This document constitutes the Personal Data Protection Policy implemented by ARender and its activities. The protection of personal data is one of ARender’s core values.
As part of its business activity, Arondor may process information about you. This Data Protection Policy informs you about the way we collect and process your personal data. We invite you to read it carefully.
We only use your personal data in the cases provided for by the current regulations:
- The execution of the contract that we have concluded with you, and/or
- The respect of a legal obligation, and/or
- Your consent to the use of your data.
For any questions regarding this document, you can contact the DPO ARender firstname.lastname@example.org.
1. WHO IS RESPONSIBLE FOR THE PROCESSING OPERATIONS MENTIONED IN THIS DOCUMENT?
The person in charge of the processing mentioned in this document is ARender.
ARender’s Data Protection Officer is Mr. Mario Mina.
2. WHAT DATA DO COLLECT AND UNDER WHAT CIRCUMSTANCES DO WE COLLECT THEM?
a/ The data that you transmit directly to us:
On the occasion of the various contacts that we have with you, you can be required to communicate us information which concerns you. They are collected especially during initial contact with ARender’s website.
b/ The data that we collect during our business relationship:
During our business relationship, you provide us with a number of personal data, these data are collected in a licit, loyal and transparent way. They allow ARender to answer your needs.
3. HOW LONG DO WE KEEP YOUR DATA?
Your personal data are kept in accordance with the legal provisions or proportional to the purposes for which they were recorded. Some of the retention periods are in the legitimate interests of ARender, as specified in the introduction.
Retention periods vary depending on whether we have an ongoing contractual relationship with you (you are an active customer), whether we have had a contractual relationship with you in the past (you are an inactive customer) or whether we have never had such a relationship with you (you are a prospect). The data relating to your navigation on our online services collected by the cookies that you have authorized has a specific retention period.
Below you'll find the main periods for which your data is retained:
Purposes / Retention periods:
- Constitution and management of a file of prospects: 5 years from the collection of the data or the last contact from the prospect
- Customer account management: For the duration of the contractual relationship
- Execution of a contract: 5 years maximum from the last contact by the customer
In any case, we regularly review the information we hold.
When its retention is no longer justified by legal, commercial, or customer account management requirements, or if you have exercised a right of modification or deletion, we will securely delete it.
4. DATA ACCESS AND TRANSFER
a/ Who may have access to the data we collect?
The ARender sales team, the technical team, and Human Resources.
At the end of the relationship with a customer or employee, the data is archived so that it is only accessible by the designated data controller.
ARender works with a certain number of subcontractors. ARender makes sure that these subcontractors have their datacenter in Europe or in a country considered as adequate by the authority of control (CNIL).
5. HOW IS YOUR DATA PROTECTED?
As a data controller, we implement appropriate technical and organizational measures in accordance with applicable legal provisions, to protect your personal data against alteration, accidental or unlawful loss, use, disclosure or unauthorized access, including:
The appointment of a data protection officer;
The creation of a unit dedicated to the security of information systems;
Raising awareness of the confidentiality requirements of our employees who have access to your personal data;
- Securing access to our premises and our computer platforms;
- The implementation of a general policy of computer security of the company;
- Securing access, sharing, and transfer of data;
- The high level of data protection requirements when selecting our subcontractors and partners.
6. WHAT ARE YOUR RIGHTS?
You have the right to access your personal data and to request that they be corrected, completed or updated. You may also request the deletion of your data or object to their processing, under the condition that you have a legitimate reason.
You may request to exercise your right to data portability, i.e. the right to receive the personal data you have provided to us in a structured, commonly used format and the right to transmit this data to another controller.
Finally, you can formulate directives concerning the conservation, deletion, and communication of your personal data after your death.
You can exercise your rights with ARender’s Data Protection Officer: email@example.com.
Before responding to your request, we may verify your identity and/or ask you to provide further information to meet your request. We will endeavor to respond to your request within a reasonable time and, in any event, within the time limits set by law.
In case of an unsatisfactory response, you may file a complaint with the National Commission for Information Technology and Liberties (CNIL).
Who is responsible for processing my personal data?
The data controller is the company that defines for what purpose and how your personal data are used.
The personal data collected on the website are processed by the ARender sales team.
Why does ARender collect my personal data?
ARender gives you the possibility to contact us for any request you may have.
What personal data is collected about me?
We only collect the personal data that you give us, i.e. at least your name and email address.
Who are the recipients of my data?
ARender’s technical, commercial, and HR teams.
How can I express my choices on the use of my data?
By email to firstname.lastname@example.org.
What are my rights regarding the use of personal data?
In accordance with the regulation on the protection of personal data, you can exercise your rights (access, rectification, deletion, opposition, limitation, and portability if necessary) and define the fate of your personal data “post mortem” by email: email@example.com
In order to enable us to respond quickly, we would be grateful if you could provide us with your full name, email, and address. Some requests to exercise your rights (right of access) must be accompanied by a photocopy of an identity document including your signature in order to verify your identity and specify the address to which the reply should be sent. A reply will then be sent to you within one month of receipt of the request.