GDPR - Personal Data Policy
TOPSEC is committed to maintaining the confidentiality of your personal data and attaches great importance to protecting the privacy of users of its services.
1. MANAGEMENT OF PERSONAL DATA
Any natural person browsing the www.topsec.fr website (hereinafter referred to as "the User") is informed of TOPSEC's application of the regulations concerning marketing communication, the Law of 21 June 2014 on trust in the Digital Economy, the Data Protection Act of 06 August 2004 and the General Data Protection Regulations (RGPD: No. 2016-679).
1.1 PERSON RESPONSIBLE FOR THE PROCESSING OF PERSONAL DATA
For personal data processed in the context of browsing the TOPSEC website www.topsec.fr (hereinafter referred to as "the Site"), the person responsible for processing personal data is:
TOPSEC, SAS with a capital of 2,743,912 euros
Head office: 19 rue de la baignade 94400 Vitry-sur-Seine France
Represented by Thierry ALIMONDO, its president.
As the controller of the personal data collected, TOPSEC undertakes to comply with the legal provisions in force.
In particular, it is responsible for establishing the purposes of its data processing, providing Users with full information on the processing of their personal data and maintaining a register of processing in accordance with reality.
Whenever TOPSEC processes personal data, TOPSEC takes all reasonable measures to ensure that the personal data are accurate and relevant to the purposes for which TOPSEC processes them.
1.2 CATEGORIES OF PERSONAL DATA COLLECTED AND PURPOSE OF THE PROCESSING
TOPSEC may collect the following personal data concerning the User:
- identification data (surname, first name, etc.),
- contact information (postal address, telephone number, e-mail address, etc.),
- professional data (CV, name of employer, etc.)
- where applicable, bank data in connection with the processing of complaints from Customer Users.
TOPSEC may process all or part of the Users' personal data:
- to allow navigation on the Site, management and traceability of information relating to the use of the Site by the User: connection data and use of the Site, etc.
- to prevent and fight against computer fraud (spamming, hacking...): computer equipment used for browsing, IP address, etc.
- to improve navigation on the Site: login and usage data
- to conduct optional satisfaction surveys on TOPSEC: email address
- to conduct communication campaigns (sms, email): phone number, email address
- to process online applications for possible recruitment: CV, cover letter, etc.
TOPSEC does not sell the User's personal data to third parties, which are only used for the purposes described above.
The legal basis for these processing operations is:
- the User's consent to the deposit of cookies,
- TOPSEC's legitimate interest in combating computer fraud, conducting satisfaction surveys and communication campaigns, as well as receiving applications from Users who are candidates for employment,
- the execution of a contract to which the Customer User is a party, in particular the management of any complaints addressed through the Site.
1.3 CONSERVATION PERIOD
Personal data are kept by TOPSEC for as long as they are necessary to fulfil the aforementioned purposes.
Personal data enabling the management of the relationship with a Customer User will be kept for 3 years after the end of the commercial relationship, with the exception of bank data that may be collected, which are kept for a maximum period of 13 months from the debit date, in accordance with Article L133-24 of the Monetary and Financial Code.
Data collected during commercial prospecting operations will also be kept for 3 years after the last contact.
The personal data of Users applying for employment with TOPSEC per via the Site will not be kept for longer than is strictly necessary for the evaluation of applications for potential recruitment.
With regard to the personal data of deceased Users, provided that TOPSEC is informed, they will only be processed in the context of the organisation and settlement of the deceased's estate and in order to establish, exercise and defend their rights in court, unless specific instructions are brought to the attention of TOPSEC.
At the end of these periods, personal data will be deleted from the active databases and, if necessary, archived in an intermediate database for a period not exceeding the legal limitation period of five years or the applicable archiving obligations. Once this period has expired, the personal data will be destroyed.
1.4 USER RIGHTS
In accordance with the regulations in force, the Site User has the following rights regarding the processing of his personal data:
- right of access and rectification of personal data concerning him/her
- right to erase personal data for one of the reasons provided for in Article 17 of the DGPS,
- the right to withdraw its consent at any time, in particular to send commercial prospecting and to deposit cookies,
the right to limit the processing of personal data under the conditions provided for in Article 18 of the DGPS
- right to object to the processing of personal data under the conditions provided for in Article 21 DGPS
If the User wishes to exercise his rights, he may contact TOPSEC in writing at the following address: TOPSEC: 19 rue de la baignade 94400 Vitry-sur-Seine
In this case, the User must indicate the right(s) he/she would like to exercise, by identifying himself/herself precisely with a copy of an identity document (identity card or passport).
Requests for the deletion of personal data may be refused or limited on grounds related to TOPSEC's legal obligations, in particular with regard to the storage or archiving of documents.
Finally, Users of the Site may file a complaint with the supervisory authorities, and in particular with the CNIL (https://www.cnil.fr/fr/plaintes).
1.5 RECIPIENTS AND ABSENCE OF TRANSFER OF PERSONAL DATA OUTSIDE THE EUROPEAN UNION
TOPSEC will not process, host or transfer personal data collected on its Users to a country outside the European Union or recognised as "not adequate" by the European Commission without first informing the Users. However, TOPSEC remains free to choose its technical and commercial subcontractors, provided that they provide sufficient guarantees with regard to the requirements of the General Data Protection Regulations (GDR 2016-679).
The User's personal data may be communicated to TOPSEC's subsidiaries and its subcontractors (service providers) exclusively for the purposes set out in this policy.
Within the limits of their respective powers and for the purposes mentioned above, the main persons likely to have access to Users' personal data are mainly TOPSEC's authorised personnel.
2. INCIDENT NOTIFICATION - PERSONAL DATA SECURITY
TOPSEC undertakes to take all necessary precautions to preserve the security of personal data and in particular that they are not communicated to unauthorized persons. However, no matter how hard you try, no method of transmission over the Internet and no method of electronic storage is completely secure. As a result, TOPSEC cannot guarantee absolute safety. In the event of an incident affecting the integrity or confidentiality of Users' personal data, TOPSEC will notify the CNIL of this violation of personal data within a maximum of 72 hours. If necessary, OPSEC will also inform the User(s) within a reasonable time and communicate the corrective measures taken to remedy the incident.
To ensure the security and confidentiality of personal data, TOPSEC uses standard protection devices such as pseudonymization and password.
When processing personal data, TOPSEC takes all reasonable measures to protect it from loss, misuse, unauthorized access, disclosure, alteration or destruction.
3. "COOKIES" AND INTERNET TAGS
What is a cookie?
The CNIL (www.cnil.fr) defines cookies as follows:
"A cookie is information placed on your hard drive by the server of the site you are visiting. The purpose of the cookie is to collect information relating to your browsing and to send content and services tailored to your interests. It contains several data: the name of the server that deposited it, an identifier in the form of a unique number, possibly a cookie expiry date...
This information is sometimes stored on your computer in a simple text file that a server accesses to read and save information. »
In practical terms, when you visit the Site, "cookies" may be stored on your device (your computer, your tablet, your smartphone, etc.).
A cookie is a small stored text file that contains a list of characters that are downloaded to your device during your visit. Cookies are then sent back to our Site on each subsequent visit or to another site that recognizes these cookies.
Cookies on our Site
Cookies on our Site are used for the purpose of audience measurement of. These cookies are more particularly intended to establish the volume and establish statistics on the use of our Site, the various sections consulted and the elements used.
Management of cookie storage
The legal basis for cookies is the User's consent.
After acceptance by the User, cookies are stored for a maximum of 13 months from their first deposit. This period is not extended by new visits from the User.
The placement of cookies on your device requires your consent. Thus, as soon as you arrive on our Site, an information banner indicates that we are using this technology and that by continuing your browsing, you accept the deposit of cookies on your device.
You can at any time prevent the deposit of cookies by setting your Internet browser as follows:
- Microsoft Internet Explorer : https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies
- Microsoft Edge : https://privacy.microsoft.com/fr-fr/windows-10-microsoft-edge-and-privacy
- Google Chrome : https://support.google.com/chrome/answer/95647?hl=fr&hlrm=en
- Safari iPhone / iPad : https://support.apple.com/fr-fr/HT201265
- Opéra : http://help.opera.com/Windows/10.20/fr/cookies.htmlSome browsers also offer a "Do not track" option (which can be translated as "don't track me").
3.2 INTERNET TAGS
TOPSEC may occasionally use Internet tags (also known as "tags", or action tags, single-pixel GIF, transparent GIF, invisible GIF, and one-to-one GIF) and deploy them through a specialized web analytics provider, and thus store the corresponding information, including the User's IP address which constitutes personal data.
This technology allows TOPSEC to evaluate Users' responses to the Site and the effectiveness of its actions (for example, the number of times a page is opened and the elements viewed), as well as the User's use of the Site.
The external service provider may collect information about Users of the Site and other websites through these tags, compile reports on the activity of the Site for TOPSEC, and provide other services related to the use of the Site and the Internet more generally.
© TOPSEC HOLDING