PERSONAL DATA PROTECTION POLICY
Les Dérives Résiniques et Terpéniques (hereinafter “DRT”) pays particular attention to the compliance of its personal data processing activities with the General Data Protection Regulation (GDPR).
DRT ensures that users are easily informed about personal data processing through the dedicated information on its website and its various communication media.
As the controller of the data it collects, DRT undertakes to comply with the legal and regulatory provisions in force. In particular, DRT takes all reasonable measures to ensure that personal data are accurate and relevant for the purposes of its processing.
When you provide us with personal data or when we collect personal data about you, we agree to use them in accordance with this Policy.
Please read this information carefully. If you have any questions or concerns about your personal data, please contact our personal data protection officer at the following email address: firstname.lastname@example.org.
Who are we?
DRT is responsible for the personal data you provide to us. The terms “DRT ”, “we” or “our” used herein refer to the company DRT. In accordance with the regulations applicable to the protection of personal data, DRT is the “data controller”.
Les Dérives Résiniques Et Terpéniques (hereinafter “DRT”):
A limited liability company with share capital of €19 961 200
RCS Dax 985 520 154 – FRANCE
EU VAT no. FR 86 985520154
30 Rue Gambetta
40100 Dax, FRANCE
Tel. : +33 (0)5 58 56 62 00
Publication Editor: Mr Laurent LABATUT
Personal data protection officer’s email: email@example.com
What personal data do we collect from you and for what purposes?
Generally, you can visit our website without having to state your identity or provide personal information about you. However, DRT may sometimes ask you for information, for example, to respond to a request from you, provide a service, process an order or for marketing purposes.
In some cases, you provide us with personal data directly (for example, when you contact us to ask us a question). In other cases, we collect such data (for example, by using cookies to understand how you use our website) or the data in question are sent to us by third parties, including other DRT Group entities.
Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as the “Data Subject”), deemed to be an “identifiable natural person”, a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as email addresses, user names, content generated by users, etc. Personal data may also include unique digital identifiers such as the IP address of your computer or the MAC address of your mobile device, as well as cookies.
When we collect data, we flag the required fields with an asterisk. Failure to complete the fields indicated by an asterisk may affect our ability to offer you the service requested or manage your requests.
We may process your personal data for the following purposes:
|Enable and improve navigation on the Website, management and traceability of the services used by the user
|Data collected by cookies or similar technologies:
— Data relating to your use of our website;
— Connection data;
— Pages consulted;
— Duration of the visit;
— IP address;
— Data relating to the browser and the device;
|Prevent and combat computer fraud (spamming, hacking, etc.)
|Computer hardware used for navigation, IP address, password;
|Offer customer support and respond to your inquiries via contact forms
|Last name, first name, email, address, postal code, city;
|Conduct optional satisfaction surveys
|Conduct communication and commercial prospecting campaigns (SMS, email) and newsletter subscription
|Telephone number, email address, IP address, data from cookies (navigation data (date, time, IP address, visited pages, preferences);
|Offer to send samples of our products (test)
|Last name, first name, email, postal address, telephone number;
|Allow candidates to submit their CV and be contacted as part of a recruitment processes
|Last name, first name, CV
Who can access your personal data?
The persons who have access to your personal data are authorized employees within the competent departments of DRT and its affiliates.
Your personal data may also be processed on our behalf by trusted service providers.
We use trusted third parties to carry out a series of transactions on our behalf. We only provide them with the information they need to perform the service and ask them not to use your personal data for other purposes. We always make every effort to ensure that all third parties with whom we work maintain the confidentiality and security of your data. We may, for example, request services that require the processing of your personal data to:
- Third parties who assist and help us to provide IT services, such as platform providers, hosting services, maintenance and technical support services for our databases as well as for our software and applications that may contain data about you (these services may sometimes require access to your data in order to perform the tasks requested);
- Service providers who are responsible for carrying out our satisfaction surveys and the statistics associated with the use of the website.
We may also disclose your personal data to third parties:
- If we have your consent.
- Or if permitted by law.
We do not share or sell your personal data.
No personal information of the user on the website www.drt.fr is published, exchanged, transferred, given or sold on any medium to third parties without the user’s knowledge. Only the assumption of the purchase of DRT and its rights would enable the transmission of the said information to the potential buyer, who would in turn be bound by the same obligation to retain and modify the data with respect to users of the website www.drt.fr.
Where do we store your personal data?
Data we collect from you are stored in France by DRT or its trusted service providers.
DRT undertakes not to process, host or transfer the information collected on its customers to a country recognized as “not suitable” by the European Commission without first informing its customers. However, they may be transferred, accessible from and stored in a country outside the European Economic Area (EEA) at any time. They may also be processed by a member of staff operating outside the EEA working for us or for one of our service providers.
Data collected through our website are intended for DRT as well as for subsidiaries that may be located outside the European Union. The latter are obliged, by contract, to respect the confidentiality and security of the data communicated to them and to use such data only for the purposes of the mission entrusted to them.
DRT may also be required to use the services of technical and commercial subcontractors provided that they offer sufficient guarantees set in the requirements of the General Data Protection Regulation.
As some countries may not have any laws governing the use and transfer of personal data, we undertake to take all necessary measures to ensure that relevant third parties comply with the requirements set out in this Policy. These measures may include a control of the standards applied by these third parties with regard to the protection of personal data and security and/or the signing of appropriate contracts (based on the model adopted by the European Union Commission). For further information, please contact us as described in the “Contact” section below.
How long do we keep your personal data?
We retain your personal data only as long as necessary to achieve the purpose for which we hold such data, in order to meet your needs or to fulfill our legal obligations. To establish how long we keep your data, we apply the following criteria:
- If cookies are placed on your computer, we retain your data only as long as necessary to achieve its purpose (e.g. for the duration of a session for session ID cookies) and for any period defined in accordance with local regulations and instructions;
- If you contact us with a request for information, we retain your personal data for as long as necessary to process your request.
- Website visitor and prospect data are kept in the current archives (i.e. routinely accessible by the relevant DRT departments) for three years from the prospect’s last contact. A “contact” is defined as connecting to a customer account, viewing a product fact sheet, adding a product to the basket, searching for a product on the website, and clicking on a link contained in the newsletter or in an email sent by DRT. At the end of this three-year period, DRT will be able to contact the prospect again to find out if he/she wishes to continue to receive sales solicitations.
In any case, you can withdraw your consent at any time and request that you unsubscribe from the Newsletter by clicking on the link contained in the messages sent to you.
- Customer account data are retained for the period strictly necessary to manage the sales relations. The sales relations is terminated when the customer account is closed, claims files with the after-sales service are closed, or if the customer has not contacted DRT for more than five years.
Beyond the duration of the sales relations with the customer, certain data may be archived in accordance with the provisions in force (in particular, but not exclusively, those provided for by the Commercial Code, Civil Code and Consumer Code).
We may archive certain personal data in order to fulfill our legal or regulatory obligations, and in order to enable us to exercise our rights (e.g. file an appeal in any court) or for statistical or historical purposes.
When we no longer need to use your personal data, we delete them from our systems, and files or anonymize them so that they no longer allow you to be identified.
How is the security of your personal data ensured?
DRT undertakes to take all necessary precautions to preserve the security of your personal data and, in particular, that they are not communicated to unauthorized persons.
To ensure the security and confidentiality of personal data, DRT uses networks protected by standard devices such as firewalls, pseudonymisation, encryption and passwords.
When processing personal data, DRT takes all reasonable measures to protect them from loss, misuse, unauthorized access, disclosure, alteration or destruction.
What are your rights as data subjects?
In accordance with the European regulations in force, Users of the website www.drt.fr have the following rights:
- The right to be informed;
- The right to access your data;
- The right to rectify your data;
- The right to erase your data (or “right to be forgotten”);
- The right to withdraw consent at any time for data processing based on consent;
- The right to restrict the processing of your data;
- The right to object to the processing of your data based on legitimate interest;
- The right to the portability of your data;
- The right to disable Cookies.
If you wish to exercise your rights or obtain additional information, you can contact the personal data representative at the following email address: firstname.lastname@example.org or via our GDPR form provided for this purpose. Please note that requests to delete personal data are subject to the obligations imposed on DRT by law, including the retention or archiving of documents. Finally, users of the website www.drt.fr may lodge a complaint with the supervisory authorities, and in particular with the CNIL (https://www.cnil.fr/fr/plaintes).
In order to respond to your request, we may require proof of identity.
If you have any questions or comments about how we process and use your personal data, or if you wish to exercise any of your rights mentioned above, please contact our personal data representative at the following email address email@example.com or via our GDPR form provided for this purpose or write to us at the following address:
30 Rue Gambetta
40100 Dax, France.
Update of the personal data protection policy
DRT may change this Policy at any time. If DRT wishes to use personal data in a manner different from the policy at the time of collection, such changes will be published in a new version of this Policy.