BERGERAT MONNOYEUR SRL, having its registered office in Mogosoaia, str. Morii nr. 5, jud. Ilfov (hereinafter referred to as ’the Company’ or ’We’), as an independent data controller, would like to inform you of the methods used for processing (for example, collecting, using, and sharing) your personal data through this website (hereinafter referred to as the ’Website’) and through the use of the related services, such as [Google Ads, Facebook Ads, tawk.to] (hereinafter referred to as the ’Services’) in accordance with the applicable laws and regulations on personal data protection, especially: (i) Regulation (EU) 2016/679 of 27 April 2016 (hereinafter referred to as ’GDPR’), that entered into effect on 25 May 2018; (ii) any other legislation that is applicable on Romanian territory; and (iii) any other regulatory act, degree, regulation or provision that may be adopted by a competent national or European supervisory authority (hereinafter collectively referred to as the ’applicable Data protection regulations’).
The company belongs to MONNOYEUR, a French corporate group. The parent company is headquartered in France, Sainte-Denis, 117 Charles Michels Str. 93200.
1) What is the scope of this policy?
2) What types of personal data do we collect?
The company collects (1) the personal data that you voluntarily share with the Company and (2) the navigation personal data regarding the accessing and use of the Website and the Services. The Company collects the following information in particular:
- Personal data that you voluntarily share with the Company: the Company may collect your personal data (for example, your first name, surname, e-mail address, address, telephone number, etc.) when you send us a request through an online form on the Website or when you use our Services;
3) For what purposes do we collect your personal data?
We process your personal data:
- In order to allow you to use the Website and the Services;
- In order to assess and improve our Services and the functionality of the Services;
- In order to improve your experience of using the Website and the Services;
- In order to provide customers with assistance and answer your questions;
- In order to serve the interests of the Company; in certain cases, the Company may disclose your personal data, including when the Company considers in good faith that such processing is necessary in order to: (i) protect, exercise, or defend the rights, privacy, safety, security, or property of the Company or its employees, agents, and contractors (including the performance of our contracts and the application of the terms and conditions of use); (ii) protect the safety, privacy, and security of the users or of the public; (iii) protect against fraud or manage risks;
- In order to fulfil our legal obligations (including the obligations related to the provision of services and the provision of information to consumers) or in order to respond to the requests of the public and government authorities;
- In order to provide you with goods and/or services in accordance with a contract;
Subject to your consent, in order to send you commercial messages and/or our newsletter and in order to share your personal data with our trusted business partners, including other MONNOYEUR entities, so that they can send you commercial messages.
4) Based on which legal basis do we process your personal data?
By way of exception: if you log in to a personal account/customer area of the Website as part of a service agreement with the Company, the processing of the personal data from this personal account is based on the agreement that you have concluded with the Company.
5) How long are your personal data retained?
The Company keeps your personal data for as long as necessary in order to fulfil the purposes set out in section 3 above.
Your personal data are retained:
- For the duration strictly necessary for the use of the Website or of the Services or for the needs of the Company and for a maximum duration of 3 years from the date when they were collected, in the absence of a contract with the Company for marketing purposes;
- If a contract is concluded or an order is placed as part of the Services or otherwise, for the entire duration of the contractual relationship, after which the personal data are stored in intermediary archives for a duration corresponding to the possible warranty period, plus the applicable general legal limitation period (3 years);
- In the case of data processed by the Company in order to comply with its legal obligations, for the duration necessary in order to fulfil such legal obligations;
- In the case of data processed based on your consent, until the withdrawal of your consent;
6) How do we process your personal data?
The personal data are processed both manually and electronically and they are protected using appropriate security measures. In this regard, even though the Company uses appropriate administrative, technical, and organisational measures in order to protect the personal data against theft, loss, unauthorised use, disclosure, or modification, we cannot guarantee that it shall be able to protect the data against all of the existing IT risks.
7) Who has access to your personal data?
Other MONNOYEUR entities, as appropriate ();
Third-party service providers, subcontractors (for example, IT service providers, providers of services that are related to the Services – including, without being limited to, experts, consultants, and lawyers, companies involved in potential mergers, divisions, or other transformations);
The competent national authorities, in order to comply with the legislation in force, and any administrative or judicial authorities that may request this or that should have access to such data in the context of an inspection or legal action;
Trusted business partners (for example: in order to allow them to send commercial messages to you).
8) Are your personal data transmitted abroad?
Your personal data may be transferred to other MONNOYEUR entities and to service providers acting on its behalf and located in the European Union.
We shall not carry out any transfer of personal data to countries outside the EEA.
9) Minors under the age of 16
The Website is not addressed and does not offer Services to people under the age of 16 and the Company does not knowingly collect personal data from people under the age of 16 or from minors in general.
10) What are the applicable security measures?
The Company implements all of the appropriate technical and organisational security measures in order to ensure a level of security for the personal data that is commensurate with the risk and, especially, in order to protect the data against accidental or illegal destruction, loss, damage, disclosure, or unauthorised access.
The same level of protection is contractually imposed by the Company on all of its subcontractors. Any Company employee who may have access to your personal data in the context of his or her duties commits to treating them as strictly confidential.
11) What are your rights with regard to the personal data?
In accordance with the applicable Data protection regulations, depending on the situation, you have the right to request access to your personal data or their rectification, erasure, or portability and to request the restriction of the processing of your personal data or to object to it, as well as the right to withdraw your consent at any time. You may exercise these rights by sending an e-mail to the following address: firstname.lastname@example.org
However, we would like to note that your objection may, in practice and where applicable, impact or make it impossible to consider your request for information or registration or the use of the Services offered on the Website.
In addition, you have the right to lodge a complaint with a supervisory authority, such as the Romanian National Supervisory Authority for the Processing of Personal Data, in case of a violation of the applicable Data protection regulations.
12) Modifications and updates
13) Data protection officer
The Company has appointed a data protection officer (’DPO’) that you may contact if you have any questions with regard to the processing of your personal data and in order to exercise your rights.
DPO’s contact details: Mogosoaia, str.Morii nr. 5, jud. Ilfov, email@example.com