General Data Protection Regulation Policy (GDPR)
This policy applies to all the products, services, business operations, websites and apps offered by GBP France SAS.
A. GBP France SAS Principles
1. GBP France SAS does its best to protect your privacy while processing data through the appropriate use of security technology and processes. This means:
a. We ensure that we have appropriate physical and technological security measures in place to protect your information.
b. We ensure that when we use other services providers for any processes, these service providers also have appropriate security measures in place to protect your information.
2. GBP France SAS respects your privacy. For instance, you should only receive marketing emails from GBP France SAS which you have agreed to. It will be made clear to you where you have these choices. For example, by providing opt in / opt out options for you to decide whether you wish to receive these information or not.
3. GBP France SAS will only collect and use your information to fulfill our contract with you and/or to ensure a proper business interaction with you, where we have legitimate business reasons, and where we are legally entitled to do so. For example, we use your contact information to respond to your inquiries, acknowledge or award orders, send you information on our products or as part of our services, etc.
4. GBP France SAS will be transparent about the information we will collect on you and how we will use your information.
5. GBP France SAS will only use your information for the purpose(s) for which they were originally collected and we will ensure any old information is securely disposed of.
6. If GBP France SAS transfers your information outside of your country, or outside the European Economic Area (EEA), all protection required under the law shall remain in place.
B. How GBP France SAS May Use Personal Information you share with us
“Personal Identifiable Information” (PII) is the information that identifies you as an individual, such as name, postal address, telephone number, email address, login access code and/or credit card number.
GBP France SAS collects Personal Information ONLY when it is necessary and legitimate to ensure legal and proper business transactions, when you submit it via GBP France SAS’s application forms and/or portals and/or any self-initiated communication you share with GBP France SAS.
GBP France SAS need to use your account data to run your account, provide you with or receive by you services, bill you for services, provide you with customer support, contact you about a service or your account. We occasionally send you communications of transactional nature (service related announcement, change of product specifications, billing-related matters, change of our services, etc.). You can decide to opt out of these communications but we do not recommend you to do so. They are required to provide and/or receive services to you.
The Personal Identifiable Information (PII) that GBP France SAS usually collects is First Name, Last Name, Email Address, Mobile phone number, Street Address, Zip/Postal Code/Location, and Country. Depending on the nature of the business transaction, others may add.
We also ask optional profile non-personal data questions that include, Billing details, VAT number, Risk profile, Job title, Job function, Industry profile, Area of activity and no. of Staff/Company Size. You can object to GBP France SAS using your data as described above but our ability to fully and properly run business transactions and/or provide or receive services to or from you may be impacted if you reject that GBP France SAS uses or collects these data.
During a recruitment process or similar, should sensitive PII be shared, GBP France SAS will ask for your prior explicit consent to collect and process these PII. These PII will be stored under the appropriate level of security. These PII will not be disclosed to third parties unless you have given your prior consent. These PII will be deleted when they are no longer needed for the purpose they were collected or when they are no longer valid. You will have the option to ask GBP France SAS to withdraw these PII at any time.
We may also ask some further, voluntary questions in our registration forms so we can gain a clearer understanding of our company profile to enable us to personalize our additional services to your company, if any.
C. Information GBP France SAS automatically Collects
GBP France SAS automatically collects Non-Personally Identifiable Information (Non-PII) on all visitors and customers interacting with our online services, including browser type, operating system, geography, and pages visited.
This information is used to improve customer experience across all GBP France SAS platforms. It also allows us to display relevant content and services to the appropriate audience.
D. Updating / Deleting Your Personal Information
Should any of your personal information change, please contact GBP France SAS at any time. GBP France SAS does not automatically or systematically delete your information:
– A visitor account and information is never deleted unless you are explicit about your wish to delete your data after your visit
– A customer account and information not active (no business transaction) for a period of 2 years is made “dormant” but is
not deleted.
You have certain legal rights to obtain information about whether GBP France SAS holds personal information about you and to obtain its correction, update, amendment or deletion in appropriate circumstances. Some of these rights may be subject to some exceptions or limitations. In case of request, we will respond to your demand to exercise these rights within a reasonable time.
Rights which you are entitled to are:
o Right to restrict processing
o Right of rectification
o Right to erasure (Right to be forgotten)
o Right to object to processing
o Right to withdraw consent; and
o Data portability rights
E. Who GBP France SAS May Share Your Information With
GBP France SAS may occasionally need to share your personal information with business partners to ensure a proper management of the business transaction with you and/or your company. For example, GBP France SAS may need to share (some of) your personal data with transport companies to ensure proper deliveries, with suppliers to ensure proper treatment of your order requirements, etc. If you wish not GBP France SAS to share (some of) your personal data with business partners, you have to inform GBP France SAS in writing. Note that this rejection may complicate or make impossible some of the business operations.
GBP France SAS will not share your personal information with others for marketing purposes and/or for any other purpose unless you have given your permission.
GBP France SAS may offer via its website(s) third party services, such as product recommendations and/or surveys. Any information which is collected by GBP France SAS when you access a third party service is processed under this Privacy Statement. Information collected by third party operators themselves will be governed by their own privacy statement.
GBP France SAS may use service providers to help run its website(s) or services, some of whom may be based outside your country or the European Economic Area. Any third parties who access your data in the course of providing services on our behalf are subject to strict contractual restrictions to ensure that your data is protected, and in compliance with GDPR.
F. Use of Cookies
GBP France SAS stores “cookies” so that we can offer you a comprehensive functionality and make the use of our website more convenient. Cookies are small files that are stored on your computer by your internet browser. If you do not want cookies to be used, you can block the storing of cookies on your computer by changing your browser settings. Please note that this could limit the functionality and functional scope of our offerings. See our “how we use cookies” page on our website for more information.
G. Legal Information
Please note that GBP France SAS reserves the right to access and disclose personal data when requested by legal authorities, to comply with applicable laws and lawful government and compliance requests, to operate our systems properly and to protect both ourselves and our visitors and customers.
This General Data Protection Regulation Policy has been last updated on 15 th July 2020.