£77.99
Data protection policy
Personal Data Controller
Personal data on the Website is collected by CROSSCALL in its capacity as data controller, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 applicable as of May 25, 2018 and Law n°2018-493 of June 20, 2018.
Data controller details
CROSSCALL SA
245 rue Paul Langevin
Zone d'activité des Milles
13290 Aix en Provence
: 518 706 890 00069
Representative: Mr Cyril VIDAL in his capacity as President
Treatment of Personal Data Collected
CROSSCALL is likely to collect your personal data. We collect personal data through this site for the following purposes:
1. to create your customer account and manage your orders
| Purpose of collection | Purpose | Data collected | Legal basis | Retention period |
|---|---|---|---|---|
| Customer account creation | The following data is collected to create an account | Mandatory: surname, first name, date of birth, title and e-mail address / optional: address, cell phone number, professional status, sports practiced, children. | Consent | Until consent is withdrawn |
| Order management | The following data is collected to process and track your orders on the website | Account creation data Credit card number, cardholder's name, cryptogram | Contract execution | Payment by credit card: 540 days from transaction date (by partner Ogone Worldline) Payment by PayPal: Personal data used as part of the ongoing relationship between you and PayPal is stored for the duration of the relationship, plus a period of 10 years Commercial documents stored 10 years from last contact |
| Management of payment in instalments | The following data is collected to ensure your solvency and authorize payment in instalments | Surname, first name, address, date and place of birth, credit card number, cardholder's name, cryptogram, etc. | Legitimate interest | ONEY: If payment is accepted, for the entire duration of the loan + 5 years as evidence in the event of dispute / 6 months if payment is refused. |
| Cancellation management | The following data is collected in order to process your retraction requests for products purchased on the web and to inform you about this process | Surname, first name, address, e-mail address, telephone number, product reference and model. | Contract execution | Commercial documents kept for 10 years from last contact |
| Claims/litigation management | The following data is collected to process your complaints | Surname, first name, address, e-mail, telephone number, IMEI and date of purchase | Contract performance / legitimate interest | In the event of litigation, data is kept for the duration of the contract plus the statute of limitations. |
2. To respond to your requests
| Purpose of collection | Purposes | Data collected | Legal basis | Retention period |
|---|---|---|---|---|
| Contact form management | Necessary data is collected in order to respond to Internet users' requests (to obtain information about their order, invoice or sponsorship), to enable people to communicate by chat with a CROSSCALL employee, to make Partnership / Ambassador requests and to receive CROSSCALL news by consent. | Last name, First name, e-mail, message For partnership/ambassador requests, discipline and profession are also collected. | Legitimate interest | Until request is processed |
| Management of quotation requests | Necessary data is collected to respond to quotation requests. and forward promotional offers if you have given your consent. | Mandatory: Last name, first name, telephone number, e-mail, country, company name, job title, desired product and volume, project description | Consent | 3 years after your last contact / until you unsubscribe from commercial information |
| Management of requests to exercise rights | The necessary data is collected to process the request for exercising a right formulated via the dedicated form. | Mandatory: Nature of request, e-mail, name, account or order number Identification in the case of a request for access rights | Legal obligation | Identity document if requested: deleted immediately after verification 1 year in active database and 5 years in intermediate database before deletion |
3. To process your customer service requests
| Purpose of collection | Purpose | Data collected | Legal basis | Retention period |
|---|---|---|---|---|
| Management of telephone requests | The necessary data is collected to contact you and process your request. | Mandatory: Last name, first name, address, e-mail and telephone number, IMEI, purchase invoice. | Consent | Data is kept for as long as it takes to provide a response, and for a maximum of 2 years. |
| Management of after-sales service requests for repairs | Necessary data is collected to take charge of the product, contact you and return the repaired product. | Mandatory: Name, address, e-mail and telephone number, IMEI, purchase invoice | Warranty contract / Legitimate interest | Time to process your request + 2 years / 2 years after end of warranty if device under warranty |
4. to manage recruitment
| Purpose of collection | Purpose | Data collected | Legal basis | Retention period |
|---|---|---|---|---|
| Application management | The following data is collected to process online or postal applications | Surname, first name, e-mail CV data: address, telephone number, age, gender, marital status, education and professional experience | Legitimate interest | 2 years from receipt of your CV |
5. To provide you with promotional offers and competitions
| Purpose of collection | Purpose | Data collected | Legal basis | Retention period |
|---|---|---|---|---|
| Newsletter management | Necessary data is collected to send personalized promotional e-mails and offers, including one specific to the anniversary date. | Newsletters: Name, e-mail address / promotional offers: Name, e-mail address and date of birth | Consent | Data deleted on unsubscription or 3 years after last contact |
| Management of competitions | Necessary data are collected for the realization of animations and the sending of the won prizes | Name, First name, e-mail address, telephone number and postal address (according to the object of the competition) | Consent | Deletion of data 2 months after delivery of prizes If consent to newsletter: until unsubscribed |
| Management of refund offers | The following data is collected in order to reimburse you and send newsletters based on your consent | Name, e-mail address, telephone number and postal address (depending on the purpose of the competition) | Consent | Deletion of data within a maximum of 3 years after the end of the contract / until unsubscription from the newsletter if consent to the newsletter has been obtained |
6. To enable us to improve our products and services
| Purpose of data collection | Purposes | Data collected | Legal basis | Retention period |
|---|---|---|---|---|
| Management of opinion surveys | The following data is collected in order to understand your use of our products | Name, e-mail address and telephone number, company name and profession | Consent | Deletion after processing of survey results / If consent to be recontacted, data deleted on unsubscription |
| User experience management | The necessary data is collected to gather feedback on user experience of our products in order to develop them further / to contact you again for further information on your answers. | Gender, First name, e-mail address, country | Consent | 2 years then anonymized |
| Participation in the community of innovators | The necessary data is collected to manage registration and recruitment to the community of innovators, and to carry out market, satisfaction, needs and usage studies. | Last name, first name, e-mail address, date of birth, city, country, children Y/N, sports practiced, frequency, other possible and non-mandatory information: apartment/house, type of car (and desired), desired brand of clothing, professional category, working hours, working environment, income bracket. | Consent then contract performance / Legitimate interest | Until unsubscribed |
RECIPIENTS
The recipients of this data are :
- The provider of the Customer Relationship Management (CRM) and Marketing Cloud systems;
- The provider of the online questionnaire deployment tool;
- The provider of online payment solutions;
- Service provider in charge of order delivery;
- Repair centers;
- The service provider providing the application management solut--ion;
- CROSSCALL's external DPD/DPO in the event of a legal claim.
TRANSFERS TO THIRD PARTIES AND OUTSIDE THE EUROPEAN UNION
Your personal data is preferably processed within the European Union.
In the context of the above-mentioned purposes, some of your personal data may however be transferred to third parties established in countries outside the European Union (e.g. the company's subcontractors involved in the above-mentioned processing operations, etc.).
Some of these entities receiving your personal data are considered to ensure a sufficient level of protection of personal data because they are established in a country whose regulations on the protection of personal data have been recognized as ensuring an adequate level of protection of said data (see European Commission adequacy decisions)
In addition, if the country of the entity receiving your personal data does not offer an adequate level of protection for said data, we ensure that appropriate security and confidentiality measures are taken to guarantee the continued protection of your data.
In such cases, you are informed that transfers of your personal data to other entities outside the European Union are subject to the implementation of appropriate safeguards, such as the conclusion of contractual clauses with the recipients of such data, in accordance with the recommendations of the European Commission, to ensure that appropriate safeguards are taken to protect such data.
We also inform you that transfers of personal data outside the European Union are lawful if (i) the transfer is necessary for the performance of a contract between the data subject and the Data Controller or for the implementation of pre-contractual measures taken at the request of the data subject, if (ii) the transfer is necessary for the conclusion or performance of a contract concluded in the interests of the Data Subject between the Data Controller and another natural or legal person, or if (iii) the Data Subject has given his or her explicit consent to the intended transfer, after having been informed of the risks that this transfer could entail for him or her due to the lack of an adequacy decision and appropriate safeguards.
CROSSCALL may be required to transmit personal data to the competent services and authorities in the context of requests for information or administrative or judicial decisions.
DATA SECURITY
CROSSCALL is committed to ensuring the security of your personal data hosted on its servers. The company is committed to taking the necessary technical and organizational security measures to guarantee the integrity, confidentiality and availability of your data.
CROSSCALL employees who have access to the personal data of users of the Site by virtue of their position are committed to the utmost confidentiality in this respect.
The CROSSCALL website uses the TLS encryption protocol to ensure the confidentiality and integrity of your data transmitted via the site, as well as client-server authentication.
You can consult our security certificate, issued by a third party, by clicking on the padlock icon in the address bar of your browser.
PERSONAL RIGHTS AND MEANS OF ENFORCEMENT
In accordance with the French Data Protection Act no. 78-17 of January 6, 1978 (articles 38, 39, 40), and with the General Data Protection Regulations, you have various rights with regard to the use made of your personal data. These rights are as follows:
- Access: Exercising the right of access enables the User to check the accuracy of the data and, if necessary, to have it rectified or deleted;
- Rectification: Exercising the right of modification enables the User to update his or her data;
- Portability: Exercising the right to portability of data enables the User to transmit it to a third party of his or her choice;
- La deletion: Exercising the right to deletion enables the User to have his/her data deleted;
- opposition: Exercising the right to opposition enables the User to oppose the use of his/her data for a specific purpose;
- limitation: Exercising the right to limitation enables the User to ask an organization to temporarily freeze the use of some of his/her data.
These rights may be exercised by contacting CROSSCALL's Data Protection Officer by completing the form available on the following page: Personal data management
Please note that CROSSCALL also offers you the possibility of modifying your personal information and withdrawing your consent to commercial and promotional offers directly from your customer account. You can also unsubscribe from all communications by clicking on the unsubscribe link at the end of any e-mail you receive.
If, after contacting the data controller or CROSSCALL's data protection officer, you feel that your data protection rights have not been respected, you may submit a complaint online to Commission nationale de l'informatique et des libertés (CNIL) or by post to 3 place de Fontenoy - TSA 80715 - 75334 Paris Cedex 07
ABOUT COOKIES
This site uses cookies to ensure the smooth operation of the site and the user experience: normal site navigation, video playback, content sharing on social networks, page audience measurement. Strictly necessary cookies are those linked to site operation.
This site also uses analysis cookies to improve site functionality. All data collected by these cookies is anonymous.
Advertising cookies are used to display ads tailored to users' interests and to measure the effectiveness of advertising campaigns.
See the cookies policy.
MODIFICATION OF THE PRIVACY POLICY
CROSSCALL may modify the present privacy policy from time to time. We therefore invite you to consult it regularly in order to be aware of its latest version.