This Policy concerns the Protection of Personal Data (hereinafter “DCP”) as implemented by
Skiif
7 rue Gasparin
69002 LYON
This Policy describes the way in which we, the sub-contractor, collect and use your personal data in relation to the skiif.com website and associated services, on behalf of our customers who have adopted a Privacy Policy in accordance with the applicable rules (see below).
This Data Protection Policy does not apply to “content” processed, stored or hosted by our customers using other offers or services: this Policy does not apply to any product, service, website or content offered by third parties or governed by its own data protection policy.
This Policy outlines our policies and practices relating to your personal information (information about you that allows you to be identified) and its processing. This Policy may be amended at any time (see Amendments).
Reminder:
The data controller is, within the meaning of the Data Protection Act and the RGPD, the person who determines the means and purposes of the processing. When two or more data controllers jointly determine the purposes and means of processing, they are referred to as joint data controllers. The processor is a person who processes personal data on behalf of the controller, acting under the authority of the controller and on instructions from the latter.
Presentation
Skiif is sensitive to the issues of respect for privacy and the protection of personal data, and became involved in the RGPD compliance process at a very early stage.
Skiif is committed to protecting your personal data, its confidentiality and security.
Our aim is to offer you our services while respecting your privacy and the commitments we have made in our Two Data Protection Laws:
1- Your data belongs to you
2- Your data is protected
Skiif undertakes to protect your personal data and not to disclose it without your prior consent.
We collect some of your personal data for the sole purpose of carrying out the tasks related to the purposes for which they are collected and processed (canvassing and commercial relations, customer service, recruitment).
Skiif is committed to providing its services and resources in accordance with the requirements of the General Data Protection Regulation (GDPR).
We confirm that we have completed our RGPD compliance audit: all available services and features comply with the privacy and data protection standards required by the RGPD.
If you have an unresolved privacy or data use issue that we have not satisfactorily addressed, please contact (free of charge):
dpo@skiif.com
Protecting the information entrusted to us is a matter close to our hearts.
1- Background
2- Data collected and method of collection: General rules
3- Purpose of data collection
4- Duration of data storage
5- Place of storage
6- Your obligations
7- Transfer and communication of data
8- Security and organisational measures
9- Your rights
10- Changes
11- Contact
0- Background
We, as a data processor within the meaning of the GDPR, agree and warrant that:
a) we will process personal data solely on behalf of a data controller (our “Client”), in accordance with the instructions of the data controller and these clauses ;
b) we have implemented the technical and organisational security measures specified in this document prior to processing the personal data;
c) in the event of further sub-contracting, we will ensure that we inform the above-mentioned data controller in advance and obtain the latter’s written consent.
What information does Skiif collect?
1- Data collected and method of collection: General rules
We collect several types of information about users of our website and others, including information :
- that allows you to be identified, in particular your surname, first name, company and town, your e-mail and your telephone number (hereinafter referred to as “personal data”);
- relating to your Internet connection, the equipment you use to access our website and details of the use you make of it.
To this end, Skiif collects general and personal data about you:
- through you when you provide us with your contact details (via our email or via the contact form)
- from Skiif websites; and from third parties (such as online service providers or single sign-on methods).
Once the data has been received, an electronic profile is created for each individual or legal entity (the “Profile”) using Skiif’s proprietary tools.
The Profile may in particular contain the following elements
- surname ;
- first name ;
- company ;
- country ;
- telephone ;
- e-mail address;
We also use cookies on our website.
By continuing to browse our website or by closing the cookie banner, you agree to the use of these cookies.
Our Cookie Policy explains what cookies are, how we use them, how third parties we may deal with use them in connection with the Service and what choices you may have in this respect, amongst other information.
Skiif Cookie Policy
1. What does Skiif do with my information?
We are committed to protecting your privacy. We describe below the ways in which we use the information we collect and receive to provide, maintain and improve the Service; resolve problems and provide Customer support; protect the Service for all our users; contact you.
2. Purpose of data collection
The collection of data is also intended to protect Skiif and its users. Skiif does not collect data for any other purpose. In addition to the creation of Profiles, Skiif uses your data for the following purposes, to which you subscribe:
a) Management of the commercial relationship
Skiif collects your personal data via the contact form in order to use it according to the purpose selected by the “customer” or the “internet user”, i.e. to establish a commercial relationship concerning the products and services offered by Skiif, to take action following a request for assistance or as part of a recruitment process or the processing of an unsolicited application.
b) Promotion and marketing:
Skiif may use your data to personalise your experience on its website by showing you appropriate advertisements in order to send you marketing messages that may be of interest to you, including information about our services, case studies, etc.
c) Satisfaction surveys
Skiif may use your data to offer you the opportunity to respond to satisfaction surveys, with the sole aim of being able to position ourselves in relation to our response to your needs and thus improve. Your consent will be required prior to the questionnaire; and you are entitled to object to this.
d) Technical data :
Skiif or third parties commissioned by Skiif evaluate this data solely for statistical purposes and only in anonymous form, in order to optimise its website and increase its user-friendliness, efficiency and security.
e) Statistical analysis of the website
Statistical analyses are carried out on the basis of exclusively anonymous data which under no circumstances allow users to be identified.
f) Other purposes:
Skiif may use your data where it considers it necessary or appropriate: (a) under applicable laws, including those outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public authorities and bodies, including those outside your country of residence; (d) to enforce its terms; (e) to protect its operations; (f) to protect Skiif’s rights, privacy, safety or property, to protect you or others; and (g) to allow Skiif to pursue available remedies or limit the damages that Skiif may sustain; (h) to allow you to apply for a job with Skiif.
Skiif will ask for your consent before using data for purposes other than those mentioned in this Policy, subject to applicable laws.
3. Data retention period
General and personal data will be kept by Skiif for the duration of a commercial relationship between Skiif and the “Customer”. In the absence of a commercial relationship between the “Customer” and Skiif, the “Customer’s” personal data will be retained only for a reasonable period of time to respond to enquiries or resolve problems, to provide new or improved services and to comply with legal requirements under applicable law for a maximum of three years, unless otherwise required by law.
For applicants, data will be kept for a maximum of two years.
You can delete your Skiif account by sending an e-mail to our Data Protection Officer: dpo@skiif.com
4. Place of storage
The Profiles established by Skiif are stored in a centralised database
- in the Cloud,
- on the site of a third party supplier
Third party providers have signed our data protection clauses
Any transfer of your data outside the European Economic Area should only take place with appropriate safeguards, such as contractual clauses that comply with applicable data protection laws and regulations.
5. Your obligations
We will use reasonable efforts to keep your Personal Information as accurate, complete and up-to-date as possible. We will not update your Personal Information according to a fixed schedule unless such a procedure is necessary. To ensure that your Personal Information is accurate and up-to-date, and to help us maintain this, you must inform us, without delay, of any changes to the information you have provided to us.
You must therefore guarantee that the data you provide is :
- correct ;
- accurate ;
- up to date
- accurate;
- and compliant with applicable laws.
In view of the fact that Skiif mainly uses electronic communications in its dealings with you, you are asked in particular to notify us of any changes to your e-mail address.
Children under the age of 16
Our website is not intended for children under the age of 16. Such children are prohibited from providing personal data on or through our website. We do not voluntarily collect personal data from children under the age of 16.
If you are under 16 years of age, we strongly recommend that you do not use or provide information on our website or its sections, whether by registering on our website. We also recommend that you do not provide us with any information about yourself such as your name, telephone number or e-mail address. If we become aware that we have collected or received personal data from a child under the age of 16 without verification of parental authority, we will delete that information.
If you believe that we are in possession of information about or received from a child under the age of 16, please contact us.
6. Transfer and communication of data
Your personal data may be transferred to and from France, in particular to countries whose data protection laws may be different and less strict than those of your country of residence.
You hereby agree that Skiif may transfer and disclose your data as follows:
a) Transfers within Skiif: transfers are made within Skiif and its subsidiaries in the context of their activities and/or services.
b) Transfer to third parties: Skiif may also transfer personal data to third parties at the request of its Customers, for example for data aggregation or emergency tracking services.
Skiif may also transfer your data to a third party in the event of a restructuring, merger, sale, joint venture, assignment, transfer or other disposition of all or part of Skiif’s business or assets (including in connection with bankruptcy or related proceedings).
c) Regulatory Transfers: Skiif may be required by law to transfer data to governments and regulatory and/or supervisory authorities.
If you visit a Skiif website, your data will be transferred over a network that is freely accessible to the public. As a result, data may be transferred across national borders, even if you and Skiif are located in Europe.
7. Security and organisational measures
We have implemented technical and operational measures to protect personal data against accidental loss, alteration, distribution or unauthorised access.
The personal information you provide to us is stored on our password-protected servers behind firewalls.
We train our employees on the importance of data protection and focus specifically on safeguards against unauthorised disclosure of personal data.
We have a contingency plan in place to respond to events that breach Skiif’s data protection and privacy policies. This plan is updated regularly.
You are also responsible for the security of your information. Unfortunately, the security of transmissions via the Internet cannot be guaranteed. We do everything we can to protect your personal data, but we cannot guarantee the security of any data you transmit via our website or any public network.
You assume the risks of any transmission of personal data. Without prejudice to any mandatory legal obligations to which we may be subject, we cannot be held responsible for any circumvention of the privacy or security measures contained on our website.
Only authorised personnel of Skiif, personnel of third party companies (e.g. service providers) or authorised personnel of our Customers (who are contractually bound to maintain the confidentiality of all information) have access to your personal data.
Skiif staff who have access to your personal data are required to comply with confidentiality regulations.
8. Your rights
In accordance with your rights under European data protection legislation, you have a right of access to the information we hold about you, the purposes for which it is used, to whom it may have been disclosed and other information.
We generally take one month to respond to requests for access.
However, we reserve the right to verify your identity and, in the case of complex requests, we may need up to two months to respond.
We may also request financial compensation for administrative costs incurred in the case of excessive or manifestly unreasonable requests.
We may also request additional information to locate the data you are seeking and certain legal exemptions exist to your right of access, in accordance with European data protection legislation.
Under European data protection legislation, you have the following rights, which can be exercised by making a written request to us:
(a) right to correction of inaccurate or incomplete personal data in our possession;
(b) the right to erasure of personal data at the earliest opportunity when it is no longer necessary for the purposes for which it was collected;
(c) the right to object to the automatic processing of your personal data, where applicable (for example, for the purposes of an automatic background check);
(d) the right to object to the use of your personal data for direct marketing purposes;
(e) the right to object to or limit the use of your personal data for a purpose other than that specified above, unless there is a legitimate reason for not doing so;
(f) the right to the portability of personal data to another data controller where the data has been collected with your consent or is used within a contractual framework and processed automatically.Please note that in order to be fully compliant, these requests may be passed on to third parties involved in processing your personal data on our behalf.
If you wish to exercise any of these rights, please write to us at the address below.
If you make a request and are not satisfied with our response or believe that we are processing your personal data unlawfully, you have the right to complain to the CNIL.
Under certain circumstances, you may also request the blocking or deletion of your personal data held by Skiif, unless it is held for legitimate legal purposes.
If you have any questions or problems concerning Skiif’s data processing procedure, please contact the Data Protection Officer at the following e-mail address: dpo@skiif.com
(g) I would like to delete my personal account.