1. Personal Data Management.
The Customer is informed about regulations concerning marketing communications, the law of June 21, 2014, on trust in the digital economy, the Data Protection Act of August 6, 2004, and the General Data Protection Regulation (GDPR: n° 2016-679).
1.1 Responsible for the collection of personal data
For Personal Data collected in the context of the creation of the User’s personal account and their navigation on the Site, the data controller for Personal Data is: Michel STAUFFER contact@embalsace.com, its legal representative.
As the data controller for the data it collects, Embalsace commits to complying with the legal framework in force. It is the responsibility of the Customer, in particular, to establish the purposes of its data processing, to provide its prospects and customers, from the collection of their consents, with comprehensive information on the processing of their personal data, and to maintain a register of processing operations that complies with reality.
Each time Embalsace processes Personal Data, Embalsace takes all reasonable measures to ensure the accuracy and relevance of the Personal Data with respect to the purposes for which Embalsace processes them.
1.2 Purpose of the collected data
Embalsace may process all or part of the data for the following purposes:
- To enable navigation on the Site and the management and traceability of services and products ordered by the user: connection and usage data of the Site, billing, order history, etc.
- To prevent and fight against computer fraud (spamming, hacking…): computer hardware used for browsing, IP address, hashed password
- To improve navigation on the Site: connection and usage data
- To conduct optional satisfaction surveys on Embalsace: email address
- To conduct communication campaigns (SMS, email): phone number, email address
- Embalsace does not market your personal data, which are therefore used only out of necessity or for statistical and analytical purposes.
1.3 Right of access, rectification, and objection
In accordance with the current European regulations, Users of Embalsace have the following rights:
- Right of access (Article 15 GDPR) and rectification (Article 16 GDPR), updating, completeness of User data, right to block or delete User personal data (Article 17 of the GDPR), when they are inaccurate, incomplete, equivocal, expired, or when the collection, use, communication, or storage of data is prohibited
- Right to withdraw consent at any time (Article 13-2c GDPR)
- Right to limit the processing of User data (Article 18 GDPR)
- Right to object to the processing of User data (Article 21 GDPR)
- Right to data portability of the data Users have provided, when the data is subject to automated processing based on their consent or a contract (Article 20 GDPR)
- Right to define the fate of User data after their death and to choose to whom Embalsace must (or must not) communicate their data to a third party they have previously designated
As soon as Embalsace becomes aware of the death of a User and in the absence of instructions from the User, Embalsace agrees to destroy their data unless their storage is necessary for evidentiary purposes or to meet a legal obligation.
If the User wishes to know how Embalsace uses their Personal Data, request its correction, or object to its processing, the User can contact Embalsace in writing at the following address:
Embalsace
DPO
21 rue de l’Europe, 68700 Cernay
In this case, the User must indicate the Personal Data they would like Embalsace to correct, update, or delete, by identifying themselves precisely with a copy of an identity document (identity card or passport).
Requests for the deletion of Personal Data are subject to obligations imposed on Embalsace by law, especially with regard to the retention or archiving of documents. Finally, Users of Embalsace may file a complaint with supervisory authorities, particularly the CNIL (https://www.cnil.fr/fr/plaintes).
1.4 Non-disclosure of personal data
Embalsace refrains from processing, hosting, or transferring Information collected about its Customers to a country located outside the European Union or recognized as “not adequate” by the European Commission without informing the customer beforehand. However, Embalsace remains free to choose its technical and commercial subcontractors, provided that they offer sufficient guarantees with regard to the requirements of the General Data Protection Regulation (GDPR: n° 2016-679).
Embalsace undertakes to take all necessary precautions to preserve the security of the Information and, in particular, that it is not communicated to unauthorized persons. However, if an incident affecting the integrity or confidentiality of the Customer’s Information is brought to the attention of Embalsace, it must inform the Customer as soon as possible and communicate the corrective measures taken. Furthermore, Embalsace does not collect any “sensitive data.”
The Personal Data of the User may be processed by subsidiaries of Embalsace and subcontractors (service providers), exclusively for the purposes of this policy, and within the limits of their respective assignments. The main persons who may have access to the data of Embalsace Users are mainly the agents of our customer service.
1.5 Types of collected data
Regarding users of an Embalsace Site, we collect the following data, which is essential for the operation of the service and will be kept for a maximum period of 5 years after the end of the contractual relationship:
Name, First Name, Address, Phone Number, Email, Date of Birth.
Embalsace also collects information that allows improving the user experience and providing contextualized advice:
The data collected will not be resold in any case. They will only be used for processing requests.
These data are kept for a maximum period of 1 year after the end of the contractual relationship.
2. Incident Notification
Regardless of the efforts provided, no method of transmission over the Internet and no electronic storage method is completely secure. Therefore, we cannot guarantee absolute security. If we become aware of a security breach, we will notify the affected users so that they can take appropriate measures. Our incident notification procedures take into account our legal obligations, whether at the national or European level. We are committed to fully informing our customers of all security-related matters regarding their account and to providing them with all the necessary information to help them comply with their own regulatory reporting obligations.
No personal information of the user of the Embalsace site is published without the user’s knowledge, exchanged, transferred, assigned, or sold to any support to third parties. Only the hypothesis of the acquisition of Embalsace and its rights would allow the transmission of such information to the potential acquirer, who would, in turn, be bound by the same obligation of conservation and modification of data vis-à-vis the user of the Embalsace site.
Security
To ensure the security and confidentiality of Personal Data and Health Data, Embalsace uses networks protected by standard devices such as firewalls, pseudonymization, encryption, and passwords.
When processing Personal Data, Embalsace takes all reasonable measures to protect them from loss, misuse, unauthorized access, disclosure, alteration, or destruction.
3. Hyperlinks, “Cookies,” and Internet Tags (“Tags”)
The Embalsace site contains a certain number of hyperlinks to other sites, established with the authorization of Embalsace. However, Embalsace cannot verify the content of the sites thus visited and will not assume any responsibility for this fact. Unless you decide to disable cookies, you agree that the site may use them. You can disable these cookies at any time, free of charge, using the deactivation options offered and recalled below, knowing that this may reduce or prevent access to all or part of the services offered by the site.
3.1. “COOKIES”
A “cookie” is a small information file sent to the user’s browser and stored on the user’s device (e.g., computer, smartphone), hereinafter referred to as “Cookies.” This file includes information such as the user’s domain name, Internet service provider, the user’s operating system, as well as the date and time of access. Cookies will not damage the user’s device in any way.
Embalsace may process information about the user concerning their visit to the Site, such as the pages viewed, the searches carried out. This information allows Embalsace to improve the content of the Site and the user’s navigation.
Cookies facilitate navigation and/or the provision of services offered by the Site. The user can configure their browser to decide whether to accept or reject Cookies, either systematically or on a case-by-case basis, before a Cookie is saved on their device. Embalsace informs the user that, in this case, certain features of their browsing software may not be available.
The configuration is specific to each browser.
For Internet Explorer™: Open the “Tools” menu, then select “Internet Options”; click on the “Privacy” tab, then the “Advanced” tab, choose the desired level or find these explanations at the following link: http://windows.microsoft.com/fr-FR/windows-vista/Block-or-allow-cookies
For Firefox™: Open the “Tools” menu, then select “Options”; click on the “Privacy” tab, then choose the desired options or follow this link: http://support.mozilla.org/fr/kb/Activer%20et%20d%C3%A9sactiver%20les%20cookies
For Chrome™: Open the configuration menu (wrench logo), then select “Options”; click on “Advanced Options,” then in the “Privacy” section, click on “Content Settings,” and choose the desired options or find these explanations at the following link: http://support.google.com/chrome/bin/answer.py?hl=fr&hlrm=en&answer=95647
For Safari™: Choose “Safari > Preferences” then click on “Security”; In the “Accept Cookies” section, choose the desired options or find these explanations at the following link: http://docs.info.apple.com/article.html?path=Safari/3.0/fr/9277.html
For Opera™: Open the “Tools” or “Settings” menu, then select “Delete private data”; click on the “Detailed Options” tab, then choose the desired options or find these explanations at the following link: http://help.opera.com/Windows/10.20/fr/cookies.html
If the user refuses to store Cookies on their device or browser or deletes those that are stored, the user is informed that their browsing and experience on the Site may be limited. This may also be the case when Embalsace or one of its service providers cannot recognize, for technical compatibility purposes, the type of browser used by the terminal, the language, and display settings, or the country from which the terminal appears to be connected to the Internet.
If necessary, Embalsace declines all responsibility for the consequences related to the degraded operation of the Site and any services possibly offered by Embalsace, resulting from (i) the refusal of Cookies by the user (ii) the impossibility for Embalsace to save or consult the Cookies necessary for their operation due to the user’s choice. The management of Cookies and user choices are different for each browser. It is described in the browser’s help menu, which will allow the user to find out how to modify their wishes regarding Cookies.
At any time, the user can choose to express and modify their wishes regarding Cookies. Embalsace may also call on external service providers to help collect and process the information described in this section.
Finally, by clicking on the dedicated icons for social networks Twitter, Facebook, Linkedin, and Google Plus appearing on the Embalsace site or in its mobile application, and if the user has accepted the deposit of cookies by continuing to browse the Embalsace website or mobile application, Twitter, Facebook, Linkedin, and Google Plus may also deposit cookies on your devices (computer, tablet, mobile phone).
These types of cookies are only deposited on your devices if you consent, by continuing your navigation on the Embalsace website or mobile application. At any time, the user can nevertheless revoke their consent to Embalsace depositing this type of cookie at the bottom left of their screen.
Embedded Content from Other Websites
Articles on this site may include embedded content (e.g., videos, images, articles, Facebook feeds, etc.). Content embedded from other sites behaves in the same way as if the visitor were visiting that other site.
These websites may collect data about you, use cookies, embed third-party tracking tools, and track your interactions with embedded content if you have an account connected to their website.
Statistics and Audience Measurements
To track our audience measurements, our site is linked to Google Analytics (see their privacy policy: https://policies.google.com/privacy?hl=fr).