Privacy Policy

This policy applies to the website: www.sequem.fr

Latest update: 30th April 2019

Thank you for your visit on our website and your interest in our company. Protecting your privacy is very important to us. Please find below detailed information on the handling of your data.

By browsing our website, you acknowledge that you have read and understood this privacy policy, and that you agree to the terms thereof, especially regarding the collection and processing of your personal data, as well as the use of cookies.

  1. Name and address of the controller

The data controller as defined in the General Data Protection Regulation and other national data protection laws of the member States, as well as other provisions under data protection laws is:

The data controller is: Pierre SERVAES. He can be contacted as follows:

The data controller can be contacted by email at ps@sequem.fr

The data controller shall determine the purposes and means of the data processing.

 

The data controller is bound to respond within thirty (30) days of your request.

III. General information concerning data processing
1. Scope of the processing of personal data

As a rule, we only process personal data of our users if this is necessary to provide a functional website as well as our contents and services. The processing of our users’ personal data generally takes place only with their consent. An exception applies in cases where obtaining prior consent is not possible for factual reasons, and when the processing is permitted by statutory regulations.

  1. Legal basis for the processing of personal data

Should we obtain the consent of the data subject for the processing of personal data, Article 6 Paragraph 1 Point (a) GDPR forms the legal basis for this.
When processing personal data which is necessary to fulfil a contract where the contracting party is the data subject, Article 6 Paragraph 1 Point (b) GDPR forms the legal basis for this. This also applies to processing which is necessary to carry out pre-contractual measures.
Should processing of personal data be necessary to fulfil a legal obligation which our company is subject to, Article 6 Paragraph 1 Point (c) GDPR forms the legal basis for this. In the event that vital interests of the data subject or of another natural person make the processing of personal data necessary, Article 6 Paragraph 1 Point (d) GDPR forms the legal basis for this.
Should the processing be necessary in order to safeguard a legitimate interest of our company or of a third party, and should the interests, basic rights and basic freedoms of the data subject not outweigh the above-mentioned interests, Article 6 Paragraph 1 Point (f) GDPR forms the legal basis of the processing.

  1. Data deletion and storage time

The data controller will retain the personal data collected in his computer system and in reasonable security conditions for a duration of: 5 years.

  1. Availability of the website and creation of logfiles
    1. Description and scope of the data processing

Each time our website is accessed, our system automatically records data and information from the accessing computer. During this process, the following data is gathered:

(1) Information concerning the browser type and version used
(2) The user’s operating system
(3) The user’s Internet service provider
(4) The user’s IP address
(5) The date and time of the access
(6) Websites from which the user’s system accesses our website
(7) Websites which are accessed by the user’s system via our website

The data is also stored in the logfiles of our system. This data is not stored together with other personal data of the user.

  1. Legal basis for the data processing

The legal basis for the temporary storage of the data and logfiles is Article 6 Paragraph 1 Point (f) GDPR.

  1. Purpose of the data processing

The temporary saving of the IP address by the system is necessary to deliver the website to the user’s computer. For this purpose, the user’s IP address must remain saved for the duration of the session.
The data is stored in logfiles in order to ensure the functionality of the website. It is also used to optimize the website and for statistical purposes.

  1. Storage time

The data saved in logfiles will be automatically deleted after 14 months.

  1. Right of objection

You can object to the use of cookies by amending the privacy settings on our website.

Should you choose to disable cookies, you can then continue browsing our website. However, we cannot be held liable for possible malfunctions of the website arising from this action.

 

  1. Newsletter, contact-making, support request
    1. Description and scope of the data processing

If you choose to contact us via our website and that you enter your e-mail address and other details, we will then be able to use this information to send you our newsletter.
On our website, it is possible to subscribe to a free-of-charge newsletter. During the registration for the newsletter, the following data is transferred to us:

(1) Email address
(2) Company
(3) First name
(4) Surname

For the processing of the data, your consent is obtained during the registration process and reference is made to this data protection declaration.

No data is disclosed to third parties in connection with the data processing for the sending of newsletters. The data is only used in order to send the newsletter.

 

 

  1. Legal basis for the data processing

The user having given his consent, the legal basis for the data processing following the subscription to the newsletter by the user is Article 6 Paragraph 1 Point (a) GDPR.

3. Purpose of the data processing

The purpose of collecting the user’s e-mail address is to deliver the newsletter.

  1. Storage time

The data is deleted as soon as it is no longer useful for the purpose of its collection, i.e. until the user ceases his professional activity related to our business.

  1. Right of objection

The user can unsubscribe from the newsletter at any time. For this purpose, a relevant link can be found in each newsletter.

XIII. Google Analytics

On this website, the data controller has integrated the Google Analytics components (with anonymization function). Google Analytics is a web analysis service that collects, compiles and assesses data concerning the behaviour of website visitors. Amongst others, a web analysis service records data such as the website (so-called referrer) from which a user came to another website, the subpages of the website that have been visited, for how long and how often.

The operating company of the Google Analytics components is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The purpose of the Google Analytics components is to analyse the user traffic on our website. Amongst others, Google uses the data which is acquired in order to evaluate the use of our Internet sites, to compile online reports for us which state the activities on our Internet sites and to provide other services connected to the use of our Internet site.

Google Analytics sets a cookie on the IT system of the data subject. An explanation of what cookies are is provided above. By means of the setting of the cookie, Google is able to analyse the use of our Internet site. By means of each accessing of the individual pages of this Internet site which is operated by the body responsible for the processing and into which a Google Analytics component was integrated, the Internet browser on the IT system of the data subject is automatically instructed by the respective Google Analytics components to transfer data to Google for the purpose of the online analysis. In the course of this technical process, Google is informed of personal data, such as the IP address of the data subject, which enables Google amongst others to trace the origin of the visitors and clicks and to subsequently carry out commission billing.

By means of the cookie, personal information, such as the time of access, the location from which an access originated and the frequency of the visits to our Internet site by the data subject is saved. Each time our Internet sites are visited, this personal data, including your IP address of the Internet connection used by the data subject, is transferred to Google in the USA. This personal data is saved by Google in the USA. Google may pass this personal data gathered through the technical procedure on to third parties in certain cases.

The data subject can prevent the setting of cookies by our Internet site, as set out above at any time by setting the Internet browser used accordingly and thereby permanently objecting to the setting of cookies. Such a setting of the Internet browser used would also prevent Google setting a cookie on the IT system of the data subject. In addition, a cookie which has already been set by Google Analytics can be deleted at any time via the Internet browser or other software programs.

In addition, the data subject has the option to object to the recording of the data generated by Google Analytics which relates to the use of this Internet site and the processing of this data by Google and to prevent such actions. To do so, the data subject needs to download and install a browser add-on via the following link: https://tools.google.com/dlpage/gaoptout?hl=en. This browser add-on informs Google Analytics via JavaScript that no data and information concerning the visits to Internet sites may be transferred to Google Analytics. The installation of the browser add-on is considered to represent an objection to Google collecting data. Should the IT system of the data subject be subsequently deleted, formatted or re-installed, the data subject needs to install the browser add-on again in order to de-activate Google Analytics. Should the browser add-on be de-installed or de-activated by the data subject or another person under his or her control, it is possible to re-install or re-activate the browser add-on.

Further information and the applicable data protection provisions of Google can be accessed at https://policies.google.com/privacy?hl=en and https://www.google.com/analytics/terms/gb.html.

 

XVIII. Rights of the data subject

Should your personal data be processed, you are a data subject as defined by the GDPR and have the following rights against the controller:

  1. Right of information

You may request confirmation from the controller as to whether personal data relating to you is or is not processed by us.
Should such processing take place, you may request the following information from the controller:

(1) the purposes for which the personal data is processed;

(2) the categories of personal data which are processed;

(3) the recipients or categories of recipients to whom the personal data relating to you has been or will be disclosed;

(4) the planned saving duration of your personal data or, in the absence of concrete information in this respect, the criteria for determining the saving duration;

(5) the existence of a right to have your personal data corrected or deleted, a right to have its processing by the controller restricted and a right to raise an objection to this processing;
(6) the existence of a right to complain to a supervisory authority;

(7) all available information concerning the origin of the data, should the personal data not be obtained from the data subject;

(8) the existence of automated decision making, including profiling, in accordance with Article 22 Paragraphs 1 and 4 GDPR and, at least in such cases, detailed information concerning the involved logic, as well as the extent and expected consequences of such processing for the data subject. You have the right to request information as to whether your personal data is transferred to a third country or an international organisation. In this respect, you can request to be notified of the suitable guarantees in connection with the transfer in accordance with Article 46 GDPR.

  1. Right of rectification

You have the right to claim rectification and/or completion of your personal data from the controller, should this data be incorrect or incomplete. The controller must carry out the correction immediately.

  1. Right of restriction

You may request restriction of the processing of your personal data under the following conditions:

(1) if you dispute the correctness of the personal data relating to you, for a period of time which enables the controller to check the correctness of the personal data;

(2) if the processing is unlawful and you reject the deletion of the personal data, requesting instead that the use of the personal data be restricted;

(3) if the controller no longer needs the personal data for the purposes of the processing, while you still require it in order to assert, exercise or defend legal claims, or

(4) if you have raised an objection to the processing in accordance with Article 21 Paragraph 1 GDPR and it is not yet established whether the controller’s legitimate reasons outweigh your own reasons. Should the processing of your personal data have been restricted, this data, apart from its saving, may only be processed with your consent or to assert, exercise or defend legal claims, to protect the rights of another natural or legal person, or for reasons connected to the public interest of the EU or a Member State.

Should the restriction thus obtained be repealed, you will be notified by the controller before the restriction is lifted.

  1. Right of deletion
    a) Obligation of deletion

You may claim that the controller immediately deletes your personal data in the following cases:

(1) your personal data is no longer necessary for the purpose for which it was gathered or otherwise processed;

(2) you revoke your consent on which the processing was based in accordance with Article 6 Paragraph 1 Letter a) or Article 9 Paragraph 2 Letter a) GDPR and no other legal basis for the processing is present;

(3) you object to the processing in accordance with Article 21 Paragraph 1 GDPR and there is no legitimate compelling reason for the processing, or you object to the processing in accordance with Article 21 Paragraph 2 GDPR;

(4) your personal data has been processed unlawfully;

(5) the deletion of the personal data is necessary to fulfil a legal obligation under EU law or the laws of the Member States to which the controller is subject;

(6) your personal data was gathered in relation to the services offered by the information company in accordance with Article 8 Paragraph 1 GDPR.

  1. b) Information to third parties

Should the controller have made your personal data public and should he be made to delete it in accordance with Article 17 Paragraph 1 GDPR, he shall – given the available technology and implementation costs – take reasonable measures, including technical ones, in order to inform the third parties processing the personal data that you, as a data subject, have requested the deletion of all links to this personal data and the deletion of all copies or reproductions thereof.

  1. c) Exceptions

The right of deletion does not apply should the processing be necessary:

(1) to exercise the right of freedom of expression and the right to information;

(2) to fulfil a legal obligation requiring the processing according to EU law or the laws of the Member State to which the controller is subject, or in order to fulfil a task of public interest or related to the exercise of public authority bestowed upon the controller;

(3) for reasons of public interest related to public health in accordance with Article 9 Paragraph 2 Letters h) and i), as well as Article 9 Paragraph 3 GDPR;

(4) for archiving purposes in the public interest, for scientific or historical research purposes, or for statistical purposes in accordance with Article 89 Paragraph 1 GDPR, insofar as the right referred to in Section a) may prevent or hamper the achievement of the objectives of this processing, or

(5) in order to assert, exercise or defend legal claims.

  1. Right of notification

Should you have claimed your right of rectification, deletion or restriction of the processing against the controller, he shall notify all recipients your personal data was disclosed to of this rectification, deletion or restriction, unless this proves impossible or requires disproportionate effort.

You have the right to be informed of these recipients by the controller.

  1. Right of data portability

You have the right to ask for the personal data you have provided to the controller in a structured, commonly used and machine-readable format. You also have the right to transfer this data to another controller without being hindered by the controller to whom the personal data was provided, as long as:

(1) the processing is based on your consent in accordance with Article 6 Paragraph 1 Letter a) GDPR or Article 9 Paragraph 2 Letter a) GDPR or based on a contract in accordance with Article 6 Paragraph 1 Letter b) GDPR, and

(2) the processing takes place with the assistance of automated procedures. When exercising this right of data portability, you also have the right to have your personal data transferred directly from one controller to another, where technically feasible. This does not infringe other people’s freedoms and rights.

The right of data portability does not apply to the processing of personal data which is necessary in order to fulfil a task of public interest or related to the exercise of public authority bestowed upon the controller.

  1. Right of objection

For reasons related to your specific situation, you have, at any time, the right to object to the processing of your personal data in accordance with Article 6 Paragraph 1 Letter e) or f) GDPR; this also applies to any profiling based on these provisions.

The controller shall no longer process your personal data, unless he can demonstrate legitimate compelling reasons for the processing which outweigh your interests, rights and freedoms, or if the purpose of the processing is the assertion, exercising or defence of legal claims.

Should your personal data be processed in order to carry out direct advertising, you have, at any time, the right to object to the processing of your personal data for the purposes of such direct advertising; this also applies to the profiling, should it be connected to such direct advertising.

Should you object to the processing for purposes of direct advertising, your personal data will no longer be processed for such purposes.

In connection with the use of services of the information company, and regardless of Directive 2002/58/EC, you have the option to exercise your right of objection by means of automated procedures using technical specifications.

  1. Withdrawal of consent in data protection

You have the right to withdraw your consent in the field of data protection at any time. Withdrawal of consent does not affect the lawfulness of the processing which took place prior to such withdrawal.

  1. Automated individual decision making, including profiling

You have the right not to be subjected to a decision based exclusively on automated processing, including profiling, having legal effect on you or affecting you significantly in a similar way. This does not apply where the decision:

(1) is necessary in order to conclude or fulfil a contract between yourself and the controller;

(2) is permitted by legal regulations of the EU or of the Member State to which the controller is subject, already providing reasonable measures to protect your rights and freedoms as well as your legitimate interests, or

(3) is based on your express consent.

However, these decisions may not be based on special categories of personal data under Article 9 Paragraph 1 GDPR, unless Article 9 Paragraph 2 Letter a) or Letter g) applies and reasonable measures have been taken to protect the rights and freedoms, as well as your legitimate interests.

In the cases referred to in (1) and (3), the controller shall take reasonable measures to protect the rights and freedoms as well as your legitimate interests, where as a minimum this includes your right to human intervention from the controller, the right to express your opinion and to challenge the decision.

  1. Right to complain to a supervisory authority

Regardless of any other administrative or legal remedy, you have the right to complain to a supervisory authority, in particular in the Member State of your residence area, your working place or the location of the alleged breach, should you feel that the processing of your personal data breaches the GDPR. The supervisory authority to which the complaint was submitted shall keep the complainant informed of the status and results of the claim, including of the option of legal remedy before a court in accordance with Article 78 GDPR.

As of: January 2020