£299.90
Data Protection Policy
Data Protection Officer
Personal data on the Site is collected by CROSSCALL as data controller, in accordance with Regulation (EU) 2016/679 of the European Parliament and Council of April 27, 2016, applicable from May 25, 2018, and Law No. 2018-493 of June 20, 2018.
Data controller contact details
CROSSCALL SA
245 Paul Langevin Street
Les Milles business area
13290 Aix en Provence
SIRET: 518 706 890 00069
Representative: Mr. Cyril VIDAL in his capacity as president
Processing of Collected Personal Data
CROSSCALL may collect your personal data through this site for various purposes, namely:
1. Create your customer account and manage your orders
| Purpose of collection | Purposes | Data collected | Legal basis | Retention period |
|---|---|---|---|---|
| Customer account creation | Necessary data is collected for account creation | Mandatory: Last name, first name, date of birth, title, and email address / optional: address, mobile phone number, professional status, sports practiced, children | Consent | Until consent withdrawal |
| Order management | Necessary data is collected for processing and tracking your orders on the website | Account creation data Credit card number, cardholder name, security code |
Contract execution | Payment by credit card: 540 days from the transaction date (by partner Ogone Worldline) Payment by PayPal: Personal data used in the ongoing relationship between you and PayPal is stored for the entire duration of the relationship plus a period of 10 years Commercial documents retained for 10 years from the last contact |
| Management of payment in multiple installments | Necessary data is collected to ensure your creditworthiness and authorize payment in multiple installments | Last name, first name, address, date and place of birth, credit card number, cardholder name, security code, etc. | Legitimate interest | ONEY: If payment accepted, for the entire duration of the loan + 5 years for evidence in case of dispute / 6 months if payment refused |
| Withdrawal management | Necessary data is collected to process your withdrawal requests for products purchased online and to inform you about this process | Last name, first name, address, email, phone number, product reference and model | Contract execution | Commercial documents retained for 10 years from the last contact |
| Claims/litigation management | Necessary data is collected to process your claims | Last name, first name, address, email, phone number, IMEI, and purchase date | Contract execution / legitimate interest | In case of litigation, data is retained for the duration of the contract plus the limitation period |
2. Respond to your requests
| Purpose of collection | Purposes | Data collected | Legal basis | Retention period |
|---|---|---|---|---|
| Manage the contact form | The necessary data is collected to respond to internet users' requests (obtain information about their order, invoice, or referral), allow people to chat with a CROSSCALL employee, make Partnership / Ambassador requests, and receive CROSSCALL news upon consent. | Name, First name, email, message For partnership / ambassador requests, discipline and profession are also collected |
Legitimate interest | Until the request is processed |
| Manage quote requests | The necessary data is collected to respond to quote requests and send promotional offers if you have consented. | Mandatory: Last name, first name, phone number, email, country, company name, position, desired product and volume, project description | Consent | 3 years following your last contact / until commercial information is unsubscribed |
| Manage rights exercise requests | The necessary data is collected to process the rights exercise request submitted via the dedicated form | Mandatory: Nature of the request, email, name, account or order number Identity document in the context of an access rights request |
Legal obligation | Identity document if requested: Deleted immediately after verification 1 year in active database and 5 years in intermediate database before deletion |
| Manage requests made via the chatbot | Improve service quality Ensure personalized service by consulting the conversation history |
Conversations (content of exchanges, number of conversations, duration, date) Visitor's IP address (for evidence purposes in case of dispute) Data is provided directly by the visitor (for example identity, email, phone number) |
Consent | Data is retained for the time needed to provide a response and for a maximum duration of 1 year |
3. Process your requests with customer service
| Purpose of collection | Purposes | Data collected | Legal basis | Retention period |
|---|---|---|---|---|
| Manage requests made by phone | The necessary data is collected to contact you and process your request | Mandatory: Last name, first name, address, email, and phone number, IMEI, purchase invoice | Consent | Data is retained for the time needed to provide a response and for a maximum duration of 2 years |
| Manage support requests within the after-sales service for repair | The necessary data is collected for product support, to contact you, and to return the repaired product | Mandatory: Name, address, email, and phone number, IMEI, purchase invoice | Warranty contract / Legitimate interest | Time to process your request + 2 years / 2 years after the end of warranty if device is under warranty |
| Manage customer service requests made via the chatbot | Respond to requests related to product after-sales service (SAV) | Conversations (content of exchanges, number of conversations, duration, date) Visitor's IP address (for evidence purposes in case of dispute) Data is provided directly by the visitor (for example identity, email, phone number) |
Consent | Data is kept as long as needed to provide a response and for a maximum of 5 years |
4. Manage recruitment
| Purpose of collection | Purposes | Data collected | Legal basis | Retention period |
|---|---|---|---|---|
| Application management | The necessary data is collected to process online or mail applications | Name, first name, email CV data: address, phone number, age, gender, family status, education, and professional experience | Legitimate interest | 2 years from receipt of your CV |
5. To offer you promotional offers and contests
| Purpose of collection | Purposes | Data collected | Legal basis | Retention period |
|---|---|---|---|---|
| Newsletter management | The necessary data is collected to send personalized promotional emails, promotional offers including one specific to the birthday date | Newsletters: Name, email address / promotional offers: Name, email address, and date of birth | Consent | Data deleted upon unsubscription or 3 years after last contact |
| Contest management | The necessary data is collected for organizing events and sending won prizes | Name, First name, email address, phone number, and postal address (depending on the contest purpose) | Consent | Data deletion 2 months after prize delivery If consent to the newsletter: until unsubscription |
| Management of reimbursement offers | The necessary data is collected to reimburse you and send newsletters based on your consent | Name, email address, phone number, and postal address (depending on the contest purpose) | Consent | Data deletion within a maximum of 3 years after the end of the contract / until newsletter unsubscription if consent to the newsletter |
6. To allow us to improve our products and services
| Purpose of collection | Purposes | Data collected | Legal basis | Retention period |
|---|---|---|---|---|
| Opinion survey management | The necessary data is collected to understand your use of our products | Name, email address, phone number, company name, and profession | Consent | Deletion after processing the survey results / If consent to be contacted, data deleted upon unsubscription |
| User experience management | The necessary data is collected to gather your user experience feedback on products in order to improve them / contact you for clarifications on your responses | Gender, First name, email address, country | Consent | 2 years then anonymization |
| Participation in the community of innovators | The necessary data is collected to manage registrations and recruitment for the community of innovators, conduct market, satisfaction, needs, and usage studies | Last name, first name, email, date of birth, city, country, Children Y/N, Sports practiced, frequency, Other possible and non-mandatory: apartment/house, type of car (and desired), desired clothing brand, Professional category, working hours, work environment, Income bracket | Consent then contract execution / Legitimate interest | Until unsubscription |
RECIPIENTS
The recipients of this data are:
- The provider supplying the Customer Relationship Management (CRM) system and the Marketing Cloud system;
- The provider supplying the online questionnaire deployment tool;
- The provider implementing online payment solutions;
- Provider responsible for order delivery;
- Repair centers;
- The provider supplying the application management solution;
- The external DPO of CROSSCALL in the context of a rights request.
TRANSFER TO THIRD PARTIES AND OUTSIDE THE EUROPEAN UNION
Your personal data is preferably processed within the European Union.
Within the scope of the aforementioned purposes, some of your personal data may nevertheless be transferred to third-party entities established in countries outside the European Union (e.g., subcontractors of the company involved in the aforementioned processing, ...).
Some of these recipients of your personal data are considered to provide a sufficient level of personal data protection because they are established in a country whose personal data protection regulations have been recognized as providing an adequate level of protection for said data (see European Commission adequacy decisions)
Furthermore, if the country of the entity receiving your personal data does not offer an adequate level of protection for said data, we ensure that appropriate security and confidentiality measures are taken to guarantee the continued protection of your data.
Also, in these cases, you are informed that the transfers of your personal data to other entities outside the European Union are governed by the implementation of appropriate safeguards such as the conclusion, with the recipients of this data, of contractual clauses in accordance with the recommendations of the European Commission, allowing us to ensure that appropriate safeguards are taken regarding the protection of said data.
We also inform you that transfers of personal data outside the European Union are lawful if (i) the transfer is necessary for the performance of a contract between the data subject and the Data Controller or for the implementation of pre-contractual measures taken at the data subject's request, if (ii) the transfer is necessary for the conclusion or performance of a contract concluded in the interest of the data subject between the Data Controller and another natural or legal person, or if (iii) the data subject has given explicit consent to the proposed transfer after being informed of the risks it may pose due to the absence of an adequacy decision and appropriate safeguards.
CROSSCALL may be required to transmit personal data to competent services and authorities in the context of information requests or administrative or judicial decisions.
DATA SECURITY
CROSSCALL ensures the security of your personal data hosted on its servers. The company strives to take the necessary technical and organizational security measures to guarantee the integrity, confidentiality, and availability of your data.
CROSSCALL employees who have access to users' personal data due to their role commit to the highest level of confidentiality in this regard.
The CROSSCALL website uses the TLS encryption protocol to ensure the confidentiality and integrity of your data transmitted via the site and also to ensure client-server authentication.
You can view our security certificate, issued by a third party, by clicking on the padlock icon in your browser's address bar.
INDIVIDUAL RIGHTS AND HOW TO EXERCISE THEM
In accordance with Law No. 78-17 of January 6, 1978, relating to Information Technology, Files and Freedoms (articles 38, 39, 40), and the General Data Protection Regulation, you have various rights regarding the use of your personal data. These rights are as follows:
- Access: Exercising the right of access allows the User to verify the accuracy of the data and, if necessary, have it corrected or deleted;
- Correction: Exercising the right to modification allows the User to update their data;
- Portability: Exercising the right to data portability allows the User to transfer their data to a third party of their choice;
- Deletion: Exercising the right to deletion allows the User to obtain the deletion of their data;
- Objection: Exercising the right to object allows the User to oppose the use of their data for a specific purpose;
- Restriction: Exercising the right to restriction allows the User to request an organization to temporarily freeze the use of some of their data.
These rights can be exercised with the data protection officer of CROSSCALL by filling out the form available on the following page: Personal Data Management
Note that CROSSCALL also offers you the possibility to modify your personal information and withdraw your consent to commercial and promotional offers directly from your customer account. It is also possible to unsubscribe from any communication by clicking the unsubscribe link at the end of received emails.
If you believe, after contacting the data controller or the data protection officer of CROSSCALL, that your data protection rights are not respected, you can file an online complaint with the National Commission on Informatics and Liberty (CNIL) or by postal mail at 3 place de Fontenoy – TSA 80715 – 75334 Paris Cedex 07
ABOUT COOKIES
This site uses cookies for proper site operation and user experience: normal site navigation, video playback, content sharing on social networks, page audience measurement. Strictly necessary cookies are those related to site operation.
This site also uses analytics cookies to improve site functionality. All data collected by these cookies is anonymous.
Advertising cookies are used to display ads tailored to users' interests and to measure the effectiveness of advertising campaigns.
See the cookie policy to learn more.
PRIVACY POLICY UPDATE
CROSSCALL may modify this privacy policy. We therefore invite you to consult it regularly to be aware of its latest version.