Preamble
This policy has been drafted to inform you in all transparency about how we use your personal data when it is collected by the Keyrus website. This policy is an addition to the General Terms and Conditions of Use of the website.
The data controller of the Keyrus website is Keyrus SA, which adheres to the applicable regulations, in particular the European Regulation on personal data (EU 2016/679) (hereinafter the ‘GDPR’).
The policy is described below and may be modified at any time by Keyrus. Keyrus will not be held liable in any way whatsoever for the consequences of such modifications.
Management of your personal data
Contact form
Whenever you contact Keyrus by completing the contact form, the following data is collected: your first name and surname, email address, telephone number and company, along with anything else you include in the message.
This data is collected so that we can respond to your enquiry. The processing of this data is based on your consent.
Cookies
Cookies are small text files saved to your computer or device whenever you browse a website. Cookies can be used to collect, store and share information on your activities on websites and the services you use.
This website uses the cookies listed below. We use them to help us improve our website and understand how it is being used, among other things. Your consent to the processing of your personal data via these cookies may be collected when necessary, especially through the acceptance of cookies when prompted by a banner that appears when you visit the website.
You are responsible for configuring your browser so that cookies are saved to your device. However, if you so choose, you can configure your browser to always reject cookies or to regulate them based on specific issuers. You can also configure your browser to periodically ask about accepting or rejecting cookies before they are saved to your device.
Please note that the rejection of certain cookies may affect your experience while using our website.
Data recipients
The staff employed by Keyrus and the companies forming part of the Keyrus Group, as well as the subcontractors employed by Keyrus insofar as necessary for the services they provide (maintenance, hosting, support, etc.), may have access to the data collected.
Keyrus may also be required to disclose your personal data to a legal authority or any other governmental authority.
We ensure that each recipient abides by the appropriate security and confidentiality safeguards.
Security and confidentiality
Keyrus has implemented and maintains the appropriate technical and organisational security measures to ensure a level of security adapted to the risk.
Transfer to third countries
In the event data is transferred to a country outside the European Union, Keyrus shall establish the appropriate safeguards as required by the GDPR or ensure the third country has received a favourable adequacy decision from the European Commission. Where necessary, Keyrus will carry out any formality required under the Regulation.
Keyrus may carry out such a transfer if (i) it is to an entity within its Group which is established outside the European Union, and (ii) Keyrus has to share such information with third parties in order to supply the service you have requested.
Storage period
The storage period applicable to your personal data is based on the storage times provided for by law and regulations and based on the relevant type of data.
As part of a job application, your CV and the information provided during the recruitment process will be stored for a maximum of 2 years after your last contact with Keyrus.
The data that is provided through the contact form will be stored for the time necessary to respond to your enquiry.
Rights of data subjects
Under current regulations on personal data processing, you have a right of access to your data and a right to rectify it. You can also place limits on how your data is processed, request its erasure or object to Keyrus processing it.
You can exercise your rights or make an enquiry on the processing of your personal data by sending your request to our Data Protection Officer (DPO) by:
Please attach a copy of your ID to your request.
You also have the right to make a complaint to the French Data Protection Agency (CNIL).
Miscellaneous
Severability
If one or more provisions of this privacy policy are held to be invalid or declared as such by virtue of statute or other legislative instrument or following a final decision by a competent court, such provision(s) will be deemed severed from the policy and all other provisions will remain valid and enforceable.
Definitions
Below are some definitions to help understand our policy.
‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
‘user’ means any person or entity accessing the website, including natural persons, legal persons or automated technologies (robots);
‘Personal Data’ means any information relating to an identified or identifiable natural person (hereinafter the ‘data subject’); an ‘identifiable natural person’ is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of said natural person.