Privacy policy

As part of its business, the Publisher is required to process data and information about you (contact form, online badge request, while browsing this site, etc…).

The Customer is informed of the regulations in force, in particular the law of 21 June 2014 for confidence in the Digital Economy, the Data Protection Act of 06 August 2004 and the General Data Protection Regulation (RGPD: no. 2016-679).

Within the framework of this privacy policy, the Publisher uses the visitor’s data in the cases provided for by the regulations in force.

The personal data you provide is used to manage requests, quotes and orders, and to carry out the Services. It may also be added to the customer file for commercial prospecting purposes. It may not be passed on to third parties. It is collected by ITGA, which is responsible for processing it. The data is kept and used for a period that complies with current legislation. In accordance with Law 78-17 of 6 January 1978 as amended and European Regulation no. 2016/679/EU of 27 April 2016, you have the right to access, rectify and object to your personal data. This guarantee does not apply to processing for statistical purposes, where the data is only processed anonymously and in aggregate form. You may exercise your right, subject to production of valid proof of identity, by sending your request by e-mail to dpo@groupecarso.com or by post to the address of the company’s registered office indicated in the legal notice. A reply will be sent within one month of receipt of the request.

  1. Person responsible for the collection of personal data

The party responsible for the processing mentioned in this privacy policy is the Publisher, mentioned in the legal notice.

With regard to personal data collected as part of the creation of the User’s personal account or their browsing on the Site, the party responsible for processing personal data is: dpo@groupecarso.com

As the party responsible for processing the data it collects, the Publisher undertakes to comply with the legal provisions in force.

In particular, it is the Publisher’s responsibility to establish the purposes for which the data is processed and to provide prospective customers and clients, once their consent has been obtained, with full information on the processing of their personal data and to maintain an accurate register of such processing.

Whenever the Publisher processes Personal Data, it takes all reasonable steps to ensure that it is accurate and relevant to the purposes for which it is processed.

  1. Type and purpose of data collected

With regard to users of this Site, the Publisher collects data that is essential for the operation of the service. The data will be kept for a period of time that complies with legal provisions or is proportionate to the purposes for which it was recorded.

The Publisher may process all or part of the data:

  • To enable browsing of the Site, and to manage and trace the services ordered by the user: connection and Site usage data, invoicing, order history, etc,
  • To prevent and combat computer fraud (spamming, hacking, etc.): computer equipment used for browsing, IP address, password (hashed),
  • To improve browsing on the Site: connection and usage data,
  • To conduct optional satisfaction surveys on this site: email address, etc.
  • To carry out communication campaigns (sms, email): telephone number, email address.

The Publisher does not sell personal data, which is therefore only used by commercial necessity to place an order or a commercial contract or for statistical and analysis purposes. The Publisher also collects information to improve the user experience and provide contextualised advice: Google Analytics – Cookies for visitor statistics.

We use Matomo software to track site navigation.

  1. Retention period for personal data

The data collected is kept only for as long as is necessary to achieve the purposes described herein, within the limits of the statute of limitations in force.

Data categoriesObjectivesShelf life
Data relating to a prospect : all dataCreating and managing a file3 years from last data collection
Data relating to an active customer : all dataManaging customer accounts, orders, deliveries, invoicing and paymentsThroughout the contractual relationship
Data relating to an inactive customer : data relating to the performance of the contractManaging customer accounts, orders, deliveries, invoicing and payments10 years after the end of the contract or the last contact with the inactive customer
Identification and contact detailsSending information on the development of our publication and our offers5 years after the end of the contract or the last contact with the inactive customer
Identification and contact data  Inactive customersSending information on the development of our publications and offers5 years after the end of the contract or the last contact with the inactive customer
10 years for surname, first name and postal address
Digital identification dataSending information on the development of our offers5 years after the end of the contract or the last contact with the inactive customer
Identification and contact details – Newsletter subscribersSending information on the development of our publications and offers3 years from unsubscription or last contact with the customer
Identification and contact details – Web account holdersSending information on the development of our publications and offers3 years from unsubscription or last contact with the customer
Data generated by cookies linked to your browsing of our online servicesOperation and optimisation of services, traffic measurement, personalisation of content and advertising13 months maximum
Data retained for tax purposesCreating and managing a file10 years in accordance with the provisions of the Book of Tax Procedures and the French Commercial Code
  1. Right of access, rectification and opposition

In accordance with current European regulations, Users have the following rights:

  • Right of access: the right to request information about data processing (article 15 of the RGPD).
  • Rectification: the right to complete or modify information (article 16 of the RGPD),
  • Of completeness: the right to block or erase Users’ personal data when it is inaccurate, incomplete, equivocal, out of date, or whose collection, use, communication or storage is prohibited. The right to request the deletion of data (article 17 of the RGPD).
  • The right to withdraw consent at any time (article 13-2c of the RGPD),
  • The right to limit the processing of Users’ data: the right to ask an organisation to temporarily “freeze” the use of some of your data. (article 18 of the RGPD),
  • Right to object to the processing of Users’ data: a person may object to the processing of their data (except in specific cases where the processing is required by law). (article 21 of the RGPD),
  • Right to portability of data provided by Users, where such data is subject to automated processing based on their consent or on a contract: this is the right to request a copy of their data to enable the User to change supplier without losing any data. (article 20 of the RGPD)
  • The right to determine the fate of Users’ data after their death and to choose to whom the Publisher shall communicate (or not) their data (a third party designated by the Publisher). As soon as the Publisher becomes aware of a User’s death and in the absence of any instructions from the User, the Publisher undertakes to destroy the User’s data, unless it is necessary to retain such data for evidential purposes or to comply with a legal obligation.

If the User wishes to know how the Publisher uses his/her Personal Data, wishes to rectify such data or objects to the processing thereof, the User may send a written request to the following addressaite demander à les rectifier ou s’opposer à leur traitement, l’Utilisateur peut adresser une demande par écrit à l’adresse suivante :

dpo@groupecarso.com or by post to the following address :

Groupe Carso
4 Avenue Jean Moulin
69200 Vénissieux

A l’attention du Délégué de la protection des données (DPO)

In this case, the user must indicate the Personal Data that he/she wishes to correct, update or delete by identifying him/herself precisely with proof of identity.

Requests for the deletion of Personal Data will be subject to the obligations imposed on the Publisher by law, in particular as regards the retention or archiving of documents. Finally, the User may lodge a complaint with the supervisory authorities, in particular the CNIL (https://www.cnil.fr/fr/plaintes).

Commission nationale de l’informatique et des libertés (CNIL)
3 Place de Fontenoy
TSA80715
75334 PARIS CEDEX 07

Or on the website  : https://www.cnil.fr/fr/plaintes

  1. Non-disclosure of personal data

The Publisher will not process, host or transfer the information collected to a country located outside the European Union or recognised as ‘non-adequate’ by the European Commission without informing the customer in advance. However, the Publisher remains free to choose its technical and commercial subcontractors provided that they offer sufficient guarantees with regard to the requirements of the General Data Protection Regulation (RGPD: no. 2016-679).

The Publisher undertakes to take all necessary precautions to preserve the security of the Information and in particular to ensure that it is not communicated to unauthorised persons. If the Publisher becomes aware of an incident affecting the integrity or confidentiality of the Customer’s Information, it must inform the Customer as soon as possible and inform the Customer of the corrective measures taken. Furthermore, the Publisher does not collect any ‘sensitive data’.

The User’s Personal Data may be processed by the ITGA group and by subcontractors (service providers) exclusively in order to achieve the purposes of this policy, with whom the Publisher has entered into a specific RGPD subcontracting agreement and in order to ensure compliance and respect for the chain of co-responsibility.

Within the limits of their respective responsibilities and for the purposes set out above, the main persons likely to have access to the Publisher’s Users’ data are the Group’s employees.

  1. Incident notification

Whatever efforts are made, no method of transmission over the Internet and no method of electronic storage is completely secure.

Consequently, the Publisher cannot guarantee absolute security. If the Publisher becomes aware of a breach of security, it will notify the users concerned so that appropriate action can be taken.

Incident notification procedures take account of legal obligations, whether at national or European level.

The Publisher undertakes to keep Users fully informed of all matters relating to the security of their account and to provide them with all the information necessary to help them comply with their own regulatory obligations.

No personal information of the user of this site is published without the user’s knowledge, exchanged, transferred, assigned or sold on any medium whatsoever to third parties who are not part of the ITGA group. Only the assumption of the purchase of the Editor and its rights would allow the transmission of the said information to the eventual purchaser who would in turn be bound by the same obligation of conservation and modification of the data with respect to the user of the present site.

  1. Security

To ensure the security and confidentiality of Personal Data, the Publisher uses networks protected by standard devices such as firewalls, pseudonymisation, encryption and passwords.

When processing Personal Data, the Publisher takes all reasonable steps to protect it against loss, misuse, unauthorised access, disclosure, alteration or destruction.

  1. The legal basis for data processing

Consent: We may process certain data with your consent, which you are free to withdraw at any time. On the one hand, in the case of sending marketing communications, including by digital means, where your consent is required. Secondly, in the placement of cookies, both through our Services and through certain third party sites and services, where your consent is required. You are free to withdraw your consent at any time

Legal obligations: in some cases, we are bound by laws that require us to process your data with the judicial authorities or for law enforcement purposes.

Contractual obligations: Your data may be processed to enable the proper performance of a contract. Contractual necessity applies to all users who accept our Terms of Use.

Contact us
For any information
algade@algade.com
Follow us to stay tuned about Algade news or contact us for more information.