Privacy Policy

 

Personal data protection policy

Third Parties

English version 15/12/2020

 

Download as a PDF

 

 

Introduction

The Kersia[1] group attaches great importance to your privacy and to the manner in which your personal data is handled. For this reason, we would like to share with you the way we collect and process these data, by this personal data protection policy (hereafter « Policy »).

This Policy also contains important information about your rights in relation with the processing of your personal data. We therefore encourage you to read this Policy carefully and to keep it for reference. Please note that you have to read this Policy together with any fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Policy supplements the other notices and is not intended to override them.

This Policy is an integral part of our approach to CSR (Corporate Social Responsibility) raised by the group internationally.

This Policy can be modified, added to, or updated to remain compliant with legislation or regulations or due to a change in our activity. The most recent version of this Policy is available at the following link http://privacypolicy.kersia-group.com or on our website http://kersia-group.com.However, it is possible for you to be inform directly by email in case of major change.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

 

 

Reason for collecting data

We collect some of your personal data as a customer or supplier of our company. In that sense, the processing of your personal data is justified by the performance of a contract, a legal or regulatory obligation or by the legitimate interests pursued by the controller, that is to say, the company of the Kersia group with whom you are in relation.

 

 

Data collected

We collect personal data about you:

  • either directly from you,
  • or from other sources such as your colleagues or employees, or other third parties involved in the relationship,
  • or through cookies.

The data we collect is limited to what is required as part of our commercial relationship. These can notably be the following types of data:

  • identity: Name, first name, email address, postal address, telephone number, vehicules numberplate, ID card or passeport, photographie etc. Furthermore, some of our plants are equipped with a video surveillance system, whose records, conserved during 30 days, could give us access to your image and/or vehicules numberplate. ;
  • in relation with your professional identity: Professional status, position, qualifications;
  • connection data (customer account, e-learning).

You are free to provide or refuse to provide all or part of your personal data or to refuse its communication. No personal data is collected unless you have freely agreed to provide it, there is a legal or regulatory obligation or without a legitimate interest for us such as the proper performance of services or commitments to you. However, refusal to provide this data or opposition to their disclosure could prevent the fulfillment of the purposed describe below.

 

 

Purpose of collection

We use your personal data, in a general manner, to perform the contract to which you or your company is party, and so including the following purposes:

  • For the management of the customer/supplier relationship;
  • To establish offers, perform and follow-up your orders, manage your claims and, as the case may be, pay you certain amounts that might be due;
  • To organize any assignment of claim/factoring or any other transaction related to your billing;
  • To keep you informed of any changes in our group, subsidiaries, products or activities;
  • To organize training courses adapted to your employees;
  • To conduct satisfaction investigations ;
  • To maintain your customer account accessible through our Internet site;
  • To organise seminars / meetings ;
  • To comply with our legal obligations, accounting and tax;
  • To manage prospect files;
  • To Ensure safety and security of the premises and goods of Kersia group companies.

 

 

Conservation

Your personal data are stored in our databases and servers. We intend to retain your personal data in the most secure way possible, to complete transactions as intended under the defined purpose, for the duration of the process or within the legal duration. With this intention, we take all appropriate and reasonable physical, technical, and organizational precautions to prevent alteration to, loss of or unauthorized access to your data.

 

 

Recipient of data and transfer

Considering the data purposes as listed above, your personal data is likely to be communicated to the data controller‘s departments or to directly or indirectly owned subsidiaries, and external persons such as a carrier, partner, or distributor for of the performance of our services. Your personal data can also be accessible to our technical providers called “Processor” (it means all natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller), for the strict necessity of their mission.

Due to the international nature of our group, we would like to inform you that the personal data that we collect is likely to be transferred outside of your territorybut always within the purpose outlined above.

We implement as necessary, an adequate level of security to guarantee the security of your personal data.

To this end, we have put in place contractual guarantees with our sub-contractors or our external partners and standard contractual clauses with all the group’s subsidiaries.

 

 

Data Security

We implement appropriate technical and organizational security measures to protect the personal data you transmit to us from destruction, loss, alteration, disclosure or unauthorized access. These include access controls, firewalls, secure servers, authorization management, data encryption and anonymization of data.

 

 

Use of cookies

We use cookies to optimize your visit to our Internet site.

A cookie is a small and temporary text file created on your workstation which saves certain Internet parameters. The file is downloaded by your web browser on your first visit to a website.

The information stored is intended to facilitate your access to services and sections of our Internet site.

 

Here is a table of the first party cookies we use on our websites:

Purpose

Name

Function

Storage time

Performance/

essential

Preferences, features and services

Country

Choosing the default site language

1 month

Essential

Cookie_notice_accepted

 

Cookieaccept

Hiding the banner acceptance of cookies

Performance

PHPSESSID

Session ID

The time of the session 

 

 

We also use third party cookies to diffuse video on our website or to make statistics. If you want to know more, please visit the following links:

Name

Link to cookie policy

Google Analytics

https://support.google.com/analytics/answer/6004245

Youtube

https://www.youtube.com/

Cybercite_tracking

https://www.cybercite.fr/

Facebook

https://fr-fr.facebook.com/policies/cookies/

 

You can accept or refuse cookies at any time, by modifying the settings of your web browser. Please consult the instructions of your web browser to determine how to update these settings.

Please note that if you delete a cookie or if you refuse the installation of cookies, certain functionality on the website will not be available.

 

 

Data Protection Officer

The appointment of a DPO is not mandatory in each country, thus where the appointment of a DPO is not mandatory, no DPO was appointed but the compliance with the personal data regulation is ensured by the Group Legal Manager.

 

A DPO was appointed where the appointment of a DPO is mandatory.

In Germany, for Kersia Deutschland :

Mr Martin Kuschke

IT Consulting

PCK IT Solutions GmbH

Edisonstraße 1

87437 Kempten

 

In Brasil, for Hypred Brasil and JPB :

Ms. Miriam Laier

HR Manager

Hypred Brasil

Rua Eugenia Mello de Oliveira Kirshheim, n°251

Bom pastor, CEP 95905-684 Lajeado – Estado do Rio grande do sul

 

 

Notification of contravention of personal data regulations

We commit to notifying the advisory authority within seventy-two hours of detecting a case of breach of personal data regulations.

 

 

Right of access and modification of collected data

In accordance with current data protection regulations applicable to you, you may have the right to confirm and access, modify and correct, transfer, anonymize, block, delete, refuse the usage of and limit the processing of your personal data for legitimate reasons, request the portability, request information on the public and private entities with which we shared the data and obtain information on the possibility of not giving your consent and on the consequences of refusal, as well as the right to withdraw your consent, when applicable.. In order to exercise your right, please address your request to us by using the following link: http://gdpr.kersia-group.com

 

 

Right to complain

If you have a complaint about our use of your information, we would prefer you to contact us directly in the first instance so that we can address your complaint.

However, we inform you that you have the right to lodge a complaint with the relevant supervisory authority.

 

 

Any Question? Please contact us by using the link

http://gdpr.kersia-group.com  

 


[1][1] Complete list of Kersia group companies at the following link: http://subsidiaries.kersia-group.comhttp://subsidiaries.kersia-group.com