXT.com

The purposes are the following:

• Optimising website browsing
• Registering, signing in and using the SMLB-NEXT.com platform
• Preparing statistics and monitoring compliance with data protection regulations.

Data collected are:

• Contact details (last name, first name, post, email address, telephone number);
• Cookies (signing in and consultation data, IP addresses, logs, tracers).

Non-communication of personal data

Personal data collected are for the exclusive use of:
Personnel authorised by SMLB-NEXT.com to ensure its services function correctly.
SMLB-NEXT.com checks that only authorised persons can access personal data of the people concerned and only when necessary for carrying out their assignment.
Users’ personal data are not transmitted, hired or sold to any commercial or advertising organisations.
Whenever SMLB-NEXT.com uses subcontractors (service providers for storage or electronic signatures), data is processed in full compliance with the above principle, and only in order to achieve the purpose of this policy.
On principle, SMLB-NEXT.com undertakes to select subcontractors that meet the highest quality and security criteria, and can provide sufficient guarantee, in terms of reliability, security and resources, for implementing technical and organisational measures.

Location where data is stored

The host servers where SMLB-NEXT.com process and store data are all exclusively located on French soil.
Moreover, SMLB-NEXT.com undertakes not to transfer data outside the European Union.

Duration of data storage

Data is only kept for as long as necessary to achieve particular purposes:
– As a data processor: the duration that data is kept by SMLB-NEXT.com is decided by the applicable prescriptive regulations. The storage time is determined by the regulations currently in force.

– As a data controller, users’ data for the use of the SMLB-NEXT.com platform are kept for a year. Contact data is kept for the duration of the contractual relationship;

Contact, right to access, rectify and object

Any questions concerning SMLB-NEXT.com’s Confidentiality/Privacy Policy can be sent:

• By email to info@smlb-next.com

• By contact form on the www.SMLB-NEXT.com website

• By post to: SMLB-NEXT.com
15, avenue des Indes, Ferme de Courtaboeuf, 91940 Les Ulis, France

Persons concerned have the following rights:
– the right to information;
– the right to access;
– the right to rectify;
– the right to erasure or the right to be forgotten;
– the right to portability;
– the right to object;
– the right to limit processing;
– the right to ask questions;
– the right to give instructions relating to keeping, erasing and communicating personal data after their death

When signed into the SMLB-NEXT.com solutions, users can also change the data themselves by updating their profiles.

Users can unsubscribe from our publications and alerts through the unsubscribe links in all our emails.

Finally, these rights can be exercised by writing to us:

• By email at info@smlb-next.com

• By contact form on the www.SMLB-NEXT.com website

• By post to: SMLB-NEXT.com
15, avenue des Indes, Ferme de Courtaboeuf, 91940 Les Ulis, France

When you request to exercise these rights, you may be asked for proof of identity.

Persons concerned can also appeal to supervisory authority, the CNIL.