GDPR - General Data Protection Regulation
TOPSEC is committed to preserving the confidentiality of your personal data and attaches great importance to protecting the privacy of users of its services.
1. PERSONAL DATA MANAGEMENT
Any natural person browsing the www.topsec.fr website (hereinafter “the User”) is informed of TOPSEC’s application of regulations concerning marketing communications, the Law of June 21, 2014 for confidence in the Digital Economy, the Data Protection Law of August 06, 2004 as well as the General Data Protection Regulation (RGPD: n° 2016-679).
1.1 DATA CONTROLLER
For personal data processed in connection with browsing the TOPSEC website www.topsec.fr (hereinafter referred to as “the Site”), the party responsible for processing personal data is :
TOPSEC, SAS with a capital of 2 743 912 euros
SIRET : 79316553100013
Head office: 19 rue de la baignade 94400 Vitry-sur-Seine France
Represented by Thierry ALIMONDO, President.
Email : email@example.com
Telephone number : 01 58 68 20 50
As the party responsible for processing the personal data collected, TOPSEC undertakes to comply with the legal provisions in force.
In particular, it is its responsibility to establish the purposes of its data processing, to provide Users with full information on the processing of their personal data and to maintain a register of processing in accordance with reality.
Whenever TOPSEC processes personal data, TOPSEC takes all reasonable steps to ensure that the personal data is accurate and relevant to the purposes for which TOPSEC processes it.
1.2 CATEGORIES OF PERSONAL DATA COLLECTED AND PURPOSE OF PROCESSING
TOPSEC may collect the following personal data concerning the User:
-identification data (surname, first name, etc.),
contact details (postal address, telephone number, e-mail address, etc.),
-professional data (CV, name of employer, etc.)
-bank details, where applicable, for the purposes of processing customer complaints.
TOPSEC may process all or part of Users’ personal data:
-to enable browsing on the Site, management and traceability of information relating to use of the Site by the User: connection data and use of the Site, etc.
-to prevent and combat computer fraud (spamming, hacking, etc.): computer equipment used for browsing, IP address, etc.
-to improve navigation on the Site: connection and usage data
to conduct optional satisfaction surveys on TOPSEC: e-mail address
to carry out communication campaigns (sms, e-mail): telephone number, e-mail address
to process on-line applications for possible recruitment: CV, cover letter, etc.
TOPSEC does not sell the User’s personal data to third parties, which is used solely for the purposes set out above.
The legal basis for this processing is :
-the consent of the User for the deposit of cookies,
-TOPSEC’s legitimate interest in combating computer fraud, carrying out satisfaction surveys and communication campaigns, as well as receiving job applications from Users,
-the performance of a contract to which the User is a party, in particular the management of any complaints made via the Site.
1.3 SHELF LIFE
Personal data is kept by TOPSEC for as long as is necessary to meet the above-mentioned purposes.
Personal data used to manage the relationship with a User-customer will be kept for 3 years after the end of the commercial relationship, with the exception of bank details that may be collected, which are kept for a maximum of 13 months from the date of debit, in accordance with article L133-24 of the Monetary and Financial Code.
Data collected during commercial prospecting operations will also be kept for 3 years after the last contact.
The personal data of Users applying for a job with TOPSEC via the Site will not be kept beyond the time strictly necessary to evaluate applications with a view to potential recruitment.
Concerning the personal data of deceased Users, subject to TOPSEC being informed, they will only be processed within the framework of the organization and settlement of the deceased’s estate and for the purposes of establishing, exercising and defending their legal rights, unless specific instructions are made known to TOPSEC.
At the end of these periods, personal data will be deleted from the active databases and, if necessary, archived in an intermediate database for a period not exceeding the five-year statutory limitation period or the applicable archiving obligations. Once this period has expired, the personal data will be destroyed.
1.4 USER RIGHTS
In accordance with current regulations, Site Users have the following rights concerning the processing of their personal data:
-the right to access and rectify personal data concerning them
-the right to erase personal data for one of the reasons set out in Article 17 of the RGPD,
-right to withdraw consent at any time, in particular to the sending of commercial prospecting and the deposit of cookies,
-the right to limit the processing of personal data under the conditions provided for in Article 18 RGPD
-right to object to the processing of personal data under the conditions provided for by Article 21 RGPD.
If the User wishes to exercise his/her rights, he/she may contact TOPSEC in writing at the following address: TOPSEC : 19 rue de la baignade 94400 Vitry-sur-Seine
In this case, the User must indicate the right(s) he/she wishes to exercise, identifying himself/herself precisely with a copy of an identity document (identity card or passport).
Requests for the deletion of personal data may be refused or limited for reasons relating to the obligations imposed on TOPSEC by law, in particular with regard to the retention or archiving of documents.
Finally, Users of the Site may lodge a complaint with the supervisory authorities, in particular the CNIL (https://www.cnil.fr/fr/plaintes).
1.5 RECIPIENTS AND NON-TRANSFER OF PERSONAL DATA OUTSIDE THE EUROPEAN UNION
TOPSEC refrains from processing, hosting or transferring personal data collected on its Users to a country located outside the European Union or recognized as “non-adequate” by the European Commission without informing Users in advance. For all that, TOPSEC remains free to choose its technical and commercial subcontractors, provided that they present sufficient guarantees with regard to the requirements of the General Data Protection Regulation (RGPD: n° 2016-679).
The User’s personal data may be communicated to TOPSEC subsidiaries and its subcontractors (service providers), exclusively in order to achieve the purposes set out in this policy.
Within the limits of their respective attributions and for the purposes recalled above, the main persons likely to have access to Users’ personal data are mainly TOPSEC’s authorized personnel.
2. INCIDENT NOTIFICATION - PERSONAL DATA SECURITY
TOPSEC undertakes to take all necessary precautions to preserve the security of personal data and in particular to ensure that it is not communicated to unauthorized persons. However, no method of transmission over the Internet and no method of electronic storage is completely secure. TOPSEC therefore cannot guarantee absolute security. In the event of an incident affecting the integrity or confidentiality of Users’ personal data, TOPSEC will notify the CNIL within 72 hours. If necessary, TOPSEC will also inform the User(s) within a reasonable time and communicate the corrective measures taken to remedy the incident.
To ensure the security and confidentiality of personal data, TOPSEC uses standard protection devices such as pseudonymization and passwords.
When processing personal data, TOPSEC takes all reasonable steps to protect it against loss, misuse, unauthorized access, disclosure, alteration or destruction.
3. « COOKIES » and BALISES (“TAGS”) INTERNET
WHAT IS A COOKIE?
The CNIL (www.cnil.fr) defines cookies as follows:
“A cookie is a piece of information deposited on your hard disk by the server of the site you are visiting. The purpose of a cookie is to collect information about your browsing habits and to deliver content and services tailored to your interests. It contains several pieces of information: the name of the server that placed it, an identifier in the form of a unique number, possibly a cookie expiry date…
This information is sometimes stored on your computer in a simple text file, which a server accesses to read and record information.
Specifically, when you visit the Site, “cookies” may be stored on your terminal (your computer, tablet, smartphone, etc.).
A cookie is a small stored text file containing a list of characters that are downloaded to your terminal during your visit. Cookies are then sent back to our Site on each of your subsequent visits, or to another site that recognizes these cookies.
COOKIES ON OUR SITE
The cookies present on our Site are used for audience measurement purposes. More specifically, these cookies are intended to establish the volume of visitors and compile statistics on the number of visitors to our site, the different sections consulted and the elements used.
COOKIE DEPOSIT MANAGEMENT
The legal basis for cookies is the User’s consent.
Once accepted by the User, cookies are stored for a maximum of 13 months from the date of their first deposit. This period is not extended by further visits by the User.
The deposit of cookies on your terminal requires your consent. As soon as you arrive on our Site, an information banner indicates that we use this technology and that by continuing your navigation, you accept the deposit of cookies on your terminal.
You can refuse the deposit of cookies at any time by configuring your Internet browser as follows:
Internet Explorer: https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies – Microsoft Internet Explorer: https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies
Microsoft Edge: https://privacy.microsoft.com/fr-fr/windows-10-microsoft-edge-and-privacy
-Google Chrome: https://support.google.com/chrome/answer/95647?hl=fr&hlrm=en
-Safari Mac: https://support.apple.com/kb/PH21411?locale=fr_FR&viewlocale=fr_FR
Safari iPhone / iPad: https://support.apple.com/fr-fr/HT201265
Firefox : https://support.mozilla.org/fr/kb/activer-desactiver-cookies-preferences?redirectlocale=fr&redirectslug=Activer+and+d%C3%A9sactivate+the+cookies
Some browsers also offer a “Do not track” option.
3.2 BALISES (“TAGS”) INTERNET
TOPSEC may from time to time employ web beacons (also known as “tags”, action tags, single-pixel GIFs, clear GIFs, invisible GIFs and one-to-one GIFs) and deploy them through a specialist web analytics provider, and thus store the corresponding information, including the User’s IP address which constitutes personal data.
This technology enables TOPSEC to evaluate the User’s responses to the Site and the effectiveness of its actions (for example, the number of times a page is opened and the items consulted), as well as the User’s use of the Site.
The external service provider may collect information on Users of the Site and other Internet sites thanks to these tags, compile reports on Site activity for TOPSEC, and provide other services relating to the use of the Site and the Internet more generally.
© TOPSEC HOLDING