Politique de confidentialité | TEMO France
HOME > DATENSCHUTZ

Datenschutz



 

OUR DATA PRIVACY POLICY

Last update : April 2020
Through this document, the company TEMO SAS (referred to as TEMO or "we") wishes to inform Internet users consulting our websites about the purpose, nature and scope of the processing of personal data concerning them. According to the GDPR General Data Protection Regulation, the person in charge of data processing on our website is the company TEMO, Pôle entreprise, 2 rue Kastler 443000 Nantes. ([email protected]).


Our websites and services are constantly being revised and improved. Corresponding thereto, this Privacy Policy shall regularly be revised and updated. This applies in particular to those procedures used by us to carry out usage analysis, as well as those used to measure the effectiveness of advertising methods and comparable services, in particular those belonging to third parties. The current status of each of these services can be found in the tabulation located at the end of this Privacy Policy statement.



We would also like to note the following as regards to the usage of service providers located outside of the European Union: TEMO is a company that is offered internationally. Thus, it extends not only beyond France, but also beyond the European Union. We operate worldwide and our customers are scattered across this planet. Generally we give priority to European service providers when selecting particular services and service offerings, especially where such providers can deliver the required services at a comparable and competitive price and service level. However, we also wish to be completely transparent. For many of the services that we use there is simply no comparable, acceptable alternative. As a result we therefore employ the use of a range of service providers outside the European Union, in particular from the USA. We take steps to ensure that measures according to European Data Protection law are taken and applied so as to guarantee an adequate level of data protection.


1. Definitions


In this privacy statement of TEMO SAS, the definition of the terms as used by the European legislator (stipulating directives and rules) when enacting the General Data Protection Regulation (GDPR) will apply. Our privacy statement is to be both easy to read and understandable for the public, for our customers and for our business partners alike. To ensure this, we would like to first explain the terminology used:


a) Personal data 

Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.


b) Data subject  

Data subject means any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.


c) Processing 

Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.


d) Limitation of processing 

Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future.


e) Controller or person in charge of processing

Controller or data controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.


f) Processor

Processor" means the natural or legal person, public authority, agency or other body which processes personal data on behalf of the data controller.


g) Recipient

Recipient means a natural or legal person, public authority, agency or another body, to which the personal data is disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.


h) Third parties

Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.


i) Pseudonymisation

Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific user without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.


j) Profiling

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.


k) Consent

Consent of the user means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.


2. Name and address of data controller


The following acts as the controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member States of the European Union and other provisions related to data protection:


TEMO

IMT Atlantique - POLE ENTREPRISES

2 RUE ALFRED KASTLER

44300 NANTES / FRANCE

M: +33(0)6 07 23 31 71

E-Mail: [email protected]

Website: www.temofrance.com


3. Cookies


The TEMO website uses text files (referred to as cookies) which are placed and stored on a computer system via an internet browser.


Cookies are used by numerous websites and servers with many cookies comprising what is referred to as a cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which website pages and servers may be assigned to the specific Internet browser in which the cookie was stored. This allows website pages and servers visited to differentiate the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser may be recognised and identified using the unique cookie ID.


Through the use of cookies, TEMO SAS may provide the users of this website with more user-friendly services that could not be offered without placing cookies. The user of a website that uses cookies, for instance, will not have to enter access data each time the website is accessed because the website does it for him/her, and the cookie is thus stored on the user’s computer system. Another example would be the cookie placed for a shopping cart in an online shop. The items that a customer has placed in the virtual shopping cart in an online shop will be remembered by placement of a cookie.


Legal grounds of data collection:

Art. 6 (1) a) GDPR (consent given by cookie consent banner) alternatively Art. 6 (1) f) GDPR (legitimate interest of controller)


Right to remove privilege:

The data subject may, at any time, prevent the placement of cookies through our website by changing the setting of the Internet browser used accordingly, and the placement of cookies may thus be denied permanently. Furthermore, cookies already set may be deleted at any time via an Internet browser or other software programmes. All commonly used Internet browsers allow this. Where the data subject has disabled the placement of cookies by changing the settings in the Internet browser used accordingly, not all functions of our website may be entirely usable.


4. . Collection of general data and information


The website of TEMO collects a series of general data and information when a data subject or automated system visit the website. This general data and information is stored in the server log files. The following information may be collected :


- browser types and versions used;

-the operating system used by the accessing system;

- the website from which an accessing system reaches our website (what is referred to as “referrer”),

- the sub-sites which are targeted on our website via an accessing system;

- the date and time of access to the website;

- an Internet protocol address (IP address);

- the Internet service provider of the accessing system;

- and any other similar data and information that may be used in the event of attacks on our information technology system.


When using this general data and information, TEMO shall not draw any conclusions about the data subject. Rather, this information is needed to


deliver the content of our website correctly;

- to optimise the content of our website as well as marketing;

- to ensure the long-term functionality of our information technology systems and website technology; 

- to provide law enforcement authorities with any information that may be required for criminal prosecution in case of a cyber attack.


TEMO will therefore, on the one hand, analyse this data and information collected statistically and also with the aim of increasing data protection and data security in our company, to ultimately ensure an optimal level of protection of the personal data we process. Anonymous data from the server log files shall be stored separately from any personal data provided by a data subject.


Legal grounds of data collection:

Art. 6 (1) f) (legitimate interest of controller)


Right to remove privilege:

As this data is required for compelling reasons for making the website available, it is not possible for the data subject to remove this privilege.


5. Registration on our website


It is possible to register, stating personal data, on the website of TEMO. Which personal data is transmitted to the data controller is determined by the respective input mask used for registration purposes. Personal data entered is collected and stored exclusively for internal use by the data controller, and for own purposes . The data controller may arrange for transmission of data to one or more processors (e.g. parcel service) that will also exclusively use personal data for internal purposes attributable to the data controller.


When registering on the website of the controller, the IP address assigned by the Internet service provider (ISP) to the data subject, the date and the time of registration will also be stored. Such data is stored against the background of this being the only way to prevent inappropriate use of our services, and, if necessary, to make it possible to investigate any offences that may have been committed. This means it is necessary for the data controller to store this data in order to protect the business against risks. This data shall not be disclosed to third parties unless a statutory obligation to disclose data exists or unless data needs to be transferred for criminal prosecution purposes.


Legal grounds of data collection:

Art. 6 (1) f) (legitimate interest of controller)


Right to remove privilege:

As this data is required for compelling reasons for making the website available, it is not possible for the data subject to remove this privilege.


The purpose of registration of the data subject stating personal data voluntarily is for the controller to offer the data subject content or services that due to the nature inherent in the matter may only be offered to registered users. Registered persons may, at their discretion, modify the data indicated upon registration at any time or have it deleted completely from the data inventory of the controller.


Legal grounds of data collection:

Art. 6 (1) a (consent given by data subject)


Right to remove privilege:

Data subjects may withdraw their user registration and have their user registration deleted by sending an e-mail message subject to no specific formal requirements to [email protected] shall upon request provide any data subject with information as to which personal data is stored about the specific data subject. In addition, the data controller shall correct or erase personal data at the data subject’s request or indication unless required otherwise with a view to statutory retention periods. In this context, all of the employees of the controller will be available for providing information to the data subject as point of contact.


6. Newsletter subscription 


Users of the TEMO website have the possibility to subscribe to our company's newsletters (sent by our partner Sendinblue). The personal data transmitted to the data controller during this process are the ones filled in the subscription form.


Only the persons concerned (1) with a valid e-mail address and (2) having subscribed to the corresponding subscription or customers having subscribed to one of our offers can receive the newsletters.


When registering, we also record the IP address assigned by the Internet Service Provider (ISP) to the computer used by the person concerned at the time of registration, as well as the date and time of registration. The collection of this data is necessary in order to be able to trace any (possible) misuse of a data subject's e-mail address at a later date and serves as legal protection for the data controller.


The personal data collected in the context of a registration is used exclusively for the distribution of newsletters. In addition, subscribers may receive information by e-mail insofar as this is necessary for the operation of the service or if a registration is required, e.g. in the case of changes to the offer or the technical context. The personal data collected is not passed on to third parties. The data subject can revoke the collection of information at any time. The data subject may withdraw his or her consent to the recording of personal data at any time. Each newsletter contains a revocation link to this effect.


7. Tracking in newsletter


TEMO's contain what is referred to as tracking pixels. A tracking pixel is a miniature graphic embedded in such e-mails which are sent in HTML format to enable log file recording and analysis. This allows for statistical analysis of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, TEMO may see if and when an e-mail was opened by a data subject, and which links in the e-mail were clicked on by the data subject.


Such personal data collected in the tracking pixels contained in the newsletter is stored and analysed by the data controller in order to optimise sending of the newsletter even better to what the data subject is interested in. Such personal data will not be disclosed to third parties. Data subjects at all times have the right to withdraw the separate consent given by way of double-opt-in. After withdrawal of consent, this personal data will be deleted by the data controller. Unsubscription from newsletter shall automatically be interpreted by TEMO as cancellation of consent.


8. Contact option via our website


In accordance with the legal requirements, the TEMO website contains information that enables quick contact and direct communication with our company by electronic means. As soon as a data subject contacts the data controller, e.g. by email or via a contact form, the personal data of the data subject is automatically recorded. This personal data, which is transmitted voluntarily to the data controller, is recorded exclusively for the purpose of processing the request or contacting the data subject. These personal data shall not be transmitted to third parties.


Legal grounds of data collection:

The processing of contact data is based on the consent of the data subject pursuant to Article 6(1)(a) of the GDPR.


9. Routine erasure and blocking of personal data


The data controller shall process and store personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this privilege is granted by the European body issuing directives and regulations or any other legislators by virtue of laws or regulations to which the data controller is subject.


Where the purpose of storage no longer applies or where a storage period prescribed by the European body issuing directives and regulations or any other legislator competent has expired, personal data shall routinely be blocked or erased in accordance with legal requirements.



10. Rights of data subject


Right of confirmation

Each data subject shall, at any time, have the right to request from the controller a confirmation as to wether or not personal data concerning the data subject is being processed. Where a data subject wishes to avail himself/herself of this right of confirmation, he or she may, at any time, contact any employee of the data controller.


Right of access

Each data subject shall have, at any time, the right to be given access free of charge by the data controller to personal data stored on the data subject and to obtain a copy of this information. Furthermore, the European body issuing directives and regulations has granted the data subject the right to be given access to the following information:

- purposes of processing;

-  categories of personal data that is being processed;

- the recipients or categories of recipients to whom the personal data has been or will be disclosed, including but not limited to, recipients in third countries or international organisations;

- where possible, the envisaged period for which the personal data is to be stored, or, where not possible, 

- the criteria used to determine that period;

- the existence of the right to request from the controller correction or erasure of personal data, or restriction of processing of personal data concerning the data subject, or the right to prevent such processing; 

- the existence of the right to lodge a complaint with a supervisory authority;

- where the personal data has not been collected from the data subject: any information available as to source of data;

- the existence of automated decision taking processes, including profiling, referred to in Article 22(1) and (4) GDPR; and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the data subject.


Furthermore, the data subject shall have a right to be given access to information as to whether personal data is transferred to a third country or to an international organisation. Where this is the case, the data subject shall have the right to be informed of appropriate safeguards taken in relation to the transfer.


Where a data subject wishes to avail himself or herself of this right of access, he or she may, at any time, contact any employee of the data controller.


c) c) Right of correction

Each data subject affected by processing of personal data shall have the right to request correction of inaccurate personal data relating to the data subject without undue delay. The data subject shall further have the right, taking into account the purposes of processing, to have any incomplete personal data completed, without limitation by provision of a supplementary statement. Where a data subject wishes to avail himself or herself of this right of correction, he or she may, at any time, contact any employee of the data controller.


d) Right of restriction of processing

Each data subject shall have the right to obtain from the controller restriction of processing where one of the following conditions is satisfied:

- The data subject has contested the accuracy of personal data; in this case processing shall be restricted for a period enabling the controller to verify the accuracy of the personal data.

- It is unlawful to process such data and the data subject has objected to erasure of the personal data and instead requests restriction of use of such data.

- The controller no longer needs the personal data for processing purposes but such data is needed by the data subject for the establishment, exercise or defence of legal claims.

- The data subject has objected to processing in line with Article 21(1) GDPR pending the verification of whether the legitimate grounds or interests of the controller override those existing on the part of the data subject.

Where one of the aforementioned conditions is met, and a data subject wishes to request the restriction of processing of personal data stored by TEMO, he or she may at any time contact any employee of the data controller. This employee of TEMO will arrange for the restriction of processing.


e) Right to prevent processing

Each data subject affected by processing of personal data shall have the right to object, on grounds relating to his or her particular situation, at any time, to processing of personal data concerning him or her, based on Article 6(1) (e) or (f) GDPR. This shall also apply with respect to profiling based on these provisions.


In the event of an objection, TEMO shall no longer process the personal data unless we can demonstrate compelling legitimate grounds for processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defence of legal claims.


Where TEMO processes personal data for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing purposes. This shall also apply with respect to profiling to the extent that it is related to such direct marketing. Where the data subject has objected to TEMO processing data for the purposes of direct marketing, TEMO shall refrain from processing such personal data for such purposes in the future.


In addition, the data subject has the right, on grounds relating to his or her particular situation, to object to processing of personal data concerning him or her by TEMO for scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) GDPR, unless processing is necessary for the performance of a task carried out for reasons of public interest.


The data subject may contact any TEMO employee directly or any other employee to exercise the right to prevent processing. In addition, the data subject shall be free in the context of use of information society services, and notwithstanding Directive 2002/58/EC, to exercise his or her right to object by automated means using technical specifications.


f) Right to erasure (right to be forgotten)

Each data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay, and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies and as long as processing is not necessary:


The personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed.

-The data subject has withdrawn consent on which the processing is based according to Article 6(1) (a) GDPR or Article 9(2) (a) GDPR, and where there is no other legal ground for processing.

The data subject has objected to processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for processing, or the data subject has objected to processing pursuant to Article 21(2) GDPR.

- The personal data has been processed unlawfully.

- Personal data must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.

- Personal data has been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.


Where one of the aforementioned reasons apply, and a data subject wishes to request the erasure of personal data stored by TEMO, he or she may at any time contact any employee of the data controller. The employee of TEMO shall ensure that the erasure request is complied with without undue delay.


Where the controller has made personal data public and the company as controller is obliged pursuant to Article 17(1) to erase the personal data, it shall, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform other controllers processing the personal data that the data subject has requested erasure by such controllers of any links to, or copy or replication of, such personal data, as far as processing is not required. Such employee of TEMO will arrange for the restriction of processing in a given case.


g) Right to data portability

Each data subject shall have the right to receive the personal data concerning him or her, which the data subject has provided to a controller, in a structured, commonly used and machine-readable format. He or she shall also have the right to have this data transmitted from one controller to another without hindrance from the controller to which the personal data has been provided for as long as processing is based on consent given in line with Article 6(1) (a) GDPR or Article 9(2) (a) GDPR, or based on a contract pursuant to Article 6(1) (b) GDPR, and data is processed by automated means, for as long as processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.


Furthermore, in exercising his or her right to data portability pursuant to Article 20(1) GDPR, the data subject shall have the right to have personal data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.


The data subject may at any time contact any TEMO employee to assert the right to data portability.


h) Decisions being taken by automated means in a given case including profiling

Each data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her, or similarly significantly affects him or her, as long as the decision (1) is not necessary for entering into, or the performance of, a contract between the data subject and a data controller, or (2) is not authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject rights and freedoms and legitimate interests, or (3) is not based on the data subject’s explicit consent.


Where a decision (1) is necessary for concluding, or the performance of, a contract between the data subject and the controller, or (2) is based on the data subject’s explicit consent, TEMO shall implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, as a minimum including the right to obtain human intervention on the part of the controller, to express his or her point of view and contest the decision.


Where a data subject wishes to avail himself or herself of this rights in relation to decisions being taken by automated means, he or she may, at any time, contact any employee of the data controller.


i) Right to withdraw privacy-related consent

Each data subject affected by processing of personal data shall at any time have the right to withdraw from the controller the consent to processing of personal data relating to the data subject.


Where a data subject wishes to avail himself or herself of this rights in relation to withdrawal of consent, he or she may, at any time, contact any employee of the controller.


11. Plugins and tools

Using Google Analytics

The controller has added the Google Analytics component  to this website. Google Analytics is a web analytics service. Web analytics is the process of collection, gathering and analysis of data relating to the behaviour of website visitors. A web analysis service collects, inter alia, data about the website from which a person was referred (referred to as “referrer”), which sub-pages were visited, or how often and for what duration a sub-page was viewed. Web analytics is mainly used for the purpose of optimising a website and to carry out a cost-benefit analysis of Internet marketing.


Google-Analytics est un service de Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

 

The purpose of adding the Google Analytics component to our website is to analyse the traffic on our website. Google uses the data and information collected, inter alia, to analyse use of our website and to provide online reports, which show the activities on our website, and to provide other services concerning the use of our website for us.


Google Analytics places a cookie on the information technology system of the data subject. For definition of the term “cookies” see above. By placing a cookie, Google is placed in a position to analyse use of our website. Each time one of the individual pages part of this website operated by the controller to which the Google Analytics component was added is loaded, the Internet browser used on the information technology system of the data subject will automatically submit data through the Google Analytics component for the purpose of online analysis. In the context of this technical process, Google will gain knowledge of personal data such as the IP address of Internet access used by the data subject, and Google will use this information, inter alia, for understanding where visitors have been referred from and have clicked the website and consequently allow for commission payment accounting.


A cookie is used to store personal data, such as time of access, location from which the website was accessed, and the frequency of visits of our website by the data subject. Every time you visit our website, this personal data including the IP address of the Internet connection used by the data subject, will be transmitted to Google in the United States of America. This personal data will be stored by Google in the United States of America. It is possible that Google may disclose this personal data collected through the technical process to third parties


You can prevent cookies from being stored by changing your browser software settings accordingly; we would, however, like to point out to you that in this case it may not be possible for you to use the full scope of the functionalities of this website.


Furthermore, it is possible for you to prevent the collection and transmission of the data generated through the cookie and relating to the use of the website made by you (incl. your IP address) as well as processing of this data by Google by downloading a browser plug-in for disabling Google Analytics from: tools.google.com and installing such plug-in.


To prevent collection of data by Google Analytics, click on the following link. An opt-out cookie will be placed which prevents future collection of data when you visit this website:


  For more information on terms of use and data protection see www.google.com or https://policies.google.com/?hl=en .


Using the SendinBlue Newsletter tool 


14. Privacy policy for use of social media buttons


On our website we use the following social media buttons:

- Twitter, Twitter Inc. 1355 Market St, Suite 900, San Francisco, CA 94103, USA

- Facebook, Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA

- YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.

Google+, Google Inc. 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, États-Unis d'Amérique.

Instagram, 1 Hacker Way, Building 14 First Floor Menlo Park, CA.

Linkedin, LINKEDIN FRANCE SAS 519059281 (Paris 8e Arrondissement - 75008) 


These social media buttons only provide links to the respective providers. For as long as you do not click on any of these buttons, no data will be transmitted to any of these providers.


Where you click on these buttons, you will be forwarded to the website operated by the respective provider. Depending on whether you were logged in on an account with the respective provider at the time of clicking the button concerned, your data will be processed based on the privacy policy of these providers and, if applicable, be used for profiling purposes; this is beyond our responsibility.


For more detailed information on privacy policy of the individual providers click the following links:


Twitter : http://twitter.com/privacy

Facebook : http://www.facebook.com/about/privacy

YouTube : http://www.youtube.com/t/privacy_at_YouTube

Google : https://policies.google.com/privacy?hl=en

Instagram : https://help.instagram.com/519522125107875

Linkedin : https://www.linkedin.com/legal/privacy-policy

Si vous n’êtes pas d’accord pour que ces sociétés collectent des données vous concernant, veuillez ne pas cliquer sur l'un de ces boutons.


15. Further information


Your trust is important to us. Therefore, we are always willing to answer any questions or queries you may have regarding the processing of your data. In the event that you have any questions or queries that this privacy statement did not answer or if you wish to receive more detailed information on any related issue, please do not hesitate to contact the data protection officer of TEMO.


16. Contact the Data Protection Officer


Justine Perussel

TEMO

IMT Atlantique - POLE ENTREPRISES

2 RUE ALFRED KASTLER

44300 NANTES / FRANCE

Tel. +33(0)6. 07. 23. 31. 71

E-mail: [email protected]


DO YOU HAVE ANY OTHER QUESTIONS?