Personal data management policy

For our Company, the protection of personal data is a major concern. This policy sets out the conditions in which we collect and process the personal data of our contacts in the companies with which we have a relationship.

1) Definition

For the purposes of this document, “we”, “us” refers to MASER Engineering SARL, a company with a share capital of €153,511.20, of which the registered office is located at 6 Rue Toulouse Lautrec 75017 Paris, registered with the Paris Trade and Companies Registry under number 732 050 026, a subsidiary of the CRIT group, a major human resources and business services player.

The term “Personal Data” refers to any information that directly or indirectly identifies one of our contacts / physical persons in the companies with which we have a relationship.

2) What Personal Data may we collect and process?

The following categories of Personal Data are mainly processed (partial list):
– Identification and contact data: surname, first name, customer number, address, email, telephone number…
– So-called “technical data”: identification data, connection data…
– Declarative personal data or data relating to professional life

3) On what legal basis is this Personal Data collected and by what means?

In compliance with applicable European regulations, our processing of Personal Data is based on the pursuit of our legitimate interests, provided that it does not affect the interests and fundamental rights of the persons concerned by the processing.

For any additional or accessory processing, we may obtain the explicit prior consent of the persons concerned.

Personal Data is collected and processed by our teams, but we may also use semi-automated systems and processes to provide a better level of service.

4) For what purposes do we collect and process Personal Data?

We collect and process Personal Data in the context of our activities and the performance of the services we offer, in order to (partial list):
– Provide a personalized service;
– Draw up any contract or declaration in connection with our activities, in compliance with applicable regulations;
– Deliver our services in accordance with requests;
– Exchange by any means of communication;
– Manage and monitor our commercial contracts
– Monitor compliance with applicable procedures;
– Assess satisfaction and our service level.

More generally , we may use some Personal Data (partial list) to:

– Manage and monitor our commercial relationships and our relationships with our contacts;
– Conduct studies, audits, or produce statistics for internal or external use;
– Develop, improve and secure our systems/processes;
– Manage services offered by third parties with whom we have a contractual relationship;
– For marketing, advertising or communication purposes (information on our company’s news, on any ongoing events, etc.);
– Manage newsletters and unsubscription requests;
– Satisfy all our legal, regulatory and contractual obligations;
– Manage any legal actions, defend ourselves or cooperate in investigations conducted by the authorities.

5) Who is in charge of processing Personal Data?

We are in charge of the processing of collected Personal Data and of compliance with the obligations imposed by applicable regulations.

The companies with which we are in contact are solely responsible for informing, by any means, the persons concerned about the existence and purposes of the processing of Personal Data that we may carry out.

6) To whom may Personal Data be disclosed? Can there be transfers outside the European Union?

In the context of the processing operations described above, we may disclose the Data to third parties.

These third parties may be located in France, within the European Union (in which case they are also subject to the same European regulations regarding personal data) or outside the European Union.

Transfers outside the European Union strictly comply with the applicable regulations and are made either to a country recognized as “suitably protected” by the European Commission, or within the framework of standard contractual clauses adopted by the European Commission, or under cover of binding corporate rules.

More information on data protection worldwide is available on the CNIL website.

We strive to ensure the protection of Personal Data in all circumstances, so we remind you that this data may be transferred in the cases and in the conditions detailed below.
– The Data may be transferred internally to the authorized personnel of our departments. All employees of the Company are subject to a duty of non disclosure.
– The Data may be transferred to all other companies in the CRIT group, within or outside the European Union. The CRIT group ensures that all its subsidiaries guarantee a high level of personal data protection.

– The Data may be transferred to some of our partners within or outside the European Union, in the above-mentioned conditions.
– The Data may be transferred to public or private organizations in cases provided for by law or to the authorities if we have a legitimate reason to do so.

7) How long is the Personal Data kept?

Personal Data will be retained to the extent strictly necessary to fulfill our obligations and for the time necessary to achieve the purposes for which the Data was collected, in compliance with applicable regulations.

The Personal Data for our contacts or business partner contacts will be kept for a maximum period of 10 years from the termination of the business relationship, unless a longer retention period is needed due to a legal requirement, including the need to take legal action or defend against it.

As part of a prospecting operation, Personal Data will be kept for a maximum period of 2 years from the last contact.

8) What rights do the persons concerned have over their Data and how can they exercise those rights?

In compliance with applicable regulations, the persons concerned by the processing have a right of access to Personal Data, the right to erase the Data, as well as a right to rectify, oppose and limit.

To exercise these rights, please send a letter to MASER ENGINEERING Legal Department – 6, rue Toulouse Lautrec – 75017 Paris or send an email to contact@maserengineering.com.

We reserve the right, in the event of the exercise of any of the above rights, to verify your identity.

Contacts also have the possibility of making a complaint concerning the processing of Personal Data to the Commission Nationale Informatique et Libertés (CNIL) – www.cnil.fr – 3, place des Fontenoy, 75007 Paris.

We reserve the right to change this privacy policy at any time. It should be referred to whenever necessary and it should be checked regularly for any changes (application date: June 2018 version)