Privacy policy
Personal data management
The customer is informed of the regulations concerning marketing communications, the law of 21 June 2014 for confidence in the Digital Economy, the Data Protection Act of 06 August 2004 and the General Data Protection Regulation (RGPD: n° 2016-679).
Person responsible for collecting personal data
Keys 4 Sea is responsible for processing the personal data collected during the creation of the user’s personal account and during browsing on the site.
As the party responsible for processing the data it collects, it undertakes to comply with the legal provisions in force. It is the responsibility of Keys 4 Sea to establish the purpose of data processing and thus to provide its customers and prospects with full information on the processing of their personal data and to maintain an accurate data processing register.
Whenever we process personal data, we take all reasonable steps to ensure that it is accurate and relevant to the purposes for which it is processed.
Purposes of the collected data
Our site may process some or all of the following data:
– To facilitate browsing and management of the site and the traceability of services ordered by the user: site connection and usage data, invoicing, order history, etc.
– To prevent and combat computer fraud
– To improve navigation on the site: connection and usage data, etc.
– To conduct optional satisfaction surveys: e-mail address
– To conduct communication campaigns (sms, e-mail): telephone number, e-mail address, etc.
We do not sell your personal data, which is therefore only used where necessary or for statistical and analysis purposes.
.
Right of access, rectification and deletion
In accordance with current European regulations, users of our website have the following rights:
Right of access (Article 15 RGPD), rectification (Article 16 RGPD), updating and completeness of user data.
Right to block or erase users’ personal data (article 17 RGPD), if it is inaccurate, incomplete, ambiguous, out of date, or the collection, use, communication or storage of which is prohibited.
Right to withdraw consent at any time (article 13-2c RGPD)
Right to limit the processing of user data (article 18 RGPD)
Right to object to the processing of user data (Article 21 GDPR)
Right to portability of data provided by users, where such data is subject to automated processing based on their consent or on a contract (Article 20 GDPR)
The right to define the fate of users’ data after their death and to choose to whom our site should communicate (or not) their data to a third party that they have previously designated.
As soon as we become aware of a user’s death and in the absence of instructions from them, we undertake to destroy their data, unless its retention is necessary for evidential purposes or to meet a legal obligation.
If the user wishes to know how we use their personal data, ask for it to be rectified or object to it being processed. In this case, the user must indicate the personal data that they would like our site to correct, update or delete, identifying themselves precisely with a copy of an identity document (identity card or passport).
The user may contact us
By email: contact@keys-4-sea.fr
Requests for the deletion of personal data will be subject to the obligations imposed by law, particularly with regard to the retention or archiving of documents.
Finally, users of our site may lodge a complaint with the supervisory authorities, in particular the CNIL (https://www.cnil.fr/fr/plaintes).
Non-disclosure of personal data
Our website will not process, host or transfer the Information collected from its customers to a country outside the European Union or recognised as “non-adequate” by the European Commission without informing the customer in advance.
However, our website remains free to choose its technical and commercial subcontractors provided that they offer sufficient guarantees with regard to the requirements of the General Data Protection Regulation (RGPD: n°2016-679).
Our website undertakes to take all necessary precautions to protect the security of the Information and in particular to ensure that it is not disclosed to unauthorised persons.
However, if an incident affecting the integrity or confidentiality of the customer’s Information is brought to the attention of our website, it must inform the customer as soon as possible and inform the customer of the corrective measures taken.
Furthermore, we do not collect any “sensitive data”. The user’s personal data may be processed by subcontractors (service providers) exclusively in order to achieve the purposes of this policy.
Within the limits of their respective responsibilities and for the purposes mentioned above, the main people likely to have access to the data of users of our website are our customer service agents.
Types of information collected
With regard to users of our website, we collect the following data which is essential for the operation of the service, and which will be kept for a maximum period of 13 months after the end of the contractual relationship:
Data recorded by the contact form:
This form allows Internet users to contact our company. The data sent is then stored in a database to enable our site to monitor contact more effectively. The data collected may also be used as evidence by us in the event of defamatory or insulting comments, comments that violate the privacy or image rights of others, incite racial, ethnic or religious hatred, glorify war crimes or terrorism, discriminate against sexual orientation or disability, incite the use of narcotics or negationism.
The data recorded is as follows First name, Last name, Email address, Telephone number, Postal address, IP address, User Agent.
The data is stored in a database.
Data is automatically deleted 3 months after registration.
Data recorded by the newsletter registration form:
This form allows Internet users to register their email address in order to receive commercial proposals from us electronically.
The data recorded is : Email address.
The data is stored in a database.
The data is manually deleted by the user via the unsubscribe form.
Data recorded when browsing our website:
This data enables the site owner to obtain information on visitor browsing, such as the display of details sheets or searches carried out.
Incident reporting
Quels que soient les efforts fournis, aucune méthode de transmission sur internet et aucune méthode de stockage électronique n’est complètement sûre. Nous ne pouvons en conséquence pas garantir une sécurité absolue. Si nous prenions connaissance d’une brèche de la sécurité, nous avertirions les utilisateurs concernés afin qu’ils puissent prendre les mesures appropriées.
Nos procédures de notification d’incident tiennent compte de nos obligations légales, qu’elles se situent au niveau national ou européen. Nous nous engageons à informer pleinement nos clients de toutes les questions relevant de la sécurité de leur compte et à leur fournir toutes les informations nécessaires pour les aider à respecter leurs propres obligations réglementaires en matière de reporting.
Aucune information personnelle de l’utilisateur de notre site n’est publiée, échangée, transférée, cédée ou vendue sur un support quelconque à des tiers à son insu. Seule l’hypothèse du rachat de notre site et de ses droits permettrait la transmission des dites informations à l’éventuel acquéreur qui serait à son tour tenu de la même obligation de conservation et de modification des données vis à vis de l’utilisateur de notre site.
Security
Pour assurer la sécurité et la confidentialité des données personnelles et des données personnelles de santé, notre site utilise des réseaux protégés par des dispositifs standards tels que par pare-feu, la pseudonymisation, l’encryption et mot de passe.
Lors du traitement des données personnelles, nous prenons toutes les mesures raisonnables visant à les protéger contre toute perte, utilisation détournée, accès non autorisé, divulgation, altération ou destruction.