Privacy Policy

Privacy Policy

ARTICLE 1: PREFACE

This privacy policy is applicable to the website axandus.com.

The purpose of this privacy policy is to explain to users of the website:

How their personal data is collected and processed. This shall include any data through which a user may be identified, such as a user’s full name, their age, their home address, their email address, their location or their IP address What rights users have with regard to this data Who is responsible for processing the personal data that is collected and processed Who this data is shared with The site’s policy in relation to cookies.

ARTICLE 2: GENERAL PRINCIPLES FOR DATA COLLECTION AND PROCESSING

In accordance with article 5 of the GDPR (EU regulation 2016/679), the following principles will be adhered to in the context of collecting and processing user data:

Legality, loyalty and transparency: users must give their consent for their data to be collected and processed. Each time personal data is collected, users will be informed that their data is being collected and told why their data is being collected Limited purposes: data is collected and processed in order to meet a set number of objectives outlined in these terms and conditions of use Data minimisation: only data required for the site’s stated objectives will be collected Shortened data retention period: data will be retained for a limited time only, which users will be made aware of. The integrity and confidentiality of data that is collected and processed: the data controller will commit to ensuring the integrity and the confidentiality of all data collected.

In order to conform to the requirements of article 6 of the GDPR (EU regulation 2016/679), data may only be collected and processed if at least one of the following conditions is met:

The user has given their express consent Processing is necessary in order for a contract to be properly executed Processing meets a legal obligation Processing is required for the purposes of protecting the personal interests of the individual in question or any other natural person Processing may be required for the purposes of executing a public interest mission or a mission undertaken by a public authority The collection and processing of personal data is required for the legitimate and private interests pursued by the data controller or by a third-party.

ARTICLE 3: PERSONAL DATA COLLECTED AND PROCESSED WHILE BROWSING THE SITE

A. DATA COLLECTED AND PROCESSED AND HOW IT IS COLLECTED

The following personal data will be collected on the website axandus.com:

First name, surname, email address, phone number, home address, location

This data will be collected each time a user does one of the following on the site:

When a user uses the form to contact us

The data controller will retain all of the data collected in their IT systems for a duration of 2 years, providing reasonable security.

Data collection and processing is for the following purposes:

Job applications and requests for information

B. SHARING DATA WITH THIRD PARTIES

Personal data collected by the site will not be shared with any third parties and will only be processed by the website’s publisher.

C. DATA HOSTING

The website axandus.com is hosted by OVH, whose head office is located at

2 Rue Kellermann – 59100 Roubaix – France

You can contact the host using the following number: +33 9 72 10 10 07

Data collected and processed by the site is hosted and processed exclusively in France.

ARTICLE 4: THE DATA CONTROLLER

A. THE DATA CONTROLLER

The data controller is the IT manager. They can be contacted via the following:

by email at: corinne.coche@axandus.com

The data controller will be responsible for determining the aims and the means made available for the processing of personal data.

B. DATA CONTROLLER RESPONSIBILITIES

The data controller shall make a commitment to protecting all personal data that is collected. They will not share data with any third parties without the user having been informed and will adhere to the purposes for which the data was collected.

The data controller shall also commit to notifying the user in the event of their data being corrected or deleted, unless the costs and procedures involved in this are disproportionate.

In the event of the integrity, the confidentiality or the safety of the user’s personal data being compromised, the data controller shall commit to notifying the user by whichever means.

ARTICLE 5: USER RIGHTS

In accordance with the data protection regulation, users have the following rights.

In order for the data controller to honour requests, users must share their full name and email address.

The data controller must give the user a reply within 30 (thirty) days.

A. USER RIGHTS IN RELATION TO DATA COLLECTION AND PROCESSING

a. The right to access, rectification and erasure

Users have the right to consult, update, modify or request the erasure of data concerning them, a right they may exercise by doing the following:

Users must send an email to the data controller, stating the reason for their request and using the contact email address listed above.

B. THE RIGHT TO DATA PORTABILITY

Users have the right to request the portability of any personal data held by the site in order for it to be moved to another site, a right they may exercise by doing the following:

Users must send an email to the data controller using the above address in order to request the portability of their data.

C. The right to restriction of processing and the right to object

Users have the right to request the restriction of processing or to object to their data being processed by the site. The site will only be able to refuse this if they can prove legitimate, urgent grounds, overriding the user’s interests, rights and freedoms.

In order to request the restriction of processing or to object to their data being processed, users must:

Send an email to the data controller using the above email address in order to request the restriction of the processing of their data.

d. The right not to be subject to a decision based solely on automated processing

In accordance with the terms of the GDPR (regulation 2016/679), users have the right not to be subject to a decision based solely on automated processing if the decision produces legal effects concerning them or similarly significantly affects them.

e. The right to determine what happens to data after death

Users are reminded that they must make arrangements for what is to happen to their data in the event of their death, in accordance with law n°2016-1321 from 7th October 2016.

f. The right to refer to the competent supervisory authority

In the event of the data controller deciding not to respond to a request made by a user, and the user wishing to contest this decision, or if they feel that any of the rights outlined above have not been respected, they shall have the right to refer to the CNIL (the French Data Protection Authority, https://www.cnil.fr) or any other competent judge.

B. THE PERSONAL DATA OF MINORS

In accordance with article 8 of the GDPR (EU regulation 2016/679) and the French Data Protection Law, only minors aged 15 or above may consent to their personal data being processed.

If the user is a minor under the age of 15, approval from a legal representative will be required in order for their personal data to be collected and processed.

The website’s publisher reserves the right to use whichever means in order to verify that the user is older than 15 or that they have been granted approval from a legal representative allowing them to browse the site.

ARTICLE 6: MODIFICATIONS MADE TO THE PRIVACY POLICY

This privacy policy is available to view at any time at the address below:

axandus.fr

The website’s publisher reserves the right to make modifications and to ensure it conforms to applicable laws.

As a consequence, users are encouraged to regularly consult this privacy policy in order to ensure that they are up to date with any changes that may be made to it.

Users should note that the privacy policy was last updated on 27/8/2018.