The owner of the site, through its parent company Les Grands Chais de France SAS
(hereafter “the Company”), as Data Controller under the terms of the General Data
Protection Regulations no. 2016/679 of 27th April 2016 (GDPR) undertakes to respect the
right to respect for privacy, in particular for data that is personal in nature, of any person
visiting and/or communicating with and/or receiving information from the GCF Group’s
social networks as well as by emails (including newsletters) and correspondence forms
(hereafter “the Users”).
The purpose of the Privacy Policy is to provide information about the way in which the
Company processes data that is personal in nature (hereafter “Personal Data”), in particular
specifying how the Personal Data of Users is collected, used, stored and archived.
This having been explained, please find below, dear Users, responses to the various
questions that you may have.
1. PURPOSES OF PROCESSING
The Company, in its capacity as Data Controller, collects and uses the Personal Data of Users
in accordance with the regulation in force in order to ensure the management of the mails,
which could be sent to the Company.
The Company will not collect the Personal Data of minors.
2. LEGAL BASIS OF PROCESSING
The legal basis of processing is the correspondence sent by the User to the Company.
3. SOURCE OF PERSONAL DATA
We only collect the personal data communicated by the User (name, first name, address,
etc.) who would join a mail to the Company, in order to be able to answer the User as
efficiently as possible.
4. RECIPIENTS OF PERSONAL DATA
The recipients of this data are:
- the Company ;
- the other companies of the GCF Group;
- the Company's subcontractors if necessary.
The Company ensures that the recipients of the data offer serious guarantees of security and
confidentiality of the Personal Data it transmits to them.
We may also disclose your Personal Data if we are required to do so by law or if we believe,
in good faith, that such disclosure is reasonably necessary to comply with legal process,
respond to claims, or protect the safety or rights of the Company, its customers or the
public.
5. TRANSFERRING DATA OUTSIDE THE EUROPEAN UNION
In principle, Personal Data are processed exclusively within the European Union.
Your Personal Data may be transferred outside the European Union. In this case, the
Company will take all necessary measures in order to ensure its protection.
To this end, the Company will ensure the protection of the User’s Personal Data during its
transfer and that third party entities respect a high level of protection for the User’s
Personal Data, in accordance with European requirements (such as the European
Commission’s Standard Contractual Clauses).
6. STORAGE OF PERSONAL DATA
Personal Data are stored in respect of applicable French and European standards.
Personal Data will be stored for 5 years from the last order or collection in any other case. At
the end of this period and if your consent is not renewed it will be destroyed by the
Company.
The User may request the deletion or amendment of his/her Personal Data at any time.
The Company will implement all technical and organisational measures necessary to protect
the privacy and security of the User’s Personal Data that are collected via the Company’s
sites.
These measures consist in particular of storing the Personal Data in secure operating
environments that are not accessible to the public and that are only accessible to authorised
staff members within the Company, as well as specially authorised proxies and contractors.
7. RIGHTS OF USERS AFFECTED BY PROCESSING
In accordance with French and European standards relating to the protection of data that is
personal in nature, and in particular the General Data Protection Regulations no. 2016/679
of 27th April 2016 (GDPR), applicable from 25th May 2018, the User has the right to access,
correct, limit processing of, delete and oppose processing and portability.
Furthermore, they have the option of withdrawing their consent for the processing that
requires it. In this case, the data will be deleted.
Any User who wants to make requests regarding the portability of their Personal Data or to
exercise any other right indicated above may contact the Company:
- By email using the following address:
- Or by post using the following address:
The User also has the option of submitting their claims to the Personal Data control
authority.
In France, the User may contact the Commission Nationale de l’Informatique et des Libertés
(the “CNIL”) whose website is accessible at: https://www.cnil.fr/ .
For other States, the complete list of local authorities with competence for data protection is
found on the following list of institutions:
http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080