Within the framework of its services accessible via its website, PIEX is required to process information about you. This applies in particular when you browse our website, by filling out a form to obtain documentation, you transmit information to us, some of which is of a nature to identify you (hereafter “Personal Data”).
PIEX respects your privacy and is committed to protecting your personal data in accordance with the French Data Protection Act of January 6, 1978 as amended and the General Data Protection Regulation of April 27, 2016 (hereinafter “GDPR”).
PIEX has a team dedicated to the protection of Personal Data, consisting of a DPO (Data Protection Officer), declared to the CNIL and IT teams and ensures that its external partners who host the PIEX website have the appropriate security standards and protect your personal data.
The purpose of this privacy policy is to inform you about how we process your personal data, whether it is transferred to third parties, and your rights and options to control your personal information and protect your privacy.
We encourage you to read this privacy policy carefully.
1. Goals
This Personal Data Protection Policy (hereinafter the “Data Protection Policy”) describes the information that PIEX collects, in particular by means of or through, in whole or in part, the piex.com website or one of PIEX’s pages on social networks, but also in the context of your relations with the latter, and how PIEX processes it.
This data protection policy also specifies the rights you have over your Personal Data in accordance with the applicable legal and regulatory provisions.
The Processing of Personal Data presented to you and described in this data protection policy is carried out by PIEX, on its own behalf, as Data Controller;
In addition to terms defined elsewhere in this policy, the following terms, the first letter of which is capitalized, whether used in the singular or plural in this policy, shall have the following meaning:
“Recipient” means the natural or legal person, public authority, department or other body that receives communication of Personal Data, whether or not it is a third party.
“Personal data” means any information relating to an identified or identifiable natural person (see “Data subject”); an “identifiable natural person” is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, psychological, economic, cultural or social identity.
“Controller” means the natural or legal person, public authority, department or other body that determines the purposes and means of the Processing. When the Controller jointly determines the purposes and means of the Processing with others, he/she is called “Joint Controller”.
“Processor”: means the natural or legal person, public authority, department or other body that processes Personal Data on behalf of the Controller.
“Processing”: means any operation or set of operations carried out or not by means of automated processes and applied to Data or sets of Personal Data, such as collection, recording, organization, structuring, storage, adaptation or modification, retrieval, consultation, use, communication by transmission, dissemination or any other form of making available, reconciliation or interconnection, limitation, erasure or destruction.
2. What are your rights and how can you exercise them?
In accordance with the regulations applicable to personal data and in particular Articles 15, 16, 17, 18, 20 and 21 of the RGPD, the User has and may exercise the following rights with PIEX:
YOUR RIGHTS : WHAT IT MEANS
The right to be informed: You have the right to obtain clear, transparent, comprehensible and easily accessible information on how we use your Personal Data and on your rights. This is why we provide you with the information in this Policy.
Right of access: You have the right to access the Personal Information we have about you (subject to certain restrictions).
The right of rectification: You have the right to demand that your Personal Data be rectified if it is inaccurate or outdated and/or be completed if it is incomplete or updated.
The right to erasure/right to be forgotten : In certain cases, you have the right to obtain the erasure or deletion of your Personal Data. This is not an absolute right, insofar as we may be obliged to retain your Personal Data for legal reasons.
The right to object to commercial prospecting, including profiling: you can unsubscribe or object to receiving our commercial prospecting messages at any time.
Simply click on the “unsubscribe” link in any email or communication we send you.
The right to withdraw consent at any time for data processing based on consent: you can withdraw your consent to the processing of your data if this processing is based on consent. Withdrawal of consent does not affect the lawfulness of processing based on consent prior to its withdrawal. We invite you to consult the table inserted in the section “What Personal Data do we collect from you and how do we use it?”, and in particular the column “On what legal basis do we process your Personal Data?”, to find out whether our processing is based on consent.
The right to lodge a complaint with a supervisory authority: you have the right to lodge a complaint with the data protection authority in your country to challenge Personal Data protection and privacy practices.
We invite you to contact us using the contact details below before lodging any complaint with the competent data protection authority.
The right to data portability:’ you have the right to move, copy or transmit your data from our database to another. Cela s’applique uniquement aux données que vous avez fournies, lorsque le traitement est fondé sur votre consentement ou sur un contrat et qu’il est effectué à l’aide de procédés automatisés. We invite you to consult the table inserted in the section “What Personal Data do we collect from you and how do we use it?”, and in particular the column “On what legal basis do we process your Personal Data?”, to find out whether our processing is based on a contract or on consent.
The right to restrict processing: you have the right to request that we restrict the processing of your personal data.
This right means that the processing of your data by us is limited, so that we may retain the data, but not use or process it.
This right applies in specific circumstances provided by the GDPR namely:
- The accuracy of the Personal Data is challenged by the data subject (i.e. you), for a period of time allowing the data controller to verify the accuracy of the Personal Data ;
- The processing is unlawful and the data subject (i.e. you) objects to their erasure and demands instead that their use be restricted;
- The controller (i.e. PIEX) no longer needs the Personal Data for the purposes of the processing, but it is still necessary for the data subject to establish, exercise or defend legal claims;
- The data subject (i.e. you) objected to the processing on the basis of the legitimate interests pursued by the controller during the verification as to whether the legitimate grounds pursued by the controller prevail over those of the data subject.
The User may exercise these rights at any time by contacting the dedicated service at the following addresses
By email : [email protected]
The User, in order to exercise his/her rights, provides PIEX:
- The origin of the collection of its Data (contact form for example);
- His identity and contact information.
In the event of “reasonable doubt” as to the identity of the applicant (for example, in the event of a request made via an unknown e-mail address), and in order to prevent identity theft or risks of homonymy, PIEX may validly request proof of identity.
PIEX has a period of one (1) month from receipt of the request to respond, subject to the request being well-founded and not manifestly excessive.
The User may also at any time refuse to have his/her Data used by PIEX.
To do so, the User is invited to click on the unsubscribe links provided in the emails sent by PIEX.
The User is hereby informed that, if he considers that his rights have not been respected, he may lodge a complaint with the Commission Nationale de l’Informatique et des Libertés (hereinafter referred to as the “CNIL”). PIEX invites the User to visit the following link for further information:
https://www.cnil.fr/fr/les-droits-pour-maitriser-vos-donnees-personnelles.
3 - Data security
PIEX implements appropriate organizational and technical security measures, particularly with regard to the categories of Personal Data processed, the state of knowledge, the costs of implementation and the nature, scope, context and purposes of the Processing, as well as the risks, the degree of probability and seriousness of which varies, for the rights and freedoms of individuals, to protect your Personal Data against any malicious intrusion, loss, alteration or disclosure to unauthorized third parties, and more generally to preserve the security and confidentiality of said Personal Data and to guarantee a level of security appropriate to the risk.
Because of the difficulties inherent in carrying out an activity on the Internet and the risks, which you are aware of, resulting from the transmission of data by electronic means, PIEX cannot be held to an obligation of result.
In the event of difficulties arising, PIEX will make its best efforts to circumscribe the risks and will take all appropriate measures, in accordance with its legal and regulatory obligations (corrective actions, entry in the register and, if applicable, of the Persons concerned).
In the development, design, selection and use of the services offered on the Website that rely on the Processing of Personal Data, PIEX takes into account the right to the protection of Personal Data by default and from the moment they are conceived (see the principles of “Privacy by design and by default”).
Access to your Personal Data is limited to our employees or partners, and more generally to the Targeted Recipients, who are authorized and who need to know it in order to carry out their missions and/or activities.
In the event of subcontracting all or part of the Processing of Personal Data, PIEX shall contractually require its Subcontractors to provide security guarantees and, in particular, to ensure the confidentiality of the Personal Data to which they may have access (appropriate technical and organizational measures to protect such Data).
4 - How are your personal data collected and for what purposes?
For PIEX, you are at the heart of everything we do. We like to receive information from you and to exchange with you in order to offer you the service that best suits your profile. For all these reasons, there are many ways in which you can provide us with your personal data, and in which we can collect it.
We may collect personal data from you, or receive personal data from you, via our website and PIEX pages, on social networks or by any other means.
In some cases, you provide us with personal data directly (e.g., when you contact us to receive documentation or a callback, when you submit a CV, or when you subscribe to receive our newsletter).
In other cases, we collect this personal data indirectly (for example, by using cookies to understand how you use our website).
In the table below you will find more detailed information explaining the following items:
- In what situations may your personal data be provided or collected?
This column lists the activities you engage in, or the situations you find yourself in, when we use or collect your personal data. For example, if you request documentation, apply for a job, sign up for our newsletter, or browse any of the pages on this website.
- In what situations may your personal data be provided or collected?
This column indicates what types of data about you we may collect depending on the situation.
- How and why can we use them?
This column explains what we may do with your data, and for what purposes we collect it.
- What is the legal basis for our use of your personal data?
This column explains the purpose for which we may use your personal data. Depending on the purpose for which the data is used by the PIEX website, the legal basis for processing your data may be:
- Your consent;
- Legal obligations as soon as the legislation in force imposes the processing of data.
Overview of information about your interactions with us and their impact on your personal data:
|
In what situations may your personal data be provided or collected? |
In what situations may your personal data be provided or collected? |
How and why can we use them? |
What is the legal basis for processing your personal data? |
|
|
Registration to receive our newsletter |
|
|
Consent |
|
|
Maintain an unsubscribe list if you have requested to be unsubscribed. |
Legal obligations |
|
||
|
Navigation on the site |
|
|
Consent |
|
|
Data collected by cookies* during your navigation on the website (hereafter Cookies). For information on specific cookies placed through a particular website, please see the cookie table on that website. |
The validation by pop-in present on the site allows the collection of the consent of the User who is invited to refer to the policy of management of the cookies of the group. |
|
||
|
* Cookies are small text files that are stored on your device (computer, tablet or mobile) when you browse the Internet, including the PIEX website. |
|
|
||
|
Request for documentation, download of the press kit, Data collected:
|
|
|
Consent The validation of the information in the relevant forms when sending the request for information allows PIEX to collect the User’s consent. |
|
|
|
|
Recontact the User, in particular by email or telephone call, in the event of a missing document. |
||
|
User rights management |
|
To enable PIEX to respond to requests to exercise the rights of Users. |
When exercising its rights as defined in Point 9, PIEX processes your Data in order to comply with its legal or regulatory obligations but also for its legitimate interest, in particular for the prevention of litigation. |
5 - How long does PIEX keep the collected data?
PIEX informs the User that it will keep his/her Data for a period of time that does not exceed that which is strictly necessary for the purposes for which they have been processed, namely:
- For the Data collected during the navigation on the site: the Data known as “cookies” are kept for a period that does not exceed thirteen (13) months from their placement on the terminal of the User;
- If you have consented to receive marketing messages, we retain your personal data for a period not exceeding three (3) years from the time you unsubscribe or until you ask us to delete it or after a period of inactivity (no active interaction with PIEX);
- For the Data collected following a request via the relevant form: the Data are kept for three (3) years from the last request from the User that has not been answered in order to be able to justify the processing of the request and our compliance with the regulations in force;
- For Data collected following the creation of an online account: the Data is kept for three (3) years from the deletion of your account or after a period of inactivity (no connection to the account);
- For the Data collected for statistical analysis, the IP address of the User is kept for 1 year from his last connection;
- For Data collected via our form on the site: the Data is kept for a period not exceeding three (3) years from your last active interaction with PIEX or until you ask us to delete it.
- For Data collected following a request to exercise rights (see Point 7.): the Data is kept for one (1) year in case of exercise of the right of access or rectification from the receipt of the request, and three (3) years in case of exercise of the right of opposition from the receipt of the request.
When its retention is no longer justified by legal requirements or if you have exercised a right of modification or deletion, we will securely delete the Data.
6 - Who are the recipients of the data collected?
The data collected on the site is intended for PIEX and is compartmentalized by department and software within the group. They are transmitted to subcontracting companies that PIEX may use to perform its services, in particular customer management services and IT services such as platform providers, hosting services, maintenance services and technical support. Only the information required by PIEX’s subcontractors to perform the service is transmitted to them.
For the perfect information of the User, PIEX informs to resort to the following subcontractors:
|
Category of subcontractor |
Basis of data transmission |
|
Newsletter sending service provider |
After collecting the information that you have transmitted to us via the forms available on the site and if you have agreed to receive the newsletter, the provider receives your names, first names and e-mail addresses in order to process the communication of newsletters. |
|
Provider of digital management of information transmitted by companies |
The information you provide when you submit a job offer on our site or via the available forms is integrated into a software program dedicated to their digital management after your consent has been obtained when you validate this Privacy Policy at the time of sending the said forms or submitting the job offer. |
|
Courier service provider |
Your contact information is used in connection with the use of our messaging services. |
|
Social networking platforms |
Les informations vous concernant indiquées comme publiques et accessibles à partir de votre profil sur les réseaux sociaux seront accessibles. |
|
|
Some information about your habits on this site may also be exchanged between PIEX and these social networks. For more information see the privacy policies of these social networks. |
|
Audience analysis providers |
Elaboration of statistics allowing the analysis of the frequentation and the behavior on our sites. |
The personal data of the Users will not be transmitted to commercial or advertising actors and are in any case transmitted to specialized companies (mailing, audience analysis) whose list can be communicated to the concerned persons on request addressed to: [email protected]
Communication to these companies is limited to sending aggregate and statistical data.
PIEX also undertakes not to communicate the Data collected to a third party without obtaining the User’s consent, notwithstanding cases where a request is made by a government authority or body, in compliance with the Regulations in force. In any event, PIEX has ensured that its service providers and subcontractors comply with the Regulations.
Social networking platforms:
The use of icons dedicated to social networks integrated on our site (in particular the icons and “Share” buttons of Facebook, Twitter, LinkedIn) is likely to result in data exchanges between PIEX and these social networks. For example, if you are connected to the Facebook social network and you visit a page on the https://www.piex.com website, Facebook may collect this information.
In addition, when you click on these icons and buttons, PIEX may have access to personal information that you have indicated as public and accessible from your Facebook, Twitter, Linkedin profiles.
We therefore invite you to consult the personal data management policies of the various social networks to learn about the collection and processing of your data.
7 - Where is the data collected hosted?
PIEX informs the User that his/her Data is hosted by Hostinger S.A.
8 - Transfer of personal data outside the European Union
We will only transfer your Data to recipients who offer an equivalent level of Data protection.
9 - What are the obligations of PIEX?
As the person responsible for the processing operations defined herein, PIEX undertakes to:
- Implement all appropriate technical and organizational measures to ensure the confidentiality, integrity and security of the Data, including protection against their accidental loss, destruction or damage;
- To raise awareness and train its internal staff on the processing of Data, on the Regulations in force and on their consequences;
- Restrict access to User Data to only those persons duly authorized to do so;
- To guarantee all the rights of the Users under the conditions defined in Point 8;
- Notify the competent supervisory authority and users of any data breach that poses a high risk to the rights and freedoms of users within seventy-two (72) hours of the discovery of the fraudulent intrusion if required by regulation;
- Respect the data retention periods defined herein.
10 - Changes
This policy may be modified or supplemented at any time by PIEX, in particular for the purpose of updating it in accordance with changes in the legislation and regulations in force, provided that the User is informed thereof. In case of doubt, the latest version is the one appearing on the site.
However, Users’ personal data will always be treated in accordance with the policy in effect at the time of collection, unless a mandatory legal requirement provides otherwise and is retroactive.
11 - Contact
For any question relating to the collection or processing of the Data collected, the User is invited to contact PIEX :
By email : [email protected]