Privacy Policy

Scope:

CELPRO values the trust you place in us when browsing our website. We attach great importance to protecting your personal data and complying with the relevant regulations.

By visiting and using our website, you agree to our privacy policy. We therefore invite you to read the information below, which will enable you to make an informed decision.

Data controller:

In connection with your use of our website, we collect and use personal data relating to you as an individual.

For all processing operations, the company CELPRO determines the means and purposes of the processing. We therefore act as the data controller within the meaning of the regulations on personal data, and in particular EU Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data (GDPR).

Definitions:

  • Personal data’: any information relating to an identified or identifiable natural person;
  • Identifiable natural person’: a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  • ‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  • controller’: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing; where the purposes and means of such processing are determined by Union law or the law of a Member State, the controller may be designated or the specific criteria for its designation may be laid down by Union law or the law of a Member State;
  • Sub-processor’: a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller;
  • Recipient’: a natural or legal person, public authority, agency or any other body to which personal data are disclosed, whether or not it is a third party. However, public authorities which may receive personal data in the course of a specific investigative task in accordance with Union law or the law of a Member State shall not be regarded as recipients; the processing of such data by the public authorities in question shall comply with the applicable data protection rules in accordance with the purposes of the processing;
  • Third party’: a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are authorised to process personal data;
  • ‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

What data do we collect, for how long, and why?

Data is collected for specific purposes. We collect the following information when you visit our website:

  • Information relating to your browsing: When you browse our website, you interact with it. Consequently, certain information relating to your browsing is collected for a maximum period of 24 months.
    Certain information is necessary to facilitate and improve your browsing experience on the site. These details are set out in the ‘Cookie Policy’. Some necessary cookies are collected on the basis of our legitimate interest, whilst non-essential cookies are collected on the legal basis of your consent.
    Other personal data, such as your IP address, is collected once you have authorised the use of cookies, in particular for statistical purposes.
  • Contact form: the form asks for your personal details, including your surname, first name, email address, telephone number and postal address. Mandatory fields are marked with an asterisk. Documents in PDF, DWG, DXF or STEP formats can be uploaded. This data is collected with your consent in order to process your enquiry and is only retained for the duration of the enquiry.

Use and sharing of your personal data:

We share your data with our technical service providers, whom we engage to carry out a range of operations and tasks on our behalf. We are contractually bound to these third parties, who have made strict commitments regarding compliance with applicable regulations and data security.

We work with subcontractors such as our communications agency MCC, our hosting provider FC Net (whose contact details are set out in these legal notices), and our IT service provider… who may have lawful and secure access to your data in order to carry out necessary maintenance or data retention operations.

Similarly, only those employees who need to respond to you or analyse the website’s statistics have access to personally identifiable information.

Your data may be disclosed to legal or regulatory authorities in order to comply with our legal obligations.

We do not sell your personal data.

The computers and servers used to store personally identifiable information are kept in a secure environment; our hosting provider maintains its servers within the European Union.

Your rights regarding your data:

The GDPR grants data subjects certain rights which they may exercise. These include:

  1. Right to information: the right to receive clear, accurate and comprehensive information regarding the company’s use of personal data .
  2. Right of access: the right to obtain a copy of the personal data that the data controller holds about the data subject.
  3. Right to rectification: the right to have Personal Data rectified if it is inaccurate or out of date and/or to have it completed if it is incomplete.
  4. Right to erasure / right to be forgotten: the right, under certain conditions, to have Data erased or deleted, unless the company has a legitimate interest in retaining it.
  5. Right to object: the right to object to the processing of personal data by on grounds relating to the data subject’s particular situation (subject to certain conditions).
  6. Right to withdraw consent: the right to withdraw consent at any time where processing is based on consent.
  7. Right to restriction of processing: the right, under certain conditions, to request that the processing of personal data be temporarily suspended.  
  8. Right to data portability: the right to request that personal data be provided in a reusable format so that it can be used in another database.
  9. Right not to be subject to automated decision-making: the right of the data subject to object to fully automated decision-making and/or to exercise the additional safeguards provided in this regard.
  10. Right to set out post-mortem instructions: the right of the data subject to set out instructions regarding the handling of their personal data after their death.

Local regulations may grant additional rights to the persons concerned.

To exercise your rights, you can contact the data controller by writing to them at CELPRO, , 25770 Serre-les-Sapins or by email at contact@celpro.fr

When you submit a request to exercise your rights, we ask you to specify, as clearly as possible, the scope of the request, the type of right being exercised, the personal data processing concerned, and any other relevant details, in order to facilitate the processing of your request.

In addition, you will be asked to provide proof of your identity. This information will be collected solely for the purpose of processing your request and will be deleted immediately.

You also have the right to lodge a complaint with the CNIL, the competent authority in France, either online via the website www.cnil.fr or in writing to 3 Place de Fontenoy – TSA 80715 – 75 334 Paris Cedex 07.

How we protect your data:

We are committed to protecting the personal data we collect or process against loss, destruction, alteration, unauthorised access or disclosure.

We therefore implement all appropriate technical and organisational measures, depending on the nature of the data and the risks associated with its processing. These measures are designed to ensure the security and confidentiality of your personal data.

A number of security measures have been put in place to protect both the website and the data it collects.

As for the website, it is secured by several strong passwords and an SSL certificate.

This also includes setting up a regular maintenance schedule, including full website backups, updates, theme updates and updates to the website’s modules.

Any data provided to the company is stored securely.

Policy update:

This policy may be updated from time to time to reflect changes in data protection legislation.

Socks
Birthday boxes
Plastic balls
Promotional items
Textiles
POS
Consumables