In French
1. Nature of personal data collected
The Provider undertakes to collect only adequate, relevant, and limited personal data necessary for the purposes for which they are processed. No personal data considered « sensitive, » such as racial or ethnic origin, political, philosophical, or religious beliefs, shall be requested or collected from the Client.
The Client is hereby informed that the personal data indicated as mandatory on the forms and collected within the scope of the service described herein are necessary for the provision of the Service.
The personal data of the Client that the Provider may collect from them may include:
– Name and surname
– Professional email address
– Professional phone number(s)
– Gender
– Function or role
– Professional address.
2. Purpose of processing personal data
Personal data may be collected and used by the Provider to enable the provision of services and may be transmitted to companies responsible for managing, executing, and processing payment transactions.
The collected data may also be used for managing business relationships, establishing statistics, conducting market and behavioral studies, and allowing the Provider to improve and personalize the services.
3. Retention, security, and confidentiality of personal data
The collected personal data are processed and stored in conditions aiming to ensure their security and are retained for the strictly necessary duration to achieve the purposes mentioned in Article 2 above.
This duration will not exceed 3 years after the last order or the last exchange related to a task, respectively 2 years after the last request for a price or any other contact.
Beyond this period, the data will be kept solely for statistical purposes and will not be exploited in any way.
These data may also be retained for security and preservation purposes to comply with legal and regulatory obligations to which the Provider is subject.
The Provider commits to implementing technical and organizational security measures to ensure the security, integrity, and confidentiality of all personal data, to prevent them from being distorted, damaged, or accessed by unauthorized third parties.
However, it is specified that no security measure is infallible, and the Provider cannot guarantee absolute security for the Client’s personal data.
4. Transfer of personal data
Personal data may be transferred to countries located outside the European Union (such as the USA for data backup purposes).
In accordance with the GDPR, all transfers of personal data to a country outside the European Union and/or not offering a level of protection deemed sufficient by the European Commission have been subject to cross-border flow agreements compliant with the standard contractual clauses issued by the European Commission.
Unless a third party asks the Client to accept its own privacy policy and terms of use, third-party companies that have received communication of the User’s personal data have committed to process this data solely for the implementation of the Provider’s services.
The Provider undertakes never to share the Client’s personal data with third-party companies for marketing and/or commercial purposes without obtaining their prior consent.
However, the Provider may disclose the Client’s personal data to administrative or judicial authorities when such disclosure is necessary for the identification, apprehension, or prosecution of any individual likely to harm the rights of the Provider, another client, or a third party. The Provider may also be legally required to disclose the User’s personal data and cannot oppose such disclosure in such cases.
5. Client’s rights concerning their personal data
In accordance with the GDPR, every Client has the right to access, rectify, and erase their personal data, which they can exercise directly with the Provider by contacting them at the email address contact@ehs3frontieres.eu or the following postal address: 55 rue de Luxembourg, L-4391 Pontpierre, and attaching a copy of an identity document to their request.
Moreover, within the limits set by the law, the Client also has the right to object to the processing, restrict it, decide on the post-mortem fate of their data, withdraw their consent at any time, and have the right to data portability of the provided personal data.