The company New Duralex International, whose head office is located in La Chapelle Saint-Mesmin (45380, France) – 7 rue du Petit Bois, listed under the laws of France in the Trade and Companies Register of Orléans under the number 892 108 663 (hereinafter “NDI”) collects personal data from users (hereinafter “User(s)”) of the website http://www.uk.duralex.com (hereinafter the “Website”).
The personal data collected on this Website is subject to automated and non-automated processing by NDI. This processing is governed by the amended French law on “Data processing, data files and civil liberties” No. 78-17 of 6 January 1978 and the General Data Protection Regulation No. 2016/679 (hereinafter “GDPR”).
The personal data provided by the User when registering for certain sections of the Website is intended exclusively for NDI (Data Controller), who determines its processing purposes and methods and who can transfer it to its service providers (Data Subcontractors). Data processing by these subcontractors is still restricted to the purposes defined by NDI.
The purpose of processing is to enable Website Users to benefit from Website services and activities, especially offers and thematic content. This processing by NDI is necessary to manage its website, provides its services, promote its products and communicate with Users. This processing also enables NDI to comply with its legal obligations and address certain legitimate interests related to its management. The categories of data collected are last name, first name, e-mail address and country of residence.
With regard to its employees, NDI takes and demands from its data subcontractors the necessary technical and organisational security measures to guarantee that personal data remains private and protect it from accidental or illegal destruction, modification, disclosure and unauthorised access, in compliance with current regulations.
The User’s data may be transferred to certain data subcontractors, located outside the European Economic Area. On the occasion of this transfer, the User’s data is stored in compliance with legal requirements for protection and security, in accordance with applicable European regulations (GDPR). In the event of transfer, NDI requires from its subcontractors sufficient guarantees to implement the appropriate technical and organisational measures in order to meet the requirements of the European regulation and protect the User’s data, especially when required by the use of model contractual clauses provided by the European Commission in application of the GDPR. In the event that data subcontracting is halted or after processing has ended, NDI requires that its subcontractors destroy or immediately restore data, with the prohibition of keeping any copies, unless otherwise provided for by the applicable laws in the country where the subcontractor is established.
Consent to processing
By giving its explicit consent (voluntary registration), the User may log in to contact the publisher of the Website. Without the User’s consent, this information (checkbox or voluntary registration) shall not be used in any way, assigned or sold without the User’s express approval of its transmission to Website partners.
The information required when the User utilises one of the Website sections shall be clearly identified (asterisk). Optional information is used to get to know the User better and offer content and services that more closely meet its expectations.
The Website uses techniques to collect information when the User publishes content and monitor browsing on the Website, mainly by using “cookies”. A “cookie” is a file placed in a dedicated area of the User’s terminal (computer, tablet, mobile phone or any other device optimised for the Internet) when the Website is being viewed to track browsing. Some cookies are required to use the Website, whereas others can optimise and customise the displayed content or save the browser settings.
These techniques are intended to better analyse the User’s expectations and improve the services offered, in particular to offer the User more relevant topics or information.
The publisher may need to use the information collected in this context for analyses and studies, either internally to better meet user expectations or on behalf of outside partners, in exclusively statistical, anonymous and non-identifiable form.
The User is free to refuse the installation of cookies by modifying the settings of its Internet browser. However, the Website may not be held liable for any consequences of these settings, especially the restriction or deactivation of certain features that depend on these methods.
Personal data shall be stored for the period required by the purposes for which it was collected:
- For a period of 3 years after the User’s last activity on the Website or one of IC’s electronic communications media (for example click on a link in a newsletter or an e-mail);
- For a 13-month period for “cookies”.
As an exception to the foregoing, the storage period may be different if: (i) the User exercises its right to delete data involving it, under the conditions described below; (ii) a longer storage period is authorised or established by a legal or regulatory obligation. For any clarification on the data storage period, the User may contact the Data Protection Officer at the contact information below.
Exercise of rights
In accordance with the amended law on “Data processing, data files and civil liberties” of 6 January 1978 and the GDPR, the User has a right to access, modify, rectify and delete data concerning it. The User also has a right to object and to restrict processing and portability of personal data. For processing based on obtaining consent, the User may withdraw its consent at any time. To exercise these rights, ask any questions about processing and access information about it, the User must send a request with proof of identity by mail or e-mail to the following respective address: New Duralex International – 7 rue du Petit Bois – 45380 La Chapelle Saint-Mesmin, France | email@example.com | +33 (0)2 54 60 65 04. The User also has the right to lodge a complaint with the CNIL (French Data Protection Authority), the competent supervisory authority in France.