Introduction
The Kersia* group attaches great importance to your privacy and to the manner in which your personal data is handled. For this reason, we would like to share with you the way we collect and process these data, by this personal data protection policy (hereafter « Policy »).
This Policy also contains important information about your rights in relation with the processing of your personal data. We therefore encourage you to read this Policy carefully and to keep it for reference.
Please note that you have to read this Policy together with any fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Policy supplements the other notices and is not intended to override them.
This Policy is an integral part of our approach to CSR (Corporate Social Responsibility) raised by the group internationally.
This Policy can be modified, added to, or updated to remain compliant with legislation or regulations or due to a change in our activity. The most recent version of this Policy is available at the following link http://gdpr.customer.kersia-group.comor on our website https://www.kersia-group.com/.However, it is possible for you to be inform directly by email in case of major change.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
| * Complete list of Kersia group companies at the following link: http://subsidiaries.kersia-group.com |
Reason for collecting data
We collect some of your personal data as a customer or supplier of our company. In that sense, the processing of your personal data is justified by the performance of a contract, a legal or regulatory obligation or by the legitimate interests pursued by the controller, that is to say, the company of the Kersia group with whom you are in relation.
Data collected
We collect personal data about you:
- either directly from you,
- or from other sources such as your colleagues or employees, or other third parties involved in the relationship,
- or through cookies.
The data we collect is limited to what is required as part of our commercial relationship. These can notably be the following types of data:
- identity: Name, first name, email address, postal address, telephone number, vehicules numberplate, ID card or passport, photographie etc. Furthermore, some of our plants are equipped with a video surveillance system, whose records, conserved during 30 days, could give us access to your image and/or vehicules numberplate.
- in relation with your professional identity: Professional status, position, qualifications;
- connection data (customer account, e-learning).
You are free to provide or refuse to provide all or part of your personal data or to refuse its communication. No personal data is collected unless you have freely agreed to provide it, there is a legal or regulatory obligation or without a legitimate interest for us such as the proper performance of services or commitments to you. However, refusal to provide this data or opposition to their disclosure could prevent the fulfillment of the purposed describe below.
Purpose of collection
We use your personal data, in a general manner, to perform the contract to which you or your company is party, and so including the following purposes:
- For the management of our commercial / supplier relationship;
- To establish offers, perform and follow-up your orders, manage your claims and, as the case may be, pay you certain amounts that might be due;
- To organize any assignment of claim/factoring or any other transaction related to your billing;
- To keep you informed of any changes in our group, subsidiaries, products or activities;
- To organize training courses adapted to your employees;
- To conduct satisfaction investigations;
- To maintain your customer account accessible through our Internet site;
- To organise seminars / meetings;
- To comply with our legal obligations, accounting and tax;
- To manage prospect files;
- To Ensure safety and security of the premises and goods of Kersia group companies.
Conservation
Your personal data are stored in our databases and servers. We intend to retain your personal data in the most secure way possible, to complete transactions as intended under the defined purpose, for the duration of the process or within the legal duration. With this intention, we take all appropriate and reasonable physical, technical, and organizational precautions to prevent alteration to, loss of or unauthorized access to your data.
Recipient of data and transfer
Considering the data purposes as listed above, your personal data is likely to be communicated to the data controller‘s departments or to directly or indirectly owned subsidiaries, and external persons such as a carrier, partner, or distributor for of the performance of our services. Your personal data can also be accessible to our technical providers called “Processor” (it means all natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller), for the strict necessity of their mission.
Due to the international nature of our group, we would like to inform you that the personal data that we collect is likely to be transferred outside of your territory but always within the purpose outlined above.
We implement as necessary, an adequate level of security to guarantee the security of your personal data.
To this end, we have put in place contractual guarantees with our sub-contractors or our external partners and standard contractual clauses with all the group’s subsidiaries.
By communicating us your personal data, you agree to these transfers.
Data Security
We implement appropriate technical and organizational security measures to protect the personal data you transmit to us from destruction, loss, alteration, disclosure or unauthorized access. These include access controls, firewalls, secure servers, authorization management, data encryption and anonymization of data.
Use of cookies
We use cookies to optimize your visit to our Internet site.
A cookie is a small and temporary text file created on your workstation which saves certain Internet parameters. The file is downloaded by your web browser on your first visit to a website.
The information stored is intended to facilitate your access to services and sections of our Internet site.
Here is a table of the first party cookies we use on our websites:
| Purpose | Name | Function | Storage time | Performance/
essential |
| Preferences, features and services | Country | Choosing the default site language | 1 month | Essential |
| Cookie_notice_accepted
Cookieaccept |
Hiding the banner acceptance of cookies | Performance | ||
| PHPSESSID | Session ID | The time of the session | ||
We also use third party cookies to diffuse video on our website or to make statistics. If you want to know more, please visit the following links:
| Name | Link to cookie policy |
| Google Analytics | https://support.google.com/analytics/answer/6004245 |
| Youtube | https://www.youtube.com/ |
| Cybercite_tracking | https://www.cybercite.fr/ |
| https://fr-fr.facebook.com/policies/cookies/ |
You can accept or refuse cookies at any time, by modifying the settings of your web browser. Please consult the instructions of your web browser to determine how to update these settings.
Please note that if you delete a cookie or if you refuse the installation of cookies, certain functionality on the website will not be available.
Data Protection Officer
The appointment of a DPO is not mandatory in each country, thus where the appointment of a DPO is not mandatory, no DPO was appointed but the compliance with the personal data regulation is ensured by the Group Legal Manager.
A DPO was appointed where the appointment of a DPO is mandatory.
In Germany, for Kersia Deutschland :
Mr Martin Kuschke
IT Consulting
PCK IT Solutions GmbH
Edisonstraße 1
87437 Kempten
In Brasil, for Hypred Brasil and JPB :
Ms. Miriam Laier
HR Manager
Hypred Brasil
Rua Eugenia Mello de Oliveira Kirshheim, n°251
Bom pastor, CEP 95905-684 Lajeado – Estado do Rio grande do sul
Notification of contravention of personal data regulations
We commit to notifying the advisory authority within seventy-two hours of detecting a case of breach of personal data regulations.
Right of access and modification of collected data
In accordance with current data protection regulations applicable to you, you may have the right to confirm and access, modify and correct, transfer, anonymize, block, delete, refuse the usage of and limit the processing of your personal data for legitimate reasons, request the portability, request information on the public and private entities with which we shared the data and obtain information on the possibility of not giving your consent and on the consequences of refusal, as well as the right to withdraw your consent, when applicable. In order to exercise your right, please address your request to us by using the following link: http://gdpr.kersia-group.com
Right to complain
If you have a complaint about our use of your information, we would prefer you to contact us directly in the first instance so that we can address your complaint.
However, we inform you that you have the right to lodge a complaint with the relevant supervisory authority.
Any Question? Please contact us by using the link http://gdpr.kersia-group.com