PERSONAL DATA PROTECTION POLICY

Our philosophy and our commitments

Coriolis is committed to the protection of your personal data and is committed to ensuring a high level of protection of your personal data in accordance with Regulation (EU) 2016/679 and the Data and Civil Liberties Act, Law N°78–17. In this regard, you will find below our policy for the protection of your personal data explaining to you specifically what we collect as personal data, the treatment of this data and on what basis, their retention and the management and your personal rights. We invite you to read it. Our Personal Data Protection Officer is at your disposal to answer all your questions, you can contact him at the following address: dpo@baladeo.com.

Click on this link to access the applicable European Regulation or refer to or enquire at the regulatory authority (CNIL) via its website www.CNIL.fr.     

This current version of the personal data policy may be modified by us if necessary in which case you will be notified.


Your data controller   

 Coriolis is the data controller of your personal data, the contact details of which you will find below: 22 rue Charles Graindorge 93170 Bagnolet; herein it is referred to by name or ‘We’.     


 Your personal data and its collection by Coriolis   

 Your personal data may be collected during: 

 ·         your visit to our site, 

 ·         our exchanges, 

 ·         our prospective actions, 

 ·         the formation or execution of our contracts.

We do not collect any data not necessary for the processing purpose indicated during the collection or any data prohibited by law or regulation.    

The collection of certain data may be mandatory or optional and you are informed of the mandatory information. Your personal data may be collected by third-party service providers or partners, who undertake to comply with European and national regulations on personal data.   

Our policy is not to transfer your data outside the European Union; if by exception we do so, this transfer can take place only with a country or an organization on the basis of an adequacy decision (article 45 RGPD) or subject to appropriate safeguards (article 46 RGPD).   

We do not use automated decision-making.


Our processing of your personal data 

We process your personal data by entering them into databases; these data are stored, retained and if necessary corrected, deleted, archived, anonymized or pseudonymized, transferred to trusted third parties.   

 We are required to process your personal data for the following processing purposes or for purposes that are specified to you during collection:


Your information on our commercial (products, services, etc.) and promotional offers – To communicate with you 

We may use your personal data for commercial prospecting purposes with your consent, and specifically to send you information about our products/services, our commercial and promotional offers, our news.  

   

The execution of your current contracts and customer follow-up   

We use your personal data to ensure the execution of current contracts in accordance with your requests.   

 We may also send you all information on your order or your current contracts, their execution, your invoices and contractual documents, advice, the execution of our guarantees where applicable and our legal obligations. We also use your personal data to manage our customer relationship, your requests or complaints, if any disputes and to follow your customer history.   


Improving the use of our services and our offers   

We process your personal data to allow you an optimal use of our services, to improve our offers and products / services, to track the course of the processing of your orders and inquiries, to carry out customer satisfaction enquiries, surveys and anonymous statistics.   


Your payments   

Your bank details can be collected either directly by us or by a dedicated and selected service provider, which guarantees the complete privacy of your bank details and these details are kept only for the time necessary for the duration of the contractual relationship or within legal limits. 

   

Protection against fraudulent acts   

The personal data collected can be used to defend against fraud, specifically on payments or direct debits. As such, our payment security providers can be made the recipient of this data.  

Ensure respect for the law and for court decisions   

Your Data may be used to:   

- respond to a request from an administrative or judicial authority, a representative of the law, a judicial officer or comply with a court decision;   

- ensure compliance with our general conditions of sale/service;   

- protect our rights and/or obtain compensation for the damages that we may suffer or limit the consequences thereof;   

- prevent any act contrary to the laws in force, specifically within the framework of the prevention of the risk of fraud.     


The basis for processing your personal data   

In accordance with the regulations, the processing of your personal data by us is founded if based on one of the following fundaments:   

Your consent to the processing of your data by us: you agree to the processing of your personal data by express consent. You can withdraw this consent at any time from our DPO; This concerns specifically the processing of personal data for commercial prospecting purposes; or 

 The existence of a contract between you and us: the data processing is then justified by the needs of the execution of the contract; this includes all processing relating to product delivery, your payments, your invoicing, your preferences and your customer history; or   

 Our legitimate interest in the processing of your personal data as long as this proportionate interest respects your fundamental rights and your privacy; or   

The law or regulations in force when this requires us to process and store your personal data.     


Methods and periods of retention of your personal data   

We manage your personal data in three phases:   

- An active phase in which the data are kept for the time indicated below on an ‘active’ basis: your personal data are then accessible only by those with an operational need to access them in order to carry out the authorized processing operations.

- An archiving phase (for a time supplementary to retention in an ‘active’ database) when a legitimate reason justifies it: your personal data are then archived with restricted access and for a limited period.   

- A deletion or anonymization phase: at the end of the supplementary archiving within the time limits indicated below, your personal data are deleted or anonymized (so that they can no longer constitute personal data identifying you).       


Your personal data are kept for the time necessary for the needs of their processing, our customer relationship where applicable and the execution of contracts and within the limits specifically laid down by law; we may keep your personal data archived for the necessities of accounting, fiscal or probationary purposes for the time of the applicable regulations. By way of example, we indicate below the retention periods that apply to the following processes (subject to regulations imposing a differentiated retention time):

Withdrawal of your consent to the collection or processing of your personal data   

Your consent granted for the collection of your personal data can be withdrawn by writing to our DPO by email or by post to the addresses appearing in the header, indicating your surname, first name, email and address with the nature and precise purpose of your withdrawal request.     

You can also address any commentary on your personal data to: Coriolis 22 rue Charles Graindorge 93170 Bagnolet   


Exercising your rights over your personal data   

You have at your disposition:     

A right of access, which allows you to obtain:   

- Confirmation that data concerning you is or is not being processed;   

- Communication of a copy of all personal data held by the controller.   

A right to request the portability of certain data: allows you to recover your personal data in a structured format, commonly used and readable by a machine.   

A right of opposition: allows you to no longer be the subject of commercial prospecting by us or our partners, or, for reasons relating to your particular situation, to stop the processing of your data for research and development, anti-fraud and prevention purposes.    

A right of rectification: allows you to have information concerning you rectified when it is obsolete or incorrect. It may specifically be applied in the event that your data are no longer necessary for processing.    

A right of erasure: allows you to obtain the erasure of your personal data subject to the legal retention periods. It may specifically be applied in the event that your data are no longer necessary for processing.   

A right of limitation: It allows you to limit the processing of your data in the following cases:   

-  In the event of unlawful use of your data;   

- If you dispute the accuracy of your information;   

- If you need the data to establish, exercise or defend your rights.     

Your personal data will then no longer be the subject of active processing, and cannot be modified during the period of exercise of this right.   

A right to obtain human intervention: data controllers may have recourse to an automated decision-making with a view of subscription or management of your contract. In this case, you can request from the Data Protection Officer the determining criteria for the decision.   

You can exercise these rights by e-mail to dpo@deejo.fr or by letter to the following address: 22 rue Charles Graindorge 93170 Bagnolet, indicating your surname, first name, address and e-mail, where applicable your customer references as well as the subject of your request indicated in clear and legible terms. Coriolis undertakes to respond to your confirmed request within one month of receipt.   

In case of difficulty, you can contact our personal data protection officer directly by email: dpo@baladeo.com or contact the National Commission for Computing and Liberties (CNIL).     


Our subcontractors and partners   

Coriolis may transmit your personal data to subcontractors performing services involving processing of your personal data and in compliance with the purposes referred to herein; these subcontractors must confer on your personal data the same level of privacy as Coriolis and are committed to being in full compliance with the regulations on personal data, specifically with the GDPR.   

We do not trade in your personal data; if you want to know more and specifically know the identity of the service providers or partners to whom your personal data have been transmitted, you can contact our DPO at the following address: dpo@baladeo.com.   

The providers or partners that may access your personal data may be specifically:   

- providers that manage outsourced services for the performance of our services and contracts;   

- service providers helping us improve our services, perform data analysis and optimize our offers, carry out surveys and statistics;   

- auditors, accountants, consultants, lawyers, audit firms, IT and IT service providers, security providers;   

- investors and buyers.   

We may also be required to transmit your personal data to French authorities, administrations and courts, specifically in the context of legal action or legal formalities requiring this communication.       


Cookies policy   

 What is a cookie?   

A cookie is a file placed on your terminal (computer, tablet, for example) by Coriolis when you use the website and depending on your browser. This file will, during its recording period, identify your computer on your subsequent visits to the site, allowing us to keep your visit and navigation data.   

Coriolis may use various systems for collecting personal data, specifically by means of cookies on our website for which your consent is requested; these are potentially concerning the following cookies:   

Coriolis may also issue third-party cookies allowing the content of our site to be shared with third parties or tools to express your appreciation (e.g.: ‘I like’, from social media); you are then potentially identified by the social network which can follow your browsing. It is your responsibility to inform yourself of its privacy and cookie management policy, our company being unrelated to these tools.   

Cookies are subject to your acceptance on our website on your first visit. The period of validity of consent to the deposit of cookies and tracers is a maximum of 13 months, from their first deposit in your terminal following the expression of your consent.   

You can manage your acceptance or refusal of cookies directly from your browser settings.   

You can thus either accept all cookies, be notified when a cookie is placed, or refuse all cookies. If you refuse cookies in whole or in part, some features of the Site may be compromised or some pages may be inaccessible.   

To disable cookies:   


If you are using Internet Explorer 8 and later: 

1. Go to ‘Tools’ in the menu bar and click on ‘Internet Options’. 

2. Click on the ‘Privacy’ tab at the top. 

3. Scroll to ‘Block all cookies’ to block all cookies or to the ‘Accept all cookies’ to accept all cookies.     

For more information, consult: https://support.microsoft.com/en-us/topic/delete-and-manage-cookies     


If you are using Firefox 30.0 and later: 

1. Click on the ‘menu’ button and select ‘Preferences’. 

2. Select the ‘Privacy & Security’ panel. 

3. In ‘History’, for the option ‘Storage rules’, select ‘use custom settings for history’. 

4. Check the ‘Accept cookies’ box to enable cookies, or uncheck it to disable them. If you have further problems with cookies, make sure that the ‘Accept third-party cookies’ option is not set to ‘Never’. 

5. Choose how long cookies can be stored. Store them until ‘Their expiration’: Each cookie will be deleted on its expiration date, the date set by the site issuing the cookie. Store them until ‘Firefox closes’: the cookies saved on your computer will be deleted when you close Firefox. Store them until ‘Ask me every time’: a warning is displayed each time a website wishes to send a cookie, asking you if you agree to save the cookie or not. 

6. Click OK to close the ‘Options’ window.     

For more information, see: For more information, see https://support.mozilla.org/en/products/firefox/privacy-and-security/cookies    


If you are using Google Chrome:   

1. Go to the ‘Tools’ menu. 

2. Click on ‘Settings’. 

3. Click on ‘Advanced settings’. 

4. Click on ‘Privacy/Content settings’. 

5. ‘Cookies’ must be selected. Then select ‘Block cookies and data from third-party sites’.   For more information, see: https://support.google.com/chrome/answer/95647?hl=en   


If you are using Safari 5.0 and higher: 

1. Choose Safari> Preferences and click ‘Security’. 

2. In the ‘Accept cookies’ section, indicate if and when Safari should accept cookies from websites. To see an explanation of the options, click the help button (looks like a question mark). If you have set Safari to block cookies, you may need to temporarily accept cookies to open a page. Repeat the above steps, selecting ‘Always’. When you are done with the page, turn off cookies again and delete cookies from the page.   

For more information, see: http://support.apple.com/kb/ht1677?viewlocale=en_FR   


If you have a different browser type or version, you are invited to consult the ‘Help’ menu of your browser.