Date of effect: 24-09-2018
CLS and all of its subsidiaries (hereinafter known as “the CLS Group”) are keen to allay your concerns about confidentiality and the protection of your personal data. The purpose of this “Personal Data Protection Policy” (hereinafter referred to as the “Policy”) is to inform all natural persons concerned (hereinafter referred to as “You” or “Your”) about how the CLS Group collects, uses and discloses Your Personal Data and what You can do about this information.
This version of the Policy reflects the latest legal and factual developments known at the date on which it became effective. In particular, this Policy complies with the General Data Protection Regulation (Regulation (EU) 2016/679 and the Act No. 2018-493 dated 20 June 2018. In addition, we have tried to make the Policy clearer and easier to understand.
Any reference to the “CLS Group” means the CLS entity and its subsidiaries, which act as controller or processor of Your information, as explained in detail in the section on “Identifying the controller or processor of the data” below.
This Policy applies to our “Media”, a term encompassing all websites, applications, and platforms, as well as any other physical or on-line endeavour owned by a CLS Group company that collects and processes personal data. Consequently, this Policy does not apply to third-party websites, including to those that may be mentioned in our Media through an Internet link.
“Personal Data” means any information relating to a directly or indirectly identified or identifiable natural person, which is safeguarded by Act No. 2018-493 dated 20 June 2018 on personal data protection, the General Personal Data Regulation, and Convention No. 108 of the Council of Europe for personal data protection.
“Processing” means any operation or set of operations relating to such data, whatever the mechanism used, including the collection, recording, organisation, retention, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction of such data.
2. What data we collect
When You use our Media, we may collect and process all or part of the following data:
- First and last names;
- Postal address;
- Electronic address;
- Telephone number(s);
- Login and password;
- University, qualification, course attended;
- Organisation type (e.g. company, school, or university), name and size, department and job title;
- Industry and industry sub-sector;
- Delivery method and persons to whom the purchases should be dispatched;
- Financial details (credit card number and expiry date, name and address of card holder);
- IP address; and,
- Any other Personal Data that could be relevant for the following purposes:
The Personal Data collected shall however be limited to the data required to fulfil the purposes laid out below.
Some functions and features of the Media can be used only if You share some Personal Data when You visit or use them. You are free to provide or not to provide all or part of Your Personal Data. However, should You choose not to provide such data, You should be aware that this may prevent some of the objectives described below from being achieved or from being achieved in a satisfactory manner; some of the services or functions offered by the Media may not work properly; and/or You may be refused access to some functions. In particular, You may be prevented from accessing our basic geolocation facility via our platforms if You do not agree to geolocation data being collected.
2.1 Collecting the personal data of minors
The CLS Group does not deliberately collect or keep any Personal Data pertaining to persons under the age of 18, not even in the interests of the products and services it provides.
3. Why we collect personal data
Personal Data are usually collected as required for CLS Group’s activities, such as for running the real-time geolocation monitoring service, improving the suitability of products and services for clients, or fulfilling legal declaration obligations, and other similar activities.
The CLS Group collects and uses Personal Data concerning You for the following purposes in particular:
- To allow You to request and obtain information about the CLS Group and our products and services;
- To provide You with an interactive and personalised service when You use the Media;
- To allow You to open and manage a USER account;
- To enable us to monitor Your activity individually and provide technical support;
- To provide access to all the features and options offered by our Media;
- To allow You to communicate with other Users of the Service;
- To allow You to take part in a conference, a training course and/or an awareness-raising programme;
- To allow You to register for seminars, webinars or other events;
- To enable the CLS Group to conduct surveys;
- To enable the CLS Group to conduct communication activities;
- To enable the CLS Group to manage its commercial dealings, including its business opportunities, range of products and services on offer, purchases, contracts, orders, and invoices.
- To offer You commercial or support services;
- To allow You to buy software licences, products or services, to download software and/or save software licences;
- To enable the CLS Group to conduct its Research & Development activities;
- To process job applications and manage recruitment sources;
- To manage Your training in our products and services;
- To manage the CLS Group’s Compliance and Cybercrime Prevention programmes; and,
- Any other purpose relating to the CLS Group’s activities.
4. Cookies & Metadata
We may process the personal information we collect about You by passive means using cookies and other data collection technologies. The types of personal data we process in this context are described in more detail below.
The browser session cookies we use fall into two types. There are temporary cookies, which are erased from your device’s memory when you close your Internet browser or turn your computer off, and persistent cookies, which are stored on your device until they expire, unless you choose to delete them before their expiry date. We have three categories of browser cookies for our Website, which you can manage through our cookie preference manager:
4.1.1 Strictly necessary cookies
These cookies are necessary for this Website’s basic functions to work, such as for making the connection secure or memorising the progress status of an order.
4.1.2 Functionality cookies
We use functionality cookies to analyse how you use the Website so that we can see how we are doing and improve the way we do things. We also use functionality cookies to be able to provide a better client experience on the Website, for instance by memorising your login details or providing information on the way our website is used.
4.1.3 Analytical cookies
These are cookies that help us to understand the use and performance of our Website, to produce statistics and web traffic estimates, and to use various other Website data, such as the contents visited, routes taken, the pages and sections more often consulted, and the most read articles, so that we can improve the appeal and user-friendliness of our services.
4.1.4 Flash cookies
Videos and other features on our website use Flash cookies to collect and store your preferences, such as sound level. Compared to browser cookies, the amount and type of data stored in Flash cookies are different, as is how the data are stored. The cookie management tools provided by Your browser will not delete Flash cookies. To learn how to manage Flash cookie confidentiality and storage parameters, please click here. Some cookies may be placed by third-party service providers who take care of some of these functions on our behalf.
Metadata are the data automatically collected or generated when You use the CLS Group websites, products or services. Metadata are often collected or generated when You send data through a computer network such as the Internet when using your computer or other device. They contain data that can be used by the user interface or device facilities, as well as IP addresses, unique identifiers, MAC addresses, Wi-Fi and Bluetooth systems, cookies and the computer activity itself.
5. Personal data processing and retention
Personal Data “processing” includes but is not limited to the use, retention, recording, transmission, adaptation, analysis, alteration, declaration, sharing and deleting of Personal Data as and when this is needed or to fulfil a legal obligation.
The CLS Group exercises due care to protect the safety and confidentiality of Personal Data, ensuring in particular that they cannot be altered, damaged or accessed by unauthorised third parties.
The CLS Group may keep information relating to You as long as necessary to fulfil the purposes described in this Confidentiality Policy. This may include the retention of information concerning You after Your account has been deactivated for as long as deemed necessary by the CLS Group or to enable us to further our legitimate commercial interests, carry out audits, fulfil and demonstrate compliance with our legal obligations, resolve disputes and enforce our agreements. To determine the retention period, several parameters are relevant, such as the types of products and services provided to You, our relationship with You, the impact on the services supplied to You if we delete some of the information coming from or concerning You, and legal requirements with respect to data retention periods.
6. Links to websites not controlled by the CLS Group
This Policy applies only to the CLS Group’s practices, technologies and services. Our on-line Media may include links to websites and on-line services operated by other companies, which are neither controlled nor managed by the CLS Group. If you provide or submit personal information to these websites or on-line services, your personal information will be subject to the confidentiality policies of these websites or on-line services. You are encouraged to read the confidentiality policy of any website You visit carefully.
7. Personal data transmission
The CLS Group, a subsidiary of the French Space Agency (CNES) includes entities located outside the European Union. Therefore, the CLS Group may share and/or transmit your Personal Data to the CLS Group entities and/or subsidiaries as it deems fit and as required by the service provided.
The CLS Group may also share your Personal Data with third-party service providers to enable them to carry out certain processing tasks on behalf of the CLS Group. Our service providers are required to process and protect your Personal Data with the same level of care as required by the General Data Protection Regulation (Regulation (EU) 2016/679).
Moreover, we share your Personal Data only to the extent required or authorised by the Law, and so far as this is necessary to prevent or combat fraud, resolve a dispute or to fulfil any other legitimate requirement superseding your private interests, such as for the safety of our company or personnel.
In such circumstances, Your data may be transmitted via the Internet network or any other method that the CLS Group deems suitable in accordance with the applicable legislation.
8. Your right to access and rectify data
In accordance with the General Data Protection Regulation (Regulation (EU) 2016/679) and the applicable version of Act Informatique et Libertés (Information Technology, Data Files and Civil Liberties) dated 6 January 1978, the CLS Group is informing you that you have a right to access and rectify the Personal Data we collect.
You also have a right to oppose the processing of your Personal Data for legitimate reasons and to obtain a copy of Your Personal Data kept by the CLS Group.
If you have an account, You can exercise Your rights to access and rectify Your information by logging in to Your account. Otherwise, You may exercise Your rights by sending an email to: firstname.lastname@example.org.
To unsubscribe to the newsletter, please use the hypertext link, which can be found at the bottom of every issue.
The CLS Group reserves the right to refuse access to Personal Data in special cases founded in applicable legislative and regulatory provisions.
9. Your other rughts
The natural persons whose Personal Data may be protected by the General Data Protection Regulation enjoy several rights as defined below:
- Right to information – especially to know the reasons for processing or the rights of natural persons
- Right to erasure – the right for a person to have their data deleted when they withdraw their consent to their data being processed, when they object to such processing, when the data are no longer necessary in view of the processing purpose, when the data have been illegally processed or when the data must be deleted for legal reasons
- Right to limit the processing – the right to obtain a limit to the processing when the person concerned objects to such processing, or claims that the data is incorrect or illicit
- Right to data portability – when processing is based on consent or an agreement and carried out through automated processes, the person concerned has the right to receive the data in a structured, commonly used, machine-readable and interoperable form and to transmit the data to another controller, to which the original controller cannot object
- Right to object – the right to object at any moment to data being processed
- Right to object to automated decision making – right for a person to object to decisions being made about them based exclusively on automated processing, including profiling, and which produce a legal effect for that natural person or which may affect them, except when such decisions are necessary for a contract to be entered into or performed, are authorised by law or based on the person’s consent
For further information on Your rights, please click here.
You may exercise Your rights with the help of our DPO by sending an email to: email@example.com.
10. Data security
In the CLS Group, we take care to protect your Personal Data and keep them safe, ensuring that they remain confidential and preventing them from being altered, damaged, deleted or disclosed to unauthorised third parties.
The CLS Group has taken physical, electronic and organisational measures to prevent any loss, misuse, unauthorised access or dissemination, alteration or deletion of Personal Data. Such measures include the use by the CLS Group of technologies specially designed to protect Personal Data during transmission. However, despite the CLS Group’s efforts to protect Your Personal Data, complete and faultless protection cannot be guaranteed given the inevitable risks to which your Personal Data may be exposed when being transmitted.
Since all Personal Data are confidential, access to such data is limited to the CLS Group’s personnel, service providers and officers who need it when performing their duties. All persons accessing Your Personal Data are bound by a confidentiality obligation.
However, to prevent any unauthorised use of Your Personal Data, you must be careful. You are responsible for keeping Your password and other account information secret. You must, therefore, close Your session if You share Your computer with someone else.
11. Conflict resolution
Even though the CLS Group has taken reasonable measures to protect Personal Data, no transmission or storage system is absolutely certain.
However, the CLS Group takes great care to ensure that Personal Data are protected. If you have reasons to believe that the safety of your Personal Data has been compromised or your data have been misused, please contact the CLS Group by sending an email to: firstname.lastname@example.org.
The CLS Group shall process complaints about the use and disclosure of Personal Data and shall attempt to resolve complaints in accordance with the principles set out in this Policy.
Misuse or unauthorised access to Personal Data may be considered to be a breach of the legislation applicable within the European Union boundaries.
12.1 Contact the CLS Group’s DOP
You should not hesitate to contact our Data Protection Officer (DPO) if you have any queries or concerns about this Confidentiality Policy or any CLS Group practices, or if you are seeking to exercise one of your legal rights. You may contact us by email at email@example.com or by writing to us at the following postal address:
Collecte Localisation Satellites
Louis CONTE – Data Protection Officer
Parc Technologique du Canal
11 rue Hermès
12.2 Contact the Competent Authority for Data Protection
Notwithstanding the applicable legislation, you also have the right to (i) restrict the use by the CLS Group of other Information constituting Your Personal Data and to (ii) lodge a complaint to your local data protection authority or the Commission Nationale de l’Informatique et des Libertés, which is the main control authority for the CLS Group by clicking here or by writing to:
COMMISSION NATIONALE DE L’INFORMATIQUE ET DES LIBERTÉS
3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07
Tel.: +33 (0)1 53 73 22 22
(Monday to Thursday from 9:00am to 6:30pm / Friday from 9:00am to 6:00pm)
Fax: +33 (0)1 53 73 22 00
13. Changes to the confidentiality policy
The CLS Group may change this confidentiality policy from time to time. Laws, regulations and industry standards evolve, which can make such changes necessary. Equally, our activities may change. We will display such changes on this page and you are encouraged to consult our Personal Data Protection Policy to keep abreast of new developments. If we make any changes that may impact your rights or our policies significantly, the CLS Group shall inform you by email or through the Media. Should you not agree to the changes to this Personal Data Protection Policy, please contact us if you would like to ask us to delete Your Personal Data.