Personal data protection regulation policy applicable as of May 25th, 2018

ERLAB DFS longs to build strong and lasting relationships build on mutual trust with our partners. Therefore, ensuring that your personal data communicated to us are secure and remain confidential is one of our utmost priority.

ERLAB DFS meets all the European and French regulatory and legal requirements related to personal data protection.

ERLAB DFS adheres to a strict policy so as to ensure the protection of the personal data of his users :

• They are processed in a transparent, confidential and secure way,
• ERLAB DFS is committed to a permanent data protection for his users,
• ERLAB DFS implemented a continuous process for data protection for its users, in compliance with la Loi Informatique et Libertés (LIL) and with the European Union General Rules for Data Protection (GRDP) dated April 27th (hereafter « RGPD »),
• ERLAB DFS has a dedicated team for personal data protection ; That team is made of a Social and Legal Manager also acting as DPO (Data Protection Officer and registered with CNIL) and one Security and Network Administration Manager,
• Personal data for the users are hosted :
  ERLAB, Parc d’Affaires Portes BP 403 27104 Val-de-Reuil Cedex ;
  OVH, 2 rue Kellermann - 59100 Roubaix ;
  AUNEOR CONSEIL, 400 Chemin du Pont de la Sable, 84800 L'Isle-sur-la-Sorgue
  PIXEL INGENIERIE, 21 Rue de Fécamp, 75012 Paris ;
  MESSAGE BUSINESS, 46 rue René Clair, 75892 PARIS Cedex 18
  

PURPOSE OF THIS POLICY

ERLAB DFS wishes to inform you through this policy of how we protect your personal data.

This policy describes how ERLAB DFS processes the personal data of customers / prospects / candidates / suppliers (hereinafter the "User (s)") in the collection of their data and their use of ERLAB DFS’ services or mobile application - eGuard (hereinafter the "Application").

This Policy may be modified, supplemented or updated to comply with any legal, regulatory, jurisprudential and technical developments. However, the User's Personal Data will always be processed in accordance with the policy in force at the time of collection, unless a mandatory legal requirement would otherwise be available and would apply retroactively.

IDENTITY AND CONTACT DETAILS OF DATA PROTECTION OFFICERS

Legal reminder: The controller is, within the meaning of the LIL (Loi Informatique et Libertés) the person who sets the means and the purposes of the treatment. The subcontractor is a person processing personal data on behalf of the controller. It acts under the authority of the controller and on the instructions of the controller.

The person in charge of the processing of Personal Data is:

For Personal Data collected in connection with the use of its latest: ERLAB DFS, Simplified Joint Stock Company with capital of € 660,000, registered with the RCS of Evreux under the number 667 250 096 and whose head office is located at Business park doors, BP 403, 27 104 Val de Reuil Cedex (VAT Nb : FR03667250096) (hereinafter and hereinafter « ERLAB DFS »). ERLAB DFS is represented by Stéphane Hauville, its President.

ERLAB DFS, whether responsible or only sucontractor of data processing, takes appropriate measures to ensure the protection and confidentiality of the personal information it holds or processes in compliance with the provisions of the LIL and the GDPR. For more information about the services offered by ERLAB DFS you can refer to the Legal Notice of the Site (https://www.erlab.com ).

COLLECTION & ORIGIN OF DATA

All user data is collected directly from them.

ERLAB DFS commits itself to get the consent of its Users and / or to allow them to oppose the use of their data for certain purposes, as soon as it is necessary.

You will find more details about the management of cookies allowing us to achieve this purpose in the Cookies Policy of ERLAB DFS.

FINALITY OF COLLECTED DATA

1. Need for collection.

To benefit from the services of ERLAB DFS (creation of customer account, receipt of product brochure, eValiQuest, be supplier, benefit from the eGuard application, etc.), the User communicates certain Personal Data. If the User does not wish to provide the information requested, the User may not be able to benefit from all or part of the services offered by ERLAB DFS.

2. Purposes

The collection of your Personal Data has for legal basis:

• the legitimate interest of ERLAB DFS to ensure the best quality of its services,
• to provide its Users with the best possible monitoring of the operation of their equipment in a constant concern for safety,
• the legitimate interest of ERLAB DFS in conducting optional satisfaction surveys of its products and services with a view to improving them,
• the consent of its Users when it is required by the regulations in force, in particular as regards commercial prospecting and cookies,

User personal data are stored primarily for the following purposes by ERLAB DFS :

• process their orders,
• suggest them products that would meet their needs,
• inform them about the benefits from using our products,
• Review and assess an applicant skills, and contact then afterwards if needed.

In the alternative, User data is also collected in order to :

• prevent and fight against computer fraud (spamming, hacking ...),
• improve the navigation on the Site and the use of the eGuard Application,
• conduct optional satisfaction surveys on ERLAB DFS products and services (these surveys are conducted anonymously or anonymized at short notice),
• perform statistics on the use of the tool, an internal reporting for ERLAB DFS research & development teams.

You will find more details about the management of cookies allowing us to achieve this purpose in the Cookies Policy of ERLAB DFS

The mandatory or optional nature of the personal data requested and the possible consequences of non-response to the users of ERLAB DFS are specified during their collection (s).

TYPES OF PROCESSED DATA

ERLAB DFS is likely to treat, as a Processing Manager,

• in order to best meet the needs of its customers, all or part of the following data: - name (and name of birth), first name, date of birth, telephone number & professional email address, name of the employer and address postal code, password, information on the use of chemicals, amount of purchases at ERLAB DFS;
• to allow the navigation on the Site or the use of the Application: connection and use data of the Site or the Application;
• to prevent and fight against computer fraud (spamming, hacking ...): computer hardware used for navigation, IP address, password (hash);
• to improve the navigation on the Site or the use of the Application: connection and usage data;
• to conduct optional satisfaction surveys on ERLAB DFS: email address;
• to carry out communication campaigns (sms, mail): phone number, email address.

NO TRANSFER OF INFORMATION

User personal data are not transferred to third-party for commercial or advertisement purposes.

User personal data can be processed by ERLAB DFS subsidiaries or third-party and we require that they do so based on our instructions and in compliance with this Privacy Policy and any other appropriate security measures.

Access to personal data is strictly granted to employees, third-party and subsidiaries that need access to them in order to process those data on our behalf. Anyone with access to it is subject to strict confidentiality obligations and may be subject to disciplinary sanctions, up to and including termination of employment, in the event of a breach of their obligations.

ERLAB DFS also uses the services provided by several specialized companies (mailing, audience analysis), the list of which can be communicated to the persons concerned on request addressed to dpo@erlab.net. If these companies use servers outside the European Union, we have concluded with them specific contracts and standard contractual clauses established by the European Commission to supervise and secure the transfer of your data to these service providers.

DATA RETENTION DURATION

We will retain your information for as long as needed to provide you services, according to legal rules.

USERS RIGHTS

Each time ERLAB DFS collect personal information, ERLAB DFS takes all reasonable steps to ensure the accuracy and appropriateness of the Personal Data in relation to the purposes for which ERLAB DFS processes them.

In accordance with the European regulations in force, the Users of ERLAB DFS have the following rights:

• right of access (article 15 GDPR) and rectification (article 16 GDPR), updating, completeness of the data of Users,
• right to block or erase data of Personal Users (article 17 of the GDPR), when they are inaccurate, incomplete, equivocal, out of date, or whose collection, use, communication or preservation is forbidden (find out more),
• right to withdraw consent at any time (article 13-2c GDPR),
• right to limit the processing of User data (article 18 GDPR),
• right to oppose the processing of Users' data (article 21 GDPR) (find out more),
• right to the portability of the data that the Users will have provided, when this data is the subject of automated processing based on their consent or on a contract (article 20 GDPR).

If the User wishes to know how ERLAB DFS uses his Personal Data, ask to rectify or oppose their treatment, the User can contact ERLAB DFS in writing at the following address: ERLAB DFS - DPO, Parc d’Affaires des portes, BP 403, 27 104 Val de Reuil Cedex or by email at dpo@erlab.net. In this case, the User must indicate the Personal Data that he / she would like ERLAB DFS to correct, update or delete by identifying himself / herself with a copy of an identity document (identity card or passport). Requests for the deletion of Personal Data will be subject to the obligations that are imposed on ERLAB DFS by law, particularly as regards the preservation or archiving of documents. Finally, the Users of ERLAB DFS may file a complaint with the supervisory authorities, and in particular the CNIL(https://www.cnil.fr/fr/plaintes)

« COOKIES »

Cookies are text files that are automatically downloaded and stored on the user’s device (computer, smartphone). Cookies include information such as user domain name, user internet provider name, user operating system name as well as date and time of logging. Cookies cannot harm the user’s device.

ERLAB DFS obtain data collected by the cookies when the user visits our website. Those information enable ERLAB DFS to improve our website content and user website browsing.

Usually, it is possible to prevent your browser from accepting cookies by modifying the configuration of cookies of your browser. These settings are usually found in “Options” or “Preferences” menu of your browser. If you prevent your browser from accepting cookies or delete them, you will restrict functions that you are able to carry out on our website such as language settings, browser settings, etc.

ERLAB DFS cannot be liable for any restrictions to the website functionalities resulting from (i) preventing your browser from accepting cookies (ii) for preventing ERLAB DFS to record or access cookies requested for experiencing full website functionalities.

You can update your cookies policy at any point of time. ERLAB DFS inform you that we might use third-party in order to collect the type of data described in this section.

By clicking on icons dedicated to Twitter featuring on ERLAB DFS website and if you have enabled cookies when browsing our on website or our web based application, Twitter may set cookies on your devices. Our cookie policy can be accessed any time here Cookies Policy of ERLAB DFS

SOCIAL NETWORKS

The ERLAB DFS User has the option to click on the icons dedicated to the social network Twitter appearing on the ERLAB DFS Website.

Twitter improves the usability of the Site and helps promote it through sharing.

When the User clicks on this button, ERLAB DFS will be able to access the personal information that the User has indicated as public and accessible from his Twitter profile. However, ERLAB DFS does not create or use any Twitter-independent database from any personal information that the User may publish there and ERLAB DFS will not process any data relating to its privacy in this way.

If the User does not wish ERLAB DFS to have access to the personal information published on the public space of his profiles or his Twitter account, the User must then use the means made available by Twitter to limit access to his data.

SECURITY

ERLAB DFS will take appropriate technical and organizational measures to protect your personal data against loss or unlawful use, and specifically that those data are modified, damaged or that non authorized third-party gain access to them.

CONTACT US - DPO

If you have any questions, remarks or complaints in relation to the processing of your personal data, you can contact ERLAB DFS in writing at : ERLAB DFS – DPO, Parc d’Affaires des portes, BP 403, 27 104 Val de Reuil Cedex.