Transactis Personal Data Protection Policy

Introduction

Transactis places the protection of data of a personal nature (hereinafter “personal data”) at the centre of its concerns.

The purpose of this Personal Data Protection Policy (hereinafter “the Policy”) is to inform you about the processing of your personal data.

 

Transactis undertakes to comply with the regulations in force in terms of the processing of personal data and, in particular, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter “GDPR”) as well as any applicable national regulation (hereinafter “the Regulations”).

This Policy illustrates the importance that Transactis attaches to respect for fundamental rights and freedoms, privacy and the protection of personal data. Transactis ensures that your personal data are processed fairly, lawfully and completely transparently.

1.    What personal data are processed by Transactis?

Personal data is any information relating to an identified or identifiable individual.

Transactis respects the principle of data minimisation, i.e. only personal data that are adequate, relevant and limited to what is strictly necessary to achieve the objective for which they were collected are processed. As part of this process, Transactis also ensures that your personal data remain accurate and up to date.

 

2.    Why does Transactis process your personal data?

Transactis undertakes to process your personal data for specified, explicit and legitimate purposes, and not to process them subsequently in a manner that is incompatible with those purposes.

Each processing operation carried out by Transactis, as Data Controller, is based on one of the legal bases provided by the regulations in force.

 

3.    To whom does Transactis transmit your personal data?

Personal data may be transmitted, in particular, to the following recipients, in respect of the purposes set out above:

  • subcontractors or service providers performing services on behalf of Transactis,
  • administrative or judicial authorities or more generally any authorised third party (lawyers, statutory auditors, etc.), in order to satisfy the legal or regulatory obligations to which the company is subject.

 

 

4.    Can your personal data be transferred outside the European Union?

Transactis carries out all personal data processing on European Union (EU) territory.

However, if your personal data are transferred to a country outside the EU, Transactis undertakes to implement all appropriate guarantees available, with regard to the regulations in force, to ensure the management and security of these transfers.

 

5.    How long does Transactis keep your personal data?

The retention period for your personal data is determined according to the purpose of the processing. Transactis undertakes not to keep your personal data beyond the period necessary to provide these services in accordance with its commitment.

The retention of any personal data is limited exclusively to the purpose(s) for which it is processed, unless specified otherwise and notified to you.

At the end of these periods, Transactis destroys the data in accordance with its internal policy or renders the data anonymous, in order to use them for statistical purposes.

 

6.    How does Transactis protect your personal data?

In accordance with the regulations in force, Transactis undertakes to implement all the appropriate technical and organisational measures to guarantee your personal data an appropriate level of security proportionate to the risk. These measures (e.g.: anonymisation, encryption, restricted access, etc.) aim to ensure the confidentiality, integrity, availability and resilience of your personal data.
Transactis requires each of the recipients of your personal data to comply with the appropriate security and confidentiality guarantees.
Transactis, as Data Controller, notifies personal data breaches to the competent supervisory authority, i.e. the CNIL (French Data Protection Authority), as soon as possible and, where possible, within seventy-two (72) hours after becoming aware of any personal data breach likely to generate a risk for your rights and freedoms.
Any personal data breach likely to generate a high risk for your rights and freedoms shall be notified to you as soon as possible in accordance with the regulations in force.

 

7.    What are your rights?

When Transactis collects your personal data, you receive, through information notices, clear and transparent information on the processing carried out and on the procedures for exercising your rights.

According to the Regulations, you have the ability to exercise your rights with Transactis, as Data Controller.  These rights are:

  • Right of access:it is possible for you to make a request to Transactis if it holds personal data on you. Transactis will provide them to you in a comprehensible format, or in a form that complies with your request within the limits of the available technical resources, if applicable.
  • Right of rectification:you have the right to rectify, supplement, update or erase incomplete, inaccurate or obsolete data.
  • Right of objection:you can object to Transactis using certain of your data at any time, indicating reasons relating to your particular situation.
  • Right to erasure:you can request the erasure of your personal data, subject to compliance with a legal obligation for the entity that processes your data.
  • Right to restriction:you can request the suspension of the processing of your personal data, particularly if you dispute the accuracy of the data used or if you object to your data being processed.
  • Right to withdraw consent:you can withdraw your consent at any time, if this has been previously given.

 

For any exercise of rights, please contact Transactis at the following address:

 

Transactis

Data Protection Officer

Immeuble Le Delta, 1/3 Boulevard des Bouvets, 92000 Nanterre

 

or by email at: dpo@transactis.fr

 

Any request must indicate your surname, forename, the address at which you wish to receive the response and must be accompanied by a copy of the front and back of your ID document.

Transactis undertakes to respond to requests to exercise your rights as soon as possible and, in any event, in accordance with legal timeframes.

Please send any complaint to the CNIL (French Data Protection Authority) at the following address:

CNIL
3 Place de Fontenoy
75007 PARIS

 

 

8.    How to contact the Transactis Data Protection Officer?

The Transactis DPO ensures compliance with the regulations relating to the protection of personal data.

For more information, you can contact the DPO at the following address:

Transactis

Data Protection Officer

Immeuble Le Delta, 1/3 Boulevard des Bouvets, 92000 Nanterre

 

or by email at: dpo@transactis.fr

 

 

APPENDIX: Definitions

  • Personal data:Any information relating to an identified individual or who may be identified, directly or indirectly, by referring to an identification number or to one or more items relating to them (such as surname, forename, identification number, email, IP address, voice, photograph, location data, etc.).
  • Data controller: Individual or legal entity which, alone or jointly with others, determines the purposes and means of the processing operation(s).
  • Processing:Any operation or set of operations relating to personal data, whatever the process used (automated or non-automated processing of personal data), and in particular the collection, recording, organisation, structuring, retention, adaptation or modification, extraction, consultation, use, disclosure by transmission, dissemination, or any other form of provision, reconciliation, interconnection or restriction, as well as locking, erasure or destruction.
  • Personal data breach: A security breach resulting in the accidental or unlawful destruction, loss, alteration or unauthorised disclosure of personal data transmitted, retained or processed in another manner, or the unauthorised access to such data.

Cookie Policy

For the transactis.fr site, the Transactis communication department is responsible for handling cookie management. The transactis.fr site deposits only one technical cookie for managing the choice of language. The cookie retention period is 30 days.