COMPAGNIE DAHER, Société Anonyme, registered under number 054 807 284 RCS Marseille, with registered office at 59 Boulevard Perier, 13002 Marseille (France) and its subsidiaries in France and abroad (hereinafter “DAHER”) may process personal data (“Personal Data”) in the course of its business activities.
- This Personal Data Protection Policy (the “Policy”) describes how DAHER collects, uses, and processes your personal data, in compliance with applicable regulations. Your privacy is important to DAHER and we are committed to protecting and preserving your rights to data confidentiality.
- This Policy applies to personal data that we may collect from our customers, suppliers, and service providers in the course of carrying out all types of commercial contracts. It also applies to the personal data of the Group’s employees in the context of personnel management, of users of our various websites, of persons wishing to apply for our job offers, and of all other persons whom we may legitimately contact in the context of the DAHER Group’s activities.
- Within the meaning of applicable data protection legislation (including the General Data Protection Regulation (Regulation (EU) 2016/679 known as “RGPD”) and French law n°78-17 of January 6, 1978, as amended or any other national law applicable in this area (together, the “Regulation”), Compagnie Daher S.A., or one of its subsidiaries, is considered to be the data controller.
- DAHER may modify this Policy from time to time. Please visit this page regularly to consult any changes we may publish.
- This Policy applies in the countries where DAHER operates. However, the approach to data confidentiality may differ slightly from one country to another.
- This Policy is intended to apply to all DAHER Group subsidiaries in France and abroad.
1. SCOPE OF THIS PRIVACY POLICY
This Policy sets out the principles and guidelines for the protection of your Personal Data.
The term personal data (“Personal Data”) refers to any information relating to a natural person who is identified or identifiable directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.
2. DATA COLLECTED
The Personal Data we may collect varies according to the purpose of the processing. Its main purpose is to identify individuals in the context of their relations with DAHER. In any event, the Personal Data collected will be limited to that necessary for the purposes set out in Article 4 below.
Note to visitors and users of our websites[1]: certain functions and features of our websites can only be used if certain Personal Data is provided. The user is free to choose whether or not to provide all or part of the Personal Data requested. However, if the user decides not to provide them, such a decision may prevent the satisfactory achievement of the objectives described in Article 4 below, certain services and features of our websites may not function properly, and/or the user may be denied access to certain pages of the sites.
Customer data
The data we collect about our customers is limited. As a general rule, we require the contact details of our customers or prospects (in particular their name, position or title, telephone number, e-mail, and postal address) to be able to execute contracts concluded with our customers or to exchange information with a prospect, in particular to draw up a sales proposal. In the context of customer satisfaction surveys, we also hold information relating to customer needs or constraints, which we may then use to ensure that our marketing communications to you are relevant and timely. We may also hold additional information that our customer contacts have chosen to share with us. In certain circumstances, when you interact with some of our services or directions, our calls may be recorded, depending on applicable local laws and requirements.
Data relating to suppliers and service providers
We also collect data about our suppliers and service providers. To manage our business relations properly, we collect information about our contacts within the supplier or service provider company, such as their name, position or title, telephone number, e-mail, and postal address. We may also hold additional information that our contacts within the supplier or service provider company have chosen to disclose to us.
Data relating to personnel management
We may collect various types of information from candidates applying for DAHER job vacancies, enabling us to analyze all applications, including identity, personal details, professional background, qualifications, and motivations.
DAHER also collects all information required for the proper management of its personnel, including identity, marital status, personal details, professional background, diplomas, bank details, social security, payroll, and administrative information under legal and regulatory provisions.
Data relating to users of our various websites
We collect personal data from users of our various websites, which we use to improve the use of our sites and to manage the services we provide. This information includes how our sites are used, the frequency with which users access them, their browser type, the location from which you visit our sites, the language in which you choose to view them, and the times when our sites are most visited.
3. PROTECTION OF THE PERSONAL DATA OF MINORS
DAHER’s products and services are reserved for people of legal age and are not intended to be marketed to minors, and DAHER does not voluntarily collect or retain Personal Data from minors, except in the context of information relating to the management of its personnel.
4. PURPOSES OF PERSONAL DATA COLLECTION
Personal Data is collected for DAHER’s business, such as the performance of contracts entered into with our customers, suppliers, and other service providers or any third party, for our legitimate interests or compliance with the reporting obligations provided for by law, as well as for the recruitment of employees and the management of DAHER employees.
DAHER collects and uses Personal Data for its business and in particular to enable the following activities to be carried out:
- to enable our contacts to request and obtain information about DAHER, our products, and our services;
- prepare and submit commercial offers, participate in calls for tender;
- enable us to monitor our commercial and contractual relations (orders, quotations, invoices, provision of equipment, technical assistance, management of any technical disputes, etc.);
- conduct customer satisfaction surveys;
- promote our services to existing and prospective customers;
- offer our contacts or prospects the opportunity to take part in events organized by DAHER at trade fairs, seminars, or professional events;
- issue invitations to tender and monitor commercial and contractual relations with suppliers, subcontractors, and service providers;
- carry out quality audits;
- to fulfill our contractual obligations;
- assert our rights;
- manage unsolicited applications or applications in response to job offers;
- manage DAHER’s human resources;
- processing requests to exercise your rights;
- comply with our legal obligations;
- any other purpose related to DAHER’s activities.
Subject to applicable local legislation, by providing your e-mail address, you expressly authorize DAHER and its subsidiaries to use it together with other relevant Personal Data to send you messages for promotional or institutional purposes.
Where appropriate and under local laws and requirements, we may obtain further information as part of third-party market research or analysis and online and offline media analysis (which we may carry out ourselves or through other companies).
A “cookie” is a small data file that is stored on your computer’s hard drive and records your browsing on a website so that the next time you visit the site, it can present you with personalized options based on the information stored about your last visit. Cookies can also be used to analyze traffic and for advertising and marketing purposes.
Almost all websites use cookies, and they do not damage your system. If you wish to check or modify the types of cookies you accept, you can do so by modifying your browser settings.
How do we use cookies?
We use cookies to statistically track the use of our site. This enables us to understand how you use the site and to track trends observed among individuals or larger groups. This enables us to develop and improve our site and services in response to the wishes and needs of our visitors;
There are two types of cookies:
- Session cookies: these are cookies that are stored on your computer only during your web session and are deleted automatically when you close your browser – they usually store an anonymous session ID allowing you to visit a site without having to log in again on each page, but they do not collect any information about your computer; or
- Persistent cookies: a persistent cookie is stored as a file on your computer and remains there when you close your browser. The cookie is readable by the website that created it when you visit that site again. We use persistent cookies for Google Analytics and personalization.
Cookies can also be categorized as follows:
- Strictly necessary cookies: These cookies are essential to enable you to use the website effectively and therefore cannot be deactivated. Without these cookies, the services available to you on our websites cannot be provided. These cookies do not collect any information about you that could be used for commercial purposes or to remember the pages you have visited on the Internet.
- Performance cookies: These cookies enable us to monitor and improve the performance of our website. For example, they enable us to count visits, identify traffic sources, and see which parts of the site are most visited.
- Functionality cookies: These cookies enable our sites to remember the choices you make (username, language, country, etc.) and to provide enhanced functionality. These cookies may also be used to remember changes you make to text size, font, and other elements of web pages that you can personalize. They may also be used to provide services you have requested, such as viewing a video or posting comments on a blog. The information these cookies collect is generally rendered anonymous.
- Personalization cookies: These cookies enable us to communicate information about rental solutions that may be of interest to you. These cookies are persistent (for as long as you are registered with us), which means that when you log in or return to the site, you may see rental offers that are similar to those you have previously viewed.
6. RECIPIENTS OF YOUR PERSONAL DATA, PROCESSING CONDITIONS AND RETENTION PERIOD
The recipients of your Personal Data are the relevant departments of the data controller, i.e. Compagnie DAHER or, where applicable, one of its subsidiaries.
Our partners may also be recipients of your Personal Data.
DAHER may also use trusted third parties such as IT service providers, who may then be recipients of Personal Data.
Finally, DAHER may also share Personal Data with subsidiaries of the DAHER Group.
Some of these trusted third parties may be located outside the European Union. Where necessary, appropriate safeguards have been taken, in particular through the implementation of standard data protection clauses adopted by the European Commission.
The “processing” of Personal Data includes in particular the use, storage, recording, transfer, adaptation, analysis, modification, reporting, sharing, and destruction of Personal Data as necessary in the light of the circumstances or legal requirements.
We retain your Personal Data for as long as is necessary for the purposes for which it was collected and processed.
7. TRANSFER OF PERSONAL DATA
To offer you the best possible services and to meet the purposes set out in this Privacy Policy, your Personal Data may be transferred :
- between and within DAHER Group entities in France and abroad, or • to third parties (such as consultants or other suppliers or subcontractors), or
- to one or more cloud-based storage providers.
DAHER may disclose your Personal Data if required to do so by law or if DAHER believes in good faith that such disclosure is reasonably necessary to comply with legal process (for example, a warrant, subpoena, or other court order) or to protect the rights, property or safety of DAHER employees, our customers or the public.
We are committed to ensuring that your Personal Data is stored and transferred securely. Accordingly, we will transfer data outside the European Economic Area or EEA (comprising the member states of the European Union, plus Norway, Iceland, and Liechtenstein) only to countries whose legislation is protective of personal data and where the means of transfer ensure adequate protection of your data.
To ensure that your Personal Data receives an adequate level of protection, we implement appropriate procedures with the third parties with whom we share your Personal Data to ensure that your personal information is processed by these third parties in a consistent manner and compliance with Data Protection Regulations and legislation.
8. YOUR RIGHTS REGARDING DATA
The following is a list of your rights concerning the Personal Data we process as data controller:
Right to object
You may object to our processing of your Personal Data at any time.
Your request to object will be dealt with promptly and we will cease the activity to which you object. Nevertheless, we reserve the right not to cease the activity in question if :
- we can demonstrate that we have compelling legitimate grounds for processing your data which override your interests; or
- we process your data for the establishment, exercise, or defense of legal claims.
If your refusal relates to direct marketing, we must act under your opposition by ceasing this activity as far as you are concerned.
Right to withdraw consent
If we have obtained your consent to process your Personal Data for certain activities other than those for which no consent is required, you may withdraw this consent at any time and we will cease to carry out the particular activity to which you had consented, unless we consider that there is another reason justifying our continued processing of your data for this purpose, in which case we will inform you of this situation.
Requests for access
You may at any time ask us to confirm the information we hold about you, and you may ask us to amend, update, or delete it. We may ask you to verify your identity and request further information about your request. If we give you access to the information we hold about you, we will not charge you for that access unless your request is “manifestly unfounded or excessive”. If you request further copies of this information, we may charge you a reasonable administration fee where permitted by law. Where permitted by law, we may refuse your request. If we do so, we will always justify our refusal.
Please note that in some of the countries in which we operate, we are subject to specific local legal requirements regarding requests for access from data subjects and may therefore refuse your request under these laws.
Right to erasure
You have the right to request that we delete your Personal Data in certain circumstances. In principle, the information in question must meet one of the following criteria:
- the data is no longer necessary for the purposes for which it was originally collected and/or processed;
- you have withdrawn your consent to the processing of your data and there is no other valid reason for us to continue processing it;
- the data has been processed unlawfully;
- the data must be erased to comply with our legal obligations as a data controller; or
- if we process the data because we believe it is necessary for our legitimate interests, you object and we are unable to demonstrate that there is a legitimate and compelling reason to continue processing.
Please note that in some of the countries in which we operate, we are subject to specific local legal requirements regarding the data subject’s right to erasure and may therefore refuse your request under such local laws.
We would be entitled to refuse to respond to your request only for one of the following reasons:
- to exercise the right to freedom of expression and information;
- to comply with legal obligations;
- for public health reasons in the public interest; • for archival, research, or statistical purposes; or
- to exercise or defend a legal right.
When we respond to a valid request for deletion of data, we take all appropriate practical steps to delete the data.
Right to limit processing
You have the right to request that we restrict the processing of your Personal Data in certain circumstances. This means that we may only continue to retain your data and may only carry out further processing activities in one of the following cases: (i) resolution of one of the circumstances listed below; (ii) your consent; or (iii) further processing is necessary for the establishment, exercise or defense of legal claims, for the protection of the rights of another person, or on important grounds of public interest of the European Union or a Member State.
The cases in which you are entitled to request that we restrict the processing of your Personal Data are as follows:
- when you dispute the accuracy of the data we process about you. In this case, our processing of your data will be limited for the duration of the verification of the accuracy of the data;
- when you object to our processing of your data for our legitimate interests. You may request that the data be restricted while we verify our reasons for processing your Personal Data;
- when your data has been unlawfully processed by us, but you simply prefer that we restrict its processing rather than erase it; and
- when we no longer need to process your data but you request it to establish, exercise, or defend legal claims.
If we have communicated your Personal Data to third parties, we will inform them of the limited processing unless this proves impossible or involves disproportionate effort. We will, of course, inform you before lifting any restrictions on the processing of your data.
Right of rectification
You also have the right to request that we rectify inaccurate or incomplete Personal Data that we hold about you. If we have communicated such data to third parties, we will inform them of the rectification unless this proves impossible or involves disproportionate effort. Where applicable, we will also inform you of the third parties to whom we have disclosed such inaccurate or incomplete data. If we believe it is reasonable not to comply with your request, we will give you the reasons for this decision.
Right to data portability
If you wish, you have the right to transfer your Personal Data from one data controller to another. In practical terms, this means that you can transfer the data to another online platform. To enable you to do this, we will provide you with your data in a readable format. This right of portability applies to the following Personal Data: (i) data that we process automatically (i.e. without human intervention); (ii) data that you provide; and (iii) data that we process based on your consent or as part of the performance of a contract.
Right to define instructions in the event of death
In France, if you so wish, you also have the right to define directives concerning the fate of your Personal Data in the event of your death.
Right to complain to a supervisory authority
You also have the right to complain to your local supervisory authority. In France, this is the Commission Nationale de l’Information et des Libertés (CNIL), which you can contact online (www.cnil.fr) or by post.
The personal information we hold about you must be accurate. Please inform us of any changes to your personal information during the period in which we hold your data.
To exercise your rights, please contact DAHER using the contact details set out in paragraph 11 below.
9. SECURITY AND DATA RECIPIENTS
If you suspect any misuse, loss, or unauthorized access to your Personal Data, please inform us as soon as possible.
DAHER has implemented appropriate Personal Data protection measures to ensure that Personal Data is used for the above-mentioned purposes and to ensure that it is accurate and up-to-date.
We undertake to take all reasonable and necessary measures to protect the Personal Data we hold from misuse, loss, alteration, disclosure, destruction, or unauthorized access. To this end, we have at our disposal a range of appropriate technical and organizational measures. These may include measures to deal with suspected data breaches.
As all Personal Data is confidential, access to it is limited, as mentioned in paragraph 6.1 above, to DAHER Group employees, service providers, and agents who need it to carry out their duties. All persons having access to your Personal Data are bound by an obligation of confidentiality and may be subject to disciplinary measures and/or other sanctions if they fail to comply with these obligations.
10. DISPUTE RESOLUTION
Although DAHER has taken reasonable measures to protect Personal Data, no transmission or storage technology is infallible.
However, DAHER is committed to ensuring the protection of Personal Data. If you have reason to believe that the security of your Personal Data has been compromised or that it has been misused, you are invited to contact DAHER using the contact details stipulated in paragraph 11 below.
DAHER will investigate complaints concerning the use and disclosure of Personal Data and will attempt to resolve them under the principles set out in this Policy.
Unauthorized access to or misuse of Personal Data may constitute an offense under local law.
11. CONTACT
If you have any questions concerning this Policy, if you wish to stop receiving information from DAHER, or if you wish to exercise your rights under paragraph 8 above, you may contact the DAHER Group at the following addresses:
- by post to the following address: DAHER Data Protection Officer – Immeuble Belaia, 7 avenue de l’Union – 94390 Orly (France), or
- by e-mail to the following address: DPO@daher.com
12. REVISIONS TO THE PERSONAL DATA PROTECTION POLICY
This Policy may be updated according to DAHER’s needs and circumstances or if required by law or regulation. We therefore invite you to take note of any updates regularly.