Privacy and cookies Policy
Update: 29/03/2024
www.groupe-ekofab.com is a site belonging to EKOFAB SAS, registered under SIRET number 61202867000026 and domiciled at 27 Zone Industrielle, 77370 NANGIS, FRANCE (hereinafter referred to as the “Data Controller“).
www.groupe-ekofab.com is very concerned about the confidentiality of your personal data as Users visiting and browsing our Site. That is why we, the Site www.groupe-ekofab.com strive to respect your rights set out in the General Data Protection Regulation 2017/679 (GDPR) and the ePrivacy directives of the European Parliament and the Council, as well as Law n°78-17 of January 6, 1978 known as the Data Protection Act, amended by Law n°2018-493 of June 20, 2018 on the protection of personal data.
Article 1 : Définitions
§1 “Personal data » means any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”); an “identifiable natural person” is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity;
§2. “processing” means any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
§3. “controller” means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing operation; where the purposes and means of the processing operation are determined by Union law or by the law of a Member State, the controller may be designated or the specific criteria applicable to his designation may be laid down by Union law or by the law of a Member State;
§4. “processor” means the natural or legal person, public authority, department or other body which processes personal data on behalf of the controller;
§5. “recipient” means the natural or legal person, public authority, department or other body that receives personal data, whether or not it is a third party. However, public authorities 4.5.2016 L 119/33 Official Journal of the European Union EN which may receive personal data in the context of a particular investigation assignment in accordance with Union law or the law of a Member State shall not be regarded as recipients; the processing of such data by the public authorities in question shall comply with the applicable data protection rules according to the purposes of the processing;
§5. “consent” of the data subject means any free, specific, informed and unambiguous expression of will by which the data subject accepts, by a declaration or by a clear positive act, that personal data concerning him may be processed;
§6. “personal data breach” means a breach of security resulting in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to personal data transmitted, stored or otherwise processed;
§7 “cookie”, a cookie is a text file automatically saved in the browser of any User when visiting a website. This text file may contain personal data and/or information relating to the User’s navigation.
ARTICLE 2 : Purpose
The purpose of this Privacy and Cookies Policy (hereinafter the “Policy”) is to define the terms and conditions for the collection, storage, processing and deletion of the personal data (hereinafter “personal data”) of any natural person (hereinafter the “User“) who simply uses or browses the Site.
The Data Controller assures the User that it implements all necessary means to ensure compliance with the provisions of the General Data Protection Regulation 2017/679 of the European Parliament and of the Council dated 14 April 2016 by ensuring compliance with retention periods, the need to collect the aforementioned personal data, and the confidentiality of the personal data collected (hereinafter the “Regulation” or the “GDPR“).
ARTICLE 3 : User Consent
This Policy must be read and accepted by all Users visiting the Site. By clicking on the “read and accepted” box referring to this Policy when entering the Site, the User acknowledges that he/she has read it and gives his/her free, informed and unambiguous consent to the processing of his/her personal data.
The User may, at any time and without justification or prejudice, withdraw his/her consent to this Privacy and Cookie Policy. The User may exercise his/her right to withdraw consent to this Policy by notifying the Data Controller at the following e-mail address: information@groupe-ekofab.com
This withdrawal of consent will take effect at the time the Data Controller receives notification of the User’s withdrawal of consent.
ARTICLE 4 : Data collected
As part of the visit and use of the Site, certain personal data of Users may be collected by the Data Controller, in its capacity as Data Controller or by one or more subcontractors acting in the name and on behalf of the Data Controller. treatment.
§1 – Means of collection
The User’s personal data is collected by the following means:
When communicated by the User :
- by filling in the contact form on the Site; or
- by filling in the newsletter registration form on the Site; or
- by filling in the quotation request form on the Site.
By automated collection
During the User’s browsing of the Site, the Data Controller automatically records certain information relating to the User’s preferences and use of the Site. Cookies are used during the User’s browsing of the Site to collect this information automatically.
§2 – Type of data collected
The personal data that may be collected are :
- User’s e-mail address ;
- User’s first and last name;
- The User’s telephone number;
- User’s address;
- Any information the User communicates via the “Message” content on the Site’s forms;
- The User’s browsing preferences on the Site.
§3 – Data recipients
The recipients of personal data are :
- The Data Controller ;
- Internal employees of the Data Controller acting on its behalf;
- Any legally or administratively authorized person (e.g. judicial authorities);
- The Data Controller’s subcontractors responsible for maintaining the Site and participating in the provision of services offered by the Data Controller.
ARTICLE 5 : Data processing
§1 – Legal basis for processing
The processing of Users’ personal data via the Site must necessarily be justified by one of the conditions set out in Article 6 §1 of the Regulations. In accordance with the Regulations, Users’ personal data will only be processed if one of the following conditions is met:
- The User has given his or her consent: the User concerned has consented to the processing of his or her personal data for one or more specific purposes;
- The performance of the contract requires it: processing is necessary for the performance of a contract to which the User concerned is a party, or for the performance of pre-contractual measures taken at the User’s request;
- Compliance with the law requires it: processing is necessary to comply with a legal obligation to which the data controller is subject;
- A legitimate interest justifies it: processing is necessary for the purposes of the legitimate interests pursued by the data controller or by a third party, unless the interests or fundamental rights and freedoms of the User concerned prevail and require the protection of personal data, in particular where the User concerned is a minor.
§2 – Data processing purposes and retention periods
In accordance with Article 13 of the Regulation, the reason and duration for storing and processing personal data must be justified by a valid purpose, in addition to one of the legal bases listed above.
Purpose of processing | Legal Basis | Retention period | Archiving |
Commercial prospecting by the Publisher and response to contact requests | Legitimate interest | 3 years | N/A |
Management and payment of services, provision of services and invoicing | Contract performance | 3 years | N/A |
Fraud prevention | Legitimate interest | 3 years | 5 years |
Accounting and tax obligations | Compliance with the law | 3 years | 7 years |
Analysis of Site navigation data, creation of site visit statistics, and facilitation of the User’s navigation | Consent | 12 months from the expiry date of the cookies on the User’s browser | N/A |
ARTICLE 6 : Data protection measures
In accordance with Article 5 and Article 32 of the Regulation, the Data Controller is under an obligation to guarantee the security of Users’ personal data that it stores and processes.
The Data Controller maintains a register of all personal data collected from Users. The Data Controller affirms that it implements all necessary security measures to protect Users’ personal data contained in this register and to avoid any violation of Users’ personal data.
To this end, the Data Controller affirms to Users that it has undertaken a study of the risks associated with the storage and processing of Users’ personal data in order to implement adequate security measures as follows:
- Allowing pseudonymization and encryption of the User’s personal data;
- By implementing means to guarantee the confidentiality, integrity, availability and resilience of processing systems and services (i.e. anti-virus protection, secure internal servers);
- Implementing means to restore availability and access to personal data within appropriate timeframes in the event of a physical or technical incident;
- By guaranteeing the use of a procedure aimed at regularly testing, analyzing and evaluating the effectiveness of technical and organizational measures to ensure the security of processing.
The Data Controller assures Users that the data it stores and processes is stored within the European Union, in a Member State subject to the Regulation. In the event of a breach of the User’s personal data, the Data Controller undertakes to notify the competent supervisory authority of the breach within 72 hours in accordance with Articles 33 and 34 of the Regulation.
ARTICLE 7 : Cookies
§1 – Purpose of using cookies
As explained above, a cookie is a text file automatically stored in the User’s browser when visiting a website. This text file may contain personal data and/or information relating to the User’s browsing.
The sole purpose of the cookies used on the Site is to improve your browsing experience as a User. The cookies used facilitate your browsing by storing some of your personal data when you access and browse the Site. Three types of cookies are used on the Site, their purpose varying according to their type:
- Functional cookies: these are used to store data entered during authentication or searches on the site.
- Advertising cookies: these cookies enable us to identify the consumption and research habits and preferences of Users, so that we can offer them advertising content in line with their personal preferences.
- Security cookies: these are used to protect Users’ personal data by encrypting the data contained in other cookies.
§2 – Cookies used, lifetime and function
Each cookie used on the Site is identified by a name. Each cookie has a lifetime, i.e. a period of time after which it disappears and ceases to be active, forgetting any personal data it may have stored. Each cookie also has a function, i.e. a purpose that justifies its installation on the Site.
Here is the list of cookies used on the Site, with their name, lifetime and function:
Cookie name | Supplier | Lifetime | Function |
CookieConsent | www.groupe-ekofab.com | 1 year | Stores the user’s cookie consent status for the current domain |
wpEmojiSettingsSupports | www.groupe-ekofab.com | Session | This cookie is part of a set of cookies used to provide and present content. Cookies maintain the correct state of fonts, blog/photo sliders, color themes and other website settings. |
elementor | www.groupe-ekofab.com | Persistent | Used as part of the website’s WordPress theme. This cookie allows the site owner to implement or modify site content in real time. |
pll_language | www.groupe-ekofab.com | 1 year | This cookie is used to determine the visitor’s preferred language and sets the language accordingly on the website, if possible. |
td | www.googletagmanager.com | Session | Used to send data to Google Analytics about the visitor’s device and behavior. Enables visitor tracking across devices and marketing channels. |
_ga_# | www.groupe-ekofab.com | 2 years | Used to send data to Google Analytics about the visitor’s device and behavior. Enables visitor tracking across devices and marketing channels. |
_ga | www.groupe-ekofab.com | 2 years | Used to send data to Google Analytics about the visitor’s device and behavior. Enables visitor tracking across devices and marketing channels. |
§3 – Managing cookies: activation and deactivation
It is possible for the User to manage Cookies on the browser he/she is using at any time. The User can activate or deactivate them at any time. The means of managing cookies depends on each browser. To make it easier for Users to manage their cookies, below is an explanatory guide to managing cookies on the main browsers used by Users:
- Google chrome: https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDesktop&hl=fr
- Safari :https://support.apple.com/fr-fr/guide/safari/sfri11471/mac
- Mozilla Firefox : https://support.mozilla.org/fr/kb/activer-ou-desactiver-les-cookies on-firefox-for-android
- Internet explorer :https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies
ARTICLE 8 : User’s rights
The User has the right to ask the Data Controller for access to his/her personal data, for the rectification or deletion thereof, or for a limitation of the processing relating to the User concerned, or the right to object to the processing and the right to data portability.
Users have the right to withdraw their consent to the processing of their personal data at any time. This withdrawal of consent will take effect when the Data Controller receives notification of the User’s withdrawal of consent.
The User has the right to lodge a complaint with the Commission Nationale de l’Informatique et des Libertés (CNIL) via the contact form available at the following website: https://www.cnil.fr/fr; or with the Direction Générale de la Concurrence, de la Consommation et de la répression des fraudes via the contact form available at https://www.economie.gouv.fr/dgccrf.
The User may also exercise the rights set out above in relation to this Policy by notifying the Data Controller at the following e-mail address: information@groupe-ekofab.com.
MERCASAFE© user license – MS 1001-179057